CVE-2026-47306

Published: Giu 04, 2026 Last Modified: Giu 04, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,1
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: none
User Interaction: required
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: high

Description

AI Translation Available

Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads.

This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.

674

Uncontrolled Recursion

Draft
Abstraction: Class Structure: Simple
Common Consequences
Security Scopes Affected:
Availability Confidentiality
Potential Impacts:
Dos: Resource Consumption (Cpu) Dos: Resource Consumption (Memory) Read Application Data
Applicable Platforms
All platforms may be affected
View CWE Details
https://github.com/Samsung/rlottie/pull/585
https://github.com/Samsung/rlottie/pull/585