CVE-2025-59691

CVE-2025-59691 is a low-severity vulnerability with a CVSS 3.x base score of 3.7. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-669.

Key facts

Description

PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0.

Frequently asked questions

What is CVE-2025-59691?
PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside the VPN tunnel upon network events such as Wi-Fi reconnect or system resume. In the CLI client, the VPN auto-reconnects and claims to be connected, but IPv6 traffic is no longer routed or blocked. In the GUI client, the IPv6 connection remains functional after disconnection until the user clicks Reconnect. In both cases, the real IPv6 address is exposed to external services, violating user privacy and defeating the advertised IPv6 leak protection. This affects CLI 2.0.1 and GUI 2.10.0.
How severe is CVE-2025-59691?
CVE-2025-59691 has a CVSS 3.x base score of 3.7, rated low severity. It is exploitable over network with high attack complexity, requires no privileges and no user interaction. Impact on confidentiality is low, integrity none, and availability none.
Is CVE-2025-59691 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (10th percentile), an estimate of the probability of exploitation in the next 30 days.
How do I fix CVE-2025-59691?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
Does CVE-2025-59691 have an EU (EUVD) identifier?
Yes. CVE-2025-59691 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2025-30222.
When was CVE-2025-59691 published?
CVE-2025-59691 was published on 2025-09-18 and last updated on 2026-06-17.

References

Other CWE-669 vulnerabilities

Browse all CWE-669 vulnerabilities →