CVE-2026-47320

Summary

Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads.

This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.

Affected Software

VendorProductVersion RangeStatus
Samsung Open Sourcerlottieeae37633fda13ac05b25c6c95aacea4bc33c80a3unaffected

Weaknesses

  • CWE-824: CWE-824 Access of uninitialized pointer
  • CWE-674: CWE-674 Uncontrolled Recursion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References