Uncontrolled Recursion Vulnerability in Samsung Open Source rlottie
CVE-2026-47306

6.1MEDIUM

Key Information:

Status
Vendor
CVE Published:
4 June 2026

What is CVE-2026-47306?

The uncontrolled recursion vulnerability in Samsung's rlottie affects systems that process oversized serialized data payloads. This flaw could lead to resource exhaustion, potentially compromising system performance and stability. It is essential for users and developers relying on rlottie to update their implementations to mitigate risks associated with this vulnerability.

Affected Version(s)

rlottie e2d19e3b150e0e4a9586fa90b56fd3061cc98945

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.