6 matches found
CVE-2026-12348
Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...
CVE-2026-12348
CVE-2026-12348 concerns Arc Search for Android. The entry describes an address bar spoofing flaw caused by a window.open race condition, enabling a remote attacker to render attacker-controlled content while displaying a trusted domain in the address bar (phishing risk). The CVSSv3.1 vector is pr...
PT-2026-49836
Address bar spoofing in Arc Search for Android allows a remote attacker to display a trusted domain in the address bar while rendering attacker-controlled content, enabling phishing...
CVE-2025-14812 Address bar spoofing risk in Arc Search on iOS
ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk...
CVE-2025-14812 Address bar spoofing risk in Arc Search on iOS
ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk...
CVE-2025-14812
CVE-2025-14812 affects ArcSearch for iOS (Browser Company) prior to version 1.45.2. Affected behavior: after iframe-triggered URI-scheme navigation, the address bar may display a different domain than the content being shown, enabling spoofing risk. Root cause (as described in connected sources):...