CVE-2026-10305

6.1MEDIUM

Key Information:

Vendor

Samsung Open Source

Status
Rlottie
Vendor
CVE Published:
4 June 2026

What is CVE-2026-10305?

Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers.

This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd.

Affected Version(s)

rlottie 223a2a41ba4f462e4abe767bebba49a366c9b9fd

References

https://github.com/Samsung/rlottie/pull/587

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.