CVE-2025-15032

CVSS Score & Metrics

Base Score

7.4 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N                                    

Vulnerability Description

Missing about:blank indicator in custom-sized new windows in Dia before 1.9.0 on macOS could allow an attacker to spoof a trusted domain in the window title and mislead users about the current site.

Vulnerability Details

Published Date

January 16, 2026

Last Modified

January 16, 2026

CWE ID

CWE-1021

Source

NVD

Vendor

The Browser Company of New York

Product

Dia

External References

https://www.diabrowser.com/security/bulletins#CVE-2025-15032

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment