Home

Description

Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Oversized Serialized Data Payloads. This issue affects rlottie: before e2d19e3b150e0e4a9586fa90b56fd3061cc98945.

PUBLISHED Reserved 2026-05-19 | Published 2026-06-04 | Updated 2026-06-08 | Assigner samsung.tv_appliance




MEDIUM: 6.1CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H

Problem types

CWE-674 Uncontrolled Recursion

Product status

Default status
affected

e2d19e3b150e0e4a9586fa90b56fd3061cc98945 (git)
unaffected

Credits

Sebastián Alba Vives (@Sebasteuo / 0xS4bb1) finder

References

github.com/Samsung/rlottie/pull/585

cve.org (CVE-2026-47306)

nvd.nist.gov (CVE-2026-47306)

Download JSON