Mullvad already published a blog post a day after stating they reviewed the vulnerability, and it was closed up during their process of fixing a different vulnerability. mullvad.net/…/evaluating-the-impact-of-tunnelvisi…
That we haven’t heard anything from proton regarding this vulnerability is not a good sign. Article came out on May 6th and proton has only published basic privacy guides.