CVE-2026-22078 is a HIGH-severity vulnerability in O+ Connect's IPC service. The IPC service does not authenticate clients, allowing external applications to escalate privileges and perform sensitive actions. This vulnerability has a CVSS score of 7.3. The CVE was published on June 29, 2026, and has not been modified since. The vendor, Unknown Vendor, has a low confidence level and needs review. Oppo is a [truncated]
## Summary CVE-2026-22077 describes a trusted domain validation flaw in the OPPO Wallet application that enables attackers to bypass protected interface access restrictions. The vulnerability may result in account token hijacking and sensitive information disclosure. The issue carries a CVSS 4.0 score of 5.6 (MEDIUM severity) and was published on April 27, 2026, with a subsequent modification on May 19, 2 [truncated]