Description
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.
Published: 2026-04-27
Score: 5.6 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 07:30:00 +0000

Type Values Removed Values Added
Description OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.
Title Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet
References
Metrics cvssV4_0

{'score': 5.6, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:A/V:D/RE:L/U:Amber'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: OPPO

Published:

Updated: 2026-04-27T07:27:33.199Z

Reserved: 2026-01-06T06:15:53.765Z

Link: CVE-2026-22077

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-27T08:16:01.120

Modified: 2026-04-27T08:16:01.120

Link: CVE-2026-22077

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses

No weakness.