VYPR
Vendor

Protonvpn

Products
2
CVEs
4
Across products
5
Status
Private

Products

2

Recent CVEs

4
  • CVE-2018-10169CriApr 16, 2018
    risk 0.64cvss 9.8epss 0.03

    ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The…

  • CVE-2018-4010HigSep 7, 2018
    risk 0.51cvss 7.8epss 0.05

    An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1. A specially crafted configuration file can cause a privilege escalation, resulting in the ability to execute arbitrary commands with the system's privileges.

  • CVE-2022-50917Jan 13, 2026
    risk 0.00cvss epss 0.00

    ProtonVPN 1.26.0 contains an unquoted service path vulnerability in its WireGuard service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path by placing malicious executables in specific file system locations…

  • CVE-2024-37391Jul 22, 2024
    risk 0.00cvss epss 0.00

    ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss.