Browse all 3 CVE security advisories affecting Windscribe. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Windscribe operates as a VPN service providing privacy and security for internet users. Historically, its vulnerabilities have included cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from improper input validation and insecure API endpoints. The service has faced three recorded CVEs, with one notable incident involving a privilege escalation vulnerability that could allow unauthorized access to user accounts. Despite these issues, Windscribe maintains features like a kill switch and DNS leak protection, though users should remain vigilant about potential security risks associated with third-party dependencies and server-side configurations.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-65199 | Windscribe for Linux 'changeMTU' local privilege escalation — Windscribe for Linux Desktop AppCWE-78 | 7.8 | High | 2025-12-10 |
This page lists every published CVE security advisory associated with Windscribe. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.