Opening links via the contextual menu in Focus iOS for certain URL schemes would fail to load but would not refresh the toolbar correctly, allowing attackers to spoof websites if users were coerced into opening a link explicitly through a long-press This vulnerability affects Focus for iOS < 143.0.

Related CVEs

CVE-2025-10290

Key Information

GHSA ID

GHSA-hjm2-5w4g-m8j2

Published

September 16, 2025 3:32 PM

Last Modified

September 16, 2025 9:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 22, 2025 6:29 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.