CVE-2026-47320

Description

Access of uninitialized pointer, Uncontrolled Recursion vulnerability in Samsung Open Source rlottie allows Pointer Manipulation, Oversized Serialized Data Payloads. This issue affects rlottie: before eae37633fda13ac05b25c6c95aacea4bc33c80a3.

PUBLISHED Reserved 2026-05-19 | Published 2026-06-04 | Updated 2026-06-07 | Assigner samsung.tv_appliance

Problem types

CWE-824 Access of uninitialized pointer

CWE-674 Uncontrolled Recursion

Product status

References

github.com/Samsung/rlottie/pull/593

cve.org (CVE-2026-47320)

nvd.nist.gov (CVE-2026-47320)

Download JSON