The LINE client for iOS before version 26.3.0 contains a vulnerability in its in-app browser component. When a crafted web page is opened, it can repeatedly trigger operating system dialogs due to insufficient safeguards in handling arbitrary URL schemes. This can lead to temporary denial of service on the iOS device by making it unresponsive. The vulnerability is classified under CWE-400 (Uncontrolled Resource Consumption) and CWE-451 (User Interface Misrepresentation). The CVSS v3.1 base score is 7.1, indicating high severity with network attack vector, no privileges required, user interaction needed, and high impact on availability. No patch or official remediation level has been published by LY Corporation as of the current data.

Successful exploitation can cause the iOS device running the vulnerable LINE client to become temporarily inoperable due to repeated OS-level dialogs triggered by the in-app browser. This results in a denial of service condition affecting device availability. There is no indication of data confidentiality or integrity impact. No known active exploits have been reported.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should avoid opening untrusted or suspicious links within the LINE client in-app browser. Monitor LY Corporation communications for updates regarding patches or mitigations.