CVE-2025-14809

High CVSS: 7.4

ArcSearch for Android versions prior to 1.12.6 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content.

Vendor

Product

CWE

CWE-1021

Yayın Tarihi

2025-12-19 17:15:50

Güncelleme

2025-12-19 18:00:18

Source Identifier

59469e6c-7ea7-446f-8e43-06aa32c115e8

KEV Date Added

Kategoriler

CWE-1021 HIGH 2025

Referanslar

https://arc.net/security/bulletins#cve-2025-14809-address-bar-spoofing-risk-navigation-trigger-uri-confusion-on-arcsearch-android