VYPR

VPN

by Mozilla Corporation

Source repositories

CVEs (3)

  • CVE-2025-5687HigJun 11, 2025
    risk 0.44cvss 7.8epss 0.00

    A vulnerability in Mozilla VPN on macOS allows privilege escalation from a normal user to root. *This bug only affects Mozilla VPN on macOS. Other operating systems are unaffected.*. This vulnerability was fixed in Mozilla VPN 2.28.0 (macOS).

  • CVE-2023-22319Jul 6, 2023
    risk 0.00cvss epss 0.01

    A sql injection vulnerability exists in the requestHandlers.js LoginAuth functionality of Milesight VPN v2.0.2. A specially-crafted network request can lead to authentication bypass. An attacker can send a malicious packet to trigger this vulnerability.

  • CVE-2022-0517Dec 22, 2022
    risk 0.00cvss epss 0.00

    Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.