Out-of-Bounds Read Vulnerability in Samsung Open Source rlottie
CVE-2026-10305

6.1MEDIUM

Key Information:

Status
Vendor
CVE Published:
4 June 2026

What is CVE-2026-10305?

The out-of-bounds read vulnerability in Samsung's Open Source rlottie library allows attackers to potentially overread buffers. This issue can lead to unintended information disclosure, compromising the integrity of sensitive data handled by applications utilizing the affected versions of rlottie. Users are advised to update to the latest secure version to mitigate potential risks.

Affected Version(s)

rlottie 223a2a41ba4f462e4abe767bebba49a366c9b9fd

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.