Linecorp: community verdicts
3 notable / known-exploited Linecorp CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Linecorp CVE, see NVD ↗.
- CVE-2023-43303HIGH 8.2Real · low riskEPSS 1%
An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token (via captured network traffic).
- CVE-2023-45559HIGH 8.2Real · low riskEPSS 0%
An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
- CVE-2026-3861MED 6.5EPSS 0%
LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable.