Theoretically yes, but the issue isn’t exactly new. From a practical standpoint there are a bunch of limitations or specific information required to actually make this useful for an attack.
e.g. this is not useful for destination IPs that are only reachable through the VPN (e.g. RFC 1918 private networks), or where firewalling restricts access due to the source coming directly over the internet and not via VPN. And the routing you inject has to be more specific than the routing provided by the VPN client.
Successful interception/monitoring of traffic will be limited to destinations that the client can also reach without a VPN (so your likely targets will probably be people using VPN to mask what they are doing from their ISP?). And now much you can infer or manipulate that traffic depends on the protocol.