I am able to bypass the VPN by using firejail (which is a
sandbox program to run untrusted applications).
I'm not 100% clear on your setup .. Have you got a network namespace set up? If not, you haven't got much security anyway, I suspect. It turns out it's not too hard .. you're welcome to my hacky scripts if you're interested.
Not sure if firejail would still be able to escape a network namespace by default, but I'm sure it's possible to drop a capability somewhere or similar if it is.
S.