WireGuard has been extensively audited many times for the past 4-5 years, including several formal proofs[1]. I would argue no other VPN has been as thoroughly audited (not to mention that the codebase size means that an entire-codebase audit is actually possible). That doesn't mean it's perfect (and it has had bugs), but it's definitely exceptionally well designed and written code.
In addition, the crypto design (beyond it being opinionated and thus no way to misconfigure into using the "null cipher") is arguably much more secure by design than other systems. For instance, WireGuard eliminates entire classes of vulnerabilities through careful protocol design while also adding fairly neat features (such as being impossible to port scan) -- the author explains this much more eloquently than I can[2].
In addition, the crypto design (beyond it being opinionated and thus no way to misconfigure into using the "null cipher") is arguably much more secure by design than other systems. For instance, WireGuard eliminates entire classes of vulnerabilities through careful protocol design while also adding fairly neat features (such as being impossible to port scan) -- the author explains this much more eloquently than I can[2].
[1]: https://www.wireguard.com/formal-verification/ [2]: https://www.youtube.com/watch?v=CejbCQ5wS7Q (about 23 minutes in)