mDNS Flooding: Implementing mDNS candidate generation could theoretically facilitate local network scanning or flooding. Implementations should rate-limit mDNS registration and queries.
Reflexive Candidate Disclosure: Even with mDNS, server reflexive candidates (STUN) reveal the user's public IP. This is unavoidable for direct internet connectivity unless a VPN or TURN relay is used.
VPN Leaks: Users on VPNs generally expect their traffic to be tunneled. WebRTC implementations must respect the OS routing table. Default route binding ensures that if the default route is the VPN, WebRTC traffic goes through the VPN, preventing "leakage" of the underlying ISP IP.