← Back

Protonvpn

protonvpn

Vendor: Proton • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-50917
1Proton
1Protonvpn
Mar 2, 2026
Jan 13, 2026
8.5 HIGH· v4
7.8 HIGH· v3
N/A· v2
ProtonVPN 1.26.0 contains an unquoted service path vulnerability in its WireGuard service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path by placin...Show more
ProtonVPN 1.26.0 contains an unquoted service path vulnerability in its WireGuard service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path by placing malicious executables in specific file system locations to gain elevated privileges during service startup.Show less
CVE-2024-37391
1Proton
1Protonvpn
Mar 13, 2025
Jul 22, 2024
N/A· v4
7.8 HIGH· v3
N/A· v2
ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant('{autopf}\Proton\Drive') + '"' in Setup/setup.iss.