This page aggregates publicly disclosed CVE and security risk information related to thebrowser, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-2378 | ArcSearch for Android versions prior to 1.12.7 could display a different domain in the address bar than the content being shown, enabling address bar spoofing after user interaction via crafted web content. | 59469e6c-7ea7-446f-8e43-06aa32c115e8 | 7.4 | 0.17% | 2026-03-20 | 2026-04-16 |
| CVE-2024-52928 | Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on the website. | [email protected] | 9.6 | 0.41% | 2025-06-26 | 2025-07-10 |