PatchSiren cyber security CVE debrief
CVE-2026-47318 Samsung Open Source CVE debrief
A stack-based buffer overflow vulnerability was discovered in Samsung Open Source rlottie, which could potentially lead to an overflow of buffers. This issue affects rlottie versions before ce72b35a7ad0dded03051d3aa0ef75321c3bd035. The vulnerability has a CVSS score of 6.1 and a severity of MEDIUM.
- Vendor
- Samsung Open Source
- Product
- rlottie
- CVSS
- MEDIUM 6.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-04
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-04
Who should care
Users of Samsung Open Source rlottie, particularly those using versions before ce72b35a7ad0dded03051d3aa0ef75321c3bd035, should be aware of this vulnerability and take necessary actions to mitigate the risk.
Technical summary
The vulnerability is a stack-based buffer overflow issue in the Samsung Open Source rlottie. It has been assigned a CVSS score of 6.1 and a severity of MEDIUM. The CVSS vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H.
Defensive priority
MEDIUM
Recommended defensive actions
- Update rlottie to version ce72b35a7ad0dded03051d3aa0ef75321c3bd035 or later.
- Review and apply the patch provided in the source reference [ref-4].
Evidence notes
The vulnerability was reported by an unknown vendor and has been documented in the CVE record [cve-org] and the NVD detail [nvd].
Official resources
-
CVE-2026-47318 CVE record
CVE.org
-
CVE-2026-47318 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2026-47318 was published on 2026-06-04T10:16:39.057Z and modified on 2026-06-04T15:27:23.470Z.