249 matches found
CVE-2026-9642
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Windows-Exploit-Development-Lab
Metodología de Análisis de Vulnerabilidades y Explotación...
CVE-2025-15032
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032
Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...
CVE-2025-15032
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
Dia security vulnerabilities
Dia is an AI-driven smart browser developed by Dia Company. Versions of Dia prior to 1.9.0 contained a security vulnerability. This vulnerability stemmed from the absence of the about:blank indicator in new windows with custom sizes, which could allow attackers to deceive trusted domains and...
PT-2026-3271
Name of the Vulnerable Software and Affected Versions Dia versions prior to 1.9.0 Description A flaw exists in Dia that, on macOS, could allow an attacker to spoof a trusted domain in the window title of custom-sized new windows. This could mislead users about the current site due to a missing...
CVE-2025-13132
A flaw was found in dia. This vulnerability allows users to be misled about the current site via a malicious site rendering a fake user interface UI without a full-screen notification...
The Browser Company of New York Dia 安全漏洞
The Browser Company of New York Dia is an AI browser from The Browser Company of New York, USA. A security vulnerability exists in The Browser Company of New York Dia prior to version 1.6, which stems from a lack of notification alerts in full-screen mode and could lead to users being misled...
EUVD-2025-137946
Malicious code in astam-ifst-dia npm...
Malicious code in dia-47 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e3d096c1c4b2667da07b85edfa060ab4e7c7b5c10455f09327eb261f630ec3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dia-41 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51caa535d1d1a0073f281b951f0dc7797ef9163c305878120974b3919a122427 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154325 Malicious code in dia-41 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51caa535d1d1a0073f281b951f0dc7797ef9163c305878120974b3919a122427 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154304 Malicious code in dia-22 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fa771970333a616dcc0a3b6d59a32b3eb2c070ab6d414ea7c734417c4b48ce1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154296 Malicious code in dia-15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fdba0d2be064e26691b72b3dd34dc42756849707b82ffb36709cd5189002235 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154292 Malicious code in dia-10 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42372fdb54c843b791f7713f6c8f2370821d4b643852c7c179fbc3fa1d64015b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154331 Malicious code in dia-47 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e3d096c1c4b2667da07b85edfa060ab4e7c7b5c10455f09327eb261f630ec3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154334 Malicious code in dia-5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbaacc430a8bb8dbc3d222378ba9fe8457df4f43b02469d756bf3eed842a66b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...