Every CVE whose affected-product data names Linecorp Line, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (75)
CVE-2023-43300 — CVSS 8.2 (high): An issue in urban_project mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-45559 — CVSS 8.2 (high): An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVE-2023-43305 — CVSS 8.2 (high): An issue in studio kent mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43304 — CVSS 8.2 (high): An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43303 — CVSS 8.2 (high): An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the…
CVE-2023-43302 — CVSS 8.2 (high): An issue in sanTas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43301 — CVSS 8.2 (high): An issue in DARTS SHOP MAXIM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2016-4850 — CVSS 8.1 (high): LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code.
CVE-2019-6010 — CVSS 7.8 (high): Integer overflow vulnerability in LINE(Android) from 4.4.0 to the version before 9.15.1 allows remote attackers to cause a denial of…
CVE-2021-36216 — CVSS 7.8 (high): LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.
CVE-2018-0609 — CVSS 7.8 (high): Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL…
CVE-2022-29505 — CVSS 7.8 (high): Due to build misconfiguration in openssl dependency, LINE for Windows before 7.8 is vulnerable to DLL injection that could lead to…
CVE-2016-4831 — CVSS 7.8 (high): Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a…
CVE-2025-14022 — CVSS 7.7 (high): LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due to improper SSL/TLS certificate validation in an integrated…
CVE-2023-48134 — CVSS 7.5 (high): nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor.
CVE-2023-38846 — CVSS 7.5 (high): An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
CVE-2023-38847 — CVSS 7.5 (high): An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
CVE-2023-38848 — CVSS 7.5 (high): An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
CVE-2021-41011 — CVSS 7.5 (high): LINE client for iOS before 11.15.0 might expose authentication information for a certain service to external entities under certain…
CVE-2023-38849 — CVSS 7.5 (high): An issue in tire-sales Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
CVE-2022-41568 — CVSS 7.5 (high): LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in group chat.
CVE-2023-38845 — CVSS 7.5 (high): An issue in Anglaise Company Anglaise.Company v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
CVE-2018-13446 — CVSS 7.0 (high): An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via…
CVE-2018-13435 — CVSS 7.0 (high): An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime…
CVE-2026-3861 — CVSS 6.5 (medium): LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly…
CVE-2023-47363 — CVSS 6.5 (medium): The leakage of channel access token in F.B.P members Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47364 — CVSS 6.5 (medium): The leakage of channel access token in nagaoka taxi Line 13.6.1 allows remote attackers to send malicious notifications to victims
CVE-2023-47365 — CVSS 6.5 (medium): The leakage of channel access token in Lil.OFF-PRICE STORE Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47366 — CVSS 6.5 (medium): The leakage of channel access token in craft_members Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47367 — CVSS 6.5 (medium): The leakage of channel access token in platinum clinic Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47368 — CVSS 6.5 (medium): The leakage of channel access token in taketorinoyu Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47369 — CVSS 6.5 (medium): The leakage of channel access token in best_training_member Line 13.6.1 allows remote attackers to send malicious notifications.
CVE-2023-47370 — CVSS 6.5 (medium): The leakage of channel access token in bluetrick Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47372 — CVSS 6.5 (medium): The leakage of channel access token in UPDATESALON C-LOUNGE Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2023-47373 — CVSS 6.5 (medium): The leakage of channel access token in DRAGON FAMILY Line 13.6.1 allows remote attackers to send malicious notifications to victims.
CVE-2018-13434 — CVSS 6.3 (medium): An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric (TouchID) validation allows…
CVE-2024-5739 — CVSS 6.1 (medium): The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS (UXSS) vulnerability. This vulnerability allows…
CVE-2018-0518 — CVSS 5.9 (medium): LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof…
CVE-2016-1156 — CVSS 5.7 (medium): LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service…
CVE-2022-22820 — CVSS 5.5 (medium): Due to the lack of media file checks before rendering, it was possible for an attacker to cause abnormal CPU consumption for message…
CVE-2023-43998 — CVSS 5.4 (medium): An issue in Books-futaba mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43999 — CVSS 5.4 (medium): An issue in COLORFUL_laundry mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-44000 — CVSS 5.4 (medium): An issue in Otakara lapis totuka mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the…
CVE-2023-44001 — CVSS 5.4 (medium): An issue in Ailand clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-48135 — CVSS 5.4 (medium): An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2025-14020 — CVSS 5.4 (medium): LINE client for Android versions prior to 14.20 contains a UI spoofing vulnerability in the in-app browser where the full-screen security…
CVE-2023-43992 — CVSS 5.4 (medium): An issue in STOCKMAN GROUP mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43993 — CVSS 5.4 (medium): An issue in smaregi_app_market mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43994 — CVSS 5.4 (medium): An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43995 — CVSS 5.4 (medium): An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43996 — CVSS 5.4 (medium): An issue in Q co ltd mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43997 — CVSS 5.4 (medium): An issue in Yoruichi hobby base mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the…
CVE-2023-48130 — CVSS 5.4 (medium): An issue in GINZA CAFE mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-48131 — CVSS 5.4 (medium): An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-48132 — CVSS 5.4 (medium): An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via…
CVE-2023-48133 — CVSS 5.4 (medium): An issue in angel coffee mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43297 — CVSS 5.4 (medium): An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token.
CVE-2023-43988 — CVSS 5.4 (medium): An issue in nature fitness saijo mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the…
CVE-2023-43989 — CVSS 5.4 (medium): An issue in mokumoku chohu mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43990 — CVSS 5.4 (medium): An issue in cherub-hair mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-43991 — CVSS 5.4 (medium): An issue in PRIMA CLINIC mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-48126 — CVSS 5.4 (medium): An issue in Luxe Beauty Clinic mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-48127 — CVSS 5.4 (medium): An issue in myGAKUYA mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-48128 — CVSS 5.4 (medium): An issue in UNITED BOXING GYM mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-48129 — CVSS 5.4 (medium): An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-43298 — CVSS 5.3 (medium): An issue in SCOL Members Card mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel…
CVE-2023-45561 — CVSS 5.3 (medium): An issue in A-WORLD OIRASE BEER_waiting Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access…
CVE-2021-36215 — CVSS 5.3 (medium): LINE client for iOS 10.21.3 and before allows address bar spoofing due to inappropriate address handling.
CVE-2023-43299 — CVSS 5.3 (medium): An issue in DA BUTCHERS mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access…
CVE-2023-5554 — CVSS 4.8 (medium): Lack of TLS certificate verification in log transmission of a financial module within LINE client for iOS prior to 13.16.0.
CVE-2025-14021 — CVSS 4.3 (medium): The in-app browser in LINE client for iOS versions prior to 14.14 is vulnerable to address bar spoofing, which could allow attackers to…
CVE-2013-7144 — CVSS 4.3 (medium): LINE 3.2.1.83 and earlier on Windows and 3.2.1 and earlier on OS X does not verify X.509 certificates from SSL servers, which allows…
CVE-2025-14019 — CVSS 3.4 (low): LINE client for Android versions from 13.8 to 15.5 is vulnerable to UI spoofing in the in-app browser where a specific layout could obscure…
CVE-2025-14023 — CVSS 3.1 (low): LINE client for iOS prior to 15.19 allows UI spoofing due to inconsistencies between the navigation state and the in-app browser's user…