Vulnerability Information from the Screenshot CVE-2025-15032: Increased Spoofing Risk; Custom New Window Missing about:blank Summary: Increased spoofing risk in affected macOS versions of Dia. CVE ID: CVE-2025-15032 Advisory Release Date: Fri, Jan 16, 2026 Affected Version: Dia version <1.9.0 Severity: High Details: An attacker-controlled site could open a new custom-sized window without displaying in the URL bar, potentially misleading users about the site. Fixed in Dia version 1.9.1. CVE-2025-13132: Increased Spoof Risk; Missing Full Screen Toast Summary: Increased spoof risk in affected macOS versions of Dia. CVE ID: CVE-2025-13132 Advisory Release Date: Fri, Nov 21, 2025 Affected Versions: Dia versions <1.6 Severity: High Details: Sites could enter fullscreen mode without a fullscreen notification, potentially misleading users. Fixed in Dia version 1.6. Additional Information Both vulnerabilities have a severity rating of High with CVSS scores of 7.4 and 7.5 respectively. Users should update to the latest Dia versions to mitigate these risks.