CVE-2026-3861
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk22th percentile - higher than 22% of all known CVEs
Summary
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.
Risk Assessment
The risk involves a potential denial-of-service (DoS) attack on the user's device, which may render the phone unusable until a restart or manual intervention.
Recommendation
It is recommended to immediately update the LINE client for iOS to version 26.3.0 or later, which includes the necessary security fixes.
Original NVD description (English source)
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.

