Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-1566

DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

Published

2025-04-16T23:15:44.767

Last Modified

2025-07-08T18:08:30.527

Status

Analyzed

Source

7f6e188d-c52a-4a19-8674-3c3fa7d1fc7f

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-1319
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System google chrome_os 16002.23.0 Yes
References