251 matches found
CVE-2026-9642
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
Windows-Exploit-Development-Lab
Metodología de Análisis de Vulnerabilidades y Explotación...
CVE-2025-15032
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032
Dia for macOS before 1.9.0 is vulnerable to spoofing of the window title due to a missing about:blank indicator in custom-sized new windows. The root cause is the absence of a visual cue (about:blank indicator) that can mislead users about the current site. Affected product: Dia (macOS). Impact: ...
CVE-2025-15032
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
CVE-2025-15032 CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank
Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site...
Dia security vulnerabilities
Dia is an AI-driven smart browser developed by Dia Company. Versions of Dia prior to 1.9.0 contained a security vulnerability. This vulnerability stemmed from the absence of the about:blank indicator in new windows with custom sizes, which could allow attackers to deceive trusted domains and...
PT-2026-3271
Name of the Vulnerable Software and Affected Versions Dia versions prior to 1.9.0 Description A flaw exists in Dia that, on macOS, could allow an attacker to spoof a trusted domain in the window title of custom-sized new windows. This could mislead users about the current site due to a missing...
CVE-2025-13132
A flaw was found in dia. This vulnerability allows users to be misled about the current site via a malicious site rendering a fake user interface UI without a full-screen notification...
The Browser Company of New York Dia 安全漏洞
The Browser Company of New York Dia is an AI browser from The Browser Company of New York, USA. A security vulnerability exists in The Browser Company of New York Dia prior to version 1.6, which stems from a lack of notification alerts in full-screen mode and could lead to users being misled...
EUVD-2025-137946
Malicious code in astam-ifst-dia npm...
Malicious code in dia-27 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8cd0769cac0a842fd220e0e01e01faa7f8cc1e51330080a63eb0b94900f5bc3d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dia-29 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 39ace05da76ee6137520277d1359ec38173497c04ac97a43a38e1e69b06e0c0e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in dia-33 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9a357b449d33275aafbaee155b1658641cbb7cc3956bf69d0a83013fa79a790 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154313 Malicious code in dia-30 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eff1123100fa9c082f85bb48c95034eae67ab9c27c43f4cc1ca2b4f3abcb0525 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154331 Malicious code in dia-47 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67e3d096c1c4b2667da07b85edfa060ab4e7c7b5c10455f09327eb261f630ec3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154296 Malicious code in dia-15 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fdba0d2be064e26691b72b3dd34dc42756849707b82ffb36709cd5189002235 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154319 Malicious code in dia-36 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 372e77d612b0ec10fc69dbedfa115457bc9243f66a9d6110a642dde48fefe332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-154329 Malicious code in dia-45 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 763f572951c858607e292547d7632b5ec90401747022ccfade39b8ac400ab5b1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...