Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved user interface. This issue has been fixed in Safari 18.6, iOS 18.6, and iPadOS 18.6. Visiting a malicious website may result in address bar spoofing...

Astra Linux – Vulnerability in WebKit2GTK

There was an issue with URL handling that caused spoofing. This issue has been addressed through improved input validation. This issue is fixed in iOS 16.2, iPadOS 16.2, macOS Ventura 13.1, and Safari 16.2. Visiting a malicious website may result in address bar spoofing...

Astra Linux – Vulnerability in Firefox

The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox 115...

Astra Linux – Vulnerability in WebKit2GTK

A inconsistent user interface issue has been resolved through improved state management. This issue is fixed in iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, Safari 17.1, and macOS Sonoma 14.1. Visiting a malicious website may result in address bar spoofing...

Astra Linux – Vulnerability in WebKit2GTK

There was an issue with URL handling that caused spoofing. This issue has been addressed through improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may result in address bar spoofing...

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved through improved user interface. This issue has been fixed in Safari 18 and macOS Sequoia 15. Visiting a malicious website may result in address bar spoofing...

CVE-2026-12348

Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...

CVE-2026-12348

CVE-2026-12348 concerns Arc Search for Android. The entry describes an address bar spoofing flaw caused by a window.open race condition, enabling a remote attacker to render attacker-controlled content while displaying a trusted domain in the address bar (phishing risk). The CVSSv3.1 vector is pr...

PT-2026-49836

Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...

CVE-2026-44659

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

CVE-2026-44659

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

CVE-2026-44659 Zen Browser Mac - Address Bar Spoofing via Long Subdomain

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

CVE-2026-44659 Zen Browser Mac - Address Bar Spoofing via Long Subdomain

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

CVE-2026-5906

Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

CVE-2026-5906

Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

CVE-2026-2378

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2026-2378 Address bar spoofing risk in ArcSearch on Android

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2026-2378 Address bar spoofing risk in ArcSearch on Android

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2026-2378

ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content...

CVE-2026-2378

ArcSearch for Android versions prior to 1.12.7 is affected by an address bar spoofing issue. The browser could display a different domain in the address bar than the actual content after user interaction with crafted web content. Affected product: ArcSearch on Android, versions