Stack-based Buffer Overflow in rlottie by Samsung
CVE-2026-47318

6.1MEDIUM

Key Information:

Status
Vendor
CVE Published:
4 June 2026

What is CVE-2026-47318?

A stack-based buffer overflow vulnerability exists in the rlottie library developed by Samsung. This security issue allows attackers to exploit overflow buffers, potentially leading to execution of arbitrary code or service disruption. The vulnerability affects rlottie versions prior to ce72b35a7ad0dded03051d3aa0ef75321c3bd035, making it imperative for users to update to the latest version to mitigate risks. For detailed information, refer to the GitHub pull request.

Affected Version(s)

rlottie ce72b35a7ad0dded03051d3aa0ef75321c3bd035

References

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.