CVE-2026-30281 - Vulnerability Details

Description

An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

Published: 2026-03-31

Score: 9.8 Critical

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

An arbitrary file overwrite flaw in MaruNuri’s Maru app allows an attacker to replace critical internal files through the application’s file import feature, giving the attacker the ability to execute arbitrary code or expose sensitive data. The weakness is classified as a CWE‑73 overwrite of files outside the intended scope.

Affected Systems

The vulnerability affects MaruNuri LLC’s Android application "Maru", package name neo.maru, version 2.0.23. No other versions are listed as impacted in the available data.

Risk and Exploitability

The CVSS score of 9.8 marks the flaw as critical, while the EPSS score of less than 1% suggests a low current probability of exploitation. The flaw is not yet listed in CISA’s KEV catalog, which limits known exploit activity. Based on the description, the likely attack vector requires an attacker to create a malicious file that a local user imports via the app’s file import function; if performed, the overwritten files would allow remote code execution or data disclosure. Consequently, the risk remains high due to the severity of potential impact, but the practical likelihood hinges on the attacker’s ability to deliver a crafted file to the target device.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:maru:neo.maru:2.0.23:*:*:*:*:android:*:*

No data.

Vendor Product Confidence Versions

Marui

80%

Version	Status	Scheme	Platform
`2.0.23`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Apply an official patch or upgrade to a fixed version of the Maru app as soon as it is released by MaruNuri.
If no patch is available, uninstall or disable the Maru app to prevent exploitation until a fix is issued.
Avoid importing files from untrusted sources and exercise caution when opening files obtained through unknown channels.
Monitor MaruNuri’s security advisories and the referenced GitHub issue for updates or workarounds.

Generated by OpenCVE AI on April 6, 2026 at 17:32 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00091.

Exploitation none

Automatable yes

Technical Impact total

References

Link	Providers
https://github.com/Secsys-FDU/AF_CVEs/issues/21
https://maru.xyz/
https://play.google.com/store/apps/details?id=neo.maru
https://secsys.fudan.edu.cn/

History

Tue, 07 Apr 2026 08:00:00 +0000

Type	Values Removed	Values Added
Title	Arbitrary File Overwrite in MaruNuri v2.0.23 Leading to Remote Code Execution

Mon, 06 Apr 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Maru Maru neo.maru
CPEs		cpe:2.3:a:maru:neo.maru:2.0.23:::::android::
Vendors & Products		Maru Maru neo.maru

Fri, 03 Apr 2026 10:15:00 +0000

Type	Values Removed	Values Added
Title		Arbitrary File Overwrite in MaruNuri v2.0.23 Leading to Remote Code Execution
First Time appeared		Marui Marui marui
Vendors & Products		Marui Marui marui

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Title	Arbitrary File Overwrite in MaruNuri v2.0.23 Enables Code Execution
Weaknesses	CWE-22

Wed, 01 Apr 2026 23:45:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-73
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 01 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
Title		Arbitrary File Overwrite in MaruNuri v2.0.23 Enables Code Execution
Weaknesses		CWE-22

Tue, 31 Mar 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		An arbitrary file overwrite vulnerability in MaruNuri LLC v2.0.23 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
References		https://github.com/Secsys-FDU/AF_CVEs/issues/21 https://maru.xyz/ https://play.google.com/store/apps/details?id=neo.maru https://secsys.fudan.edu.cn/

Subscriptions

Maru Neo.maru

Marui Marui

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-03-31T00:00:00.000Z

Updated: 2026-04-01T18:14:46.520Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30281

Vulnrichment

Updated: 2026-04-01T18:14:41.771Z

NVD

Status : Analyzed

Published: 2026-03-31T16:16:29.820

Modified: 2026-04-06T15:13:05.620

Link: CVE-2026-30281

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-07T08:08:27Z

Weaknesses

CWE-73

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object