CVE Catalog

CVE-2026-3861

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.31%

22th percentile - higher than 22% of all known CVEs

Summary

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.

Risk Assessment

The risk involves a potential denial-of-service (DoS) attack on the user's device, which may render the phone unusable until a restart or manual intervention.

Recommendation

It is recommended to immediately update the LINE client for iOS to version 26.3.0 or later, which includes the necessary security fixes.

Original NVD description (English source)

LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS