Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 6:29 p.m.7 views

CVE-2025-15032

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS6.7AI score0.00237EPSS
Exploits0References1
NVD
NVD
added 2026/01/16 7:16 p.m.11 views

CVE-2025-15032

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS0.00237EPSS
Exploits0References1
CVE
CVE
added 2026/01/16 6:11 p.m.13 views

CVE-2025-15032

Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...

7.4CVSS6.3AI score0.00237EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/16 6:11 p.m.4 views

CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...

7.4CVSS6.3AI score0.00237EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.7 views

PT-2026-3271

Name of the Vulnerable Software and Affected Versions Dia versions prior to 1.9.0 Description A flaw exists in Dia that, on macOS, could allow an attacker to spoof a trusted domain in the window title of custom-sized new windows. This could mislead users about the current site due to a missing...

7.4CVSS6.2AI score0.00237EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/16 12:0 a.m.4 views

Dia security vulnerabilities

Dia is an AI-driven smart browser developed by Dia Company. Versions of Dia prior to 1.9.0 contained a security vulnerability. This vulnerability stemmed from the absence of the about:blank indicator in new windows with custom sizes, which could allow attackers to deceive trusted domains and...

7.4CVSS5.8AI score0.00237EPSS
Exploits0References1
Rows per page
Query Builder