Skip to content
CUNICULA

WebRTC Leak

A privacy failure where browser WebRTC features expose your real IP address to websites or apps even when you are using a VPN.

WebRTC’s connection setup gathers candidate addresses, and scripts can read them, exposing a real address to a page even while a VPN carries the traffic. The leak is a browser behavior, not a tunnel failure.

Mitigations are browser-side: disabling WebRTC where acceptable, extensions or settings that restrict candidate gathering, and VPN clients that filter the traffic. Leak-test pages confirm the actual behavior per browser.

Related reading

All glossary terms →