Man-in-the-Middle Vulnerability in LINE Client for iOS
CVE-2025-14022

7.7HIGH

Key Information:

Vendor: Line Corporation
Status: Line Client For iOS
Vendor: CVE Published:; 15 December 2025

🔔 Create Line Corporation Vulnerability Alert

What is CVE-2025-14022?

The LINE client for iOS prior to version 15.4 has a vulnerability that allows man-in-the-middle attacks due to inadequate SSL/TLS certificate validation in an integrated financial SDK. This security flaw disrupts the application's network processing, effectively disabling server certificate verification for a significant portion of its network traffic. As a consequence, an attacker situated on the same network could intercept or modify encrypted communications, posing serious security risks for users relying on this application for financial transactions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

LINE client for iOS 15.3 < 15.4

References

https://hackerone.com/reports/2853445

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 15, 2025
Vulnerability Reserved
Dec 4, 2025

JSON

Line Corporation

What is CVE-2025-14022?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.