Yes and no. A lot depends on your setup, but a few statements msy help.

Provided the server where 142.250.184.206 (ill call it VPN box) and it would take an extremely targetted attack compromising your devices another way to force the traffic through the vpn box if it has not been set up someone on the LAN - to the extent your network is so compromised that access via the vpn makes almost no difference.

If the VPN box is compromised it can be used to access, subvert and reroute your traffic. While it is quite practical to secure this box (indeed this is fairly analogous to most soho routers) because the box has a world accessible IP on it it is a target. At a minimum you want a strong firewall on it, both for services on the box and traffic being forwarded through the box.

Yes and no. A lot depends on your setup, but a few statements may help.

Provided the server where 142.250.184.206 (ill call it VPN box) and it would take an extremely targetted attack compromising your devices another way to force the traffic through the vpn box if it has not been set up someone on the LAN - to the extent your network is so compromised that access via the vpn makes almost no difference.

If the VPN box is compromised it can be used to access, subvert and reroute your traffic. While it is quite practical to secure this box (indeed this is fairly analogous to most soho routers) because the box has a world accessible IP on it it is a target. At a minimum you want a strong firewall on it, both for services on the box and traffic being forwarded through the box.