- A security researcher has found faults with two of the Purevpn Linux customers
- The affected applications can flee IPv6 traffic under certain circumstances and interfere with local firewall parameters
- Purevpn confirmed that the team is working to correct these faults in mid-October
A security researcher has found two problems with the Linux applications of Pure VPN – one affecting IPv6 traffic and the other system firewall.
Andreas, a Linux Greek expert that works under the name of Anagogistis, has discovered that the Gui V2.10.0 and CLI V2.0.1 versions of Purevpn Linux customers can flee IPv6 traffic outside the encrypted tunnel.
When connection with these two VPN Linux, Purevpn applications also interfere with local firewall parameters, which “can affect users who rely on persistent firewall rules for local security”, note Anagogistis in its report.
After the results reported had remained unanswered for more than three weeks, Friday September 19, 2025), Purevpn confirmed that the team worked to correct these faults by mid-October. The supplier also guarantees that no other platform (Windows, MacOS, Android, iOS) is affected.
The safety expert and the supplier suggest bypassing solutions to all PurevPN Linux users to the exit of the fix.
IPv6 Leak and fire errors of firewalls – which is at stake for purevpn users
For example, during the test, leaks occur after a network transition, such as the suspension or resumption of an Ethernet connection or the switching of Wi-Fi.
“As far as I know, there is no leak during normal sessions without network disruption,” writes Anagogistis.
When an IPv6 leak occurs, websites or messaging services could have access to the real locations of users and follow their activities – exactly what you are trying to prevent using the best VPN services.
The purevpn customer fled ipv6 on Linux! I submitted a detailed report to @purevpcom, but I received no response after more than 3 weeks. So I wrote a blog article today with demos and results to inform other users: https: //t.co/7t2xcuzx23September 17, 2025
These two Linux customers also have signs of firewall errors.
More specifically, once the application has connected, it replaces the existing iptable rules (which means the control lines that define how the Linux nucleus manages the data packets). However, when the user disconnects virtual private network software (VPN), the original device settings are not restored.
This leaves the system in a different firewall compared to its initial configuration. Something which, as Purevpn explains, “can leave the device with less protections than the user in place before connecting to the VPN.”
Purevpn Linux Applications have been tested and reproduced on Ubuntu 24.04.3 LTS with the nucleus 6.8 and the Iptable-Nft backend.
We have contacted Purevpn to find out more about the risk for users and what is happening behind these faults, but we are still waiting for an answer at the time of writing this document.
How to stay safe
Although the Purevpn team is working on the publication of a technical correction to these vulnerabilities, you should seriously consider taking active measures to protect your data.
Purevpn suggests that users must:
- Disable IPv6 manually at the system level.
- Réapplication firewall rules after the disconnection of purevpn.
- Use IPV4 connections only as much as possible until the correct customer is released.
Overall, Purevpn said: “Although this problem is limited to Linux customers, we recognize the gravity of IPv6 leaks and the manipulation of firewall. We move quickly to release a correction and strengthen our internal processes to ensure faster thanks and fixes in the future.”
