Description

ArcSearch for iOS versions prior to 1.45.2 could display a different domain in the address bar than the content being shown after an iframe-triggered URI-scheme navigation, increasing spoofing risk.

INFO

Published Date :

2025-12-19T16:38:58.980Z

Last Modified :

2025-12-19T16:50:33.125Z

Source :

BCNY
AFFECTED PRODUCTS

The following products are affected by CVE-2025-14812 vulnerability.

Vendors Products
Apple
  • Ios
The Browser Company
  • Arc
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-14812.

URL Resource
https://arc.net/security/bulletins#cve-2025-14812-address-bar-spoofing-risk-iframe-triggered-uri-navigation-on-arc-search-ios cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact