Browse all 4 CVE security advisories affecting The Browser Company of New York. AI-powered Chinese analysis, POCs, and references for each vulnerability.
The Browser Company of New York develops a privacy-focused web browser with a core use case centered on user data protection and enhanced browsing security. Historically, their products have been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often stemming from JavaScript engine flaws and improper input validation. While no major security incidents have been publicly documented, the company maintains a moderate CVE count of four, primarily involving privilege escalation and memory corruption issues. Their security approach emphasizes regular updates and transparent vulnerability disclosure, though the browser's complex architecture continues to present challenges for maintaining robust security against evolving web-based threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-15032 | CVE-2025-15032: Increased Spoofing risk; custom new window missing about:blank — DiaCWE-1021 | 7.4 | High | 2026-01-16 |
| CVE-2025-14809 | Address bar spoofing risk in ArcSearch on Android — ArcSearchCWE-1021 | 7.4 | High | 2025-12-19 |
| CVE-2025-14812 | Address bar spoofing risk in Arc Search on iOS — ArcSearchCWE-1021 | 7.5 | High | 2025-12-19 |
| CVE-2025-13132 | Dia: Increased Spoof Risk; Missing full screen toast — DiaCWE-1021 | 7.4 | High | 2025-11-21 |
This page lists every published CVE security advisory associated with The Browser Company of New York. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.