Improper Input Validation in Samsung Open Source rLottie
CVE-2025-53076

5.1MEDIUM

Key Information:

Vendor: Samsung Open Source
Status: Rlottie
Vendor: CVE Published:; 30 June 2025

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2025-53076?

A vulnerability in Samsung's Open Source rLottie has been identified, allowing for improper input validation that can lead to buffer overreads. This issue specifically impacts rLottie version 0.2, highlighting the importance of input handling in software applications. Addressing this vulnerability is critical to maintaining the integrity and security of systems utilizing rLottie.

Affected Version(s)

rLottie V0.2

References

https://github.com/Samsung/rlottie/pull/573

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 30, 2025
Vulnerability Reserved
Jun 24, 2025

Credit

Meta Product Security