An interesting read from ProtonVPN. Basically, when an iOS VPN kicks in, it does not corral all existing threads/sockets/connections. I have seen this in other VPN contexts too. If you have a professional grade router, you should be able to monitor/log any new outgoing connection that is not destined for the VPN server.
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
Its one thing to have a bug, and quite another thing to ignore it for months.
https://protonvpn.com/blog/apple-ios-vulnerability-disclosure/
Its one thing to have a bug, and quite another thing to ignore it for months.