DNS Leak Vulnerability in Google ChromeOS VPN
CVE-2025-1566
7.5HIGH
What is CVE-2025-1566?
A DNS leak vulnerability has been identified in the Native System VPN of Google ChromeOS. This issue affects the transition of DNS traffic during VPN changes, potentially allowing network observers to intercept plaintext DNS queries. Users may unknowingly expose their browsing activity, leading to privacy concerns. This vulnerability highlights the need for securing DNS traffic in VPN environments to maintain user confidentiality.
Affected Version(s)
ChromeOS 16002.23.0