High severity7.1NVD Advisory· Published Apr 30, 2026· Updated May 5, 2026
CVE-2026-22070
CVE-2026-22070
Description
ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.
Affected products
1- cpe:2.3:a:oppo:coloros_assistant:1.4.26:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.oppo.com/en/noticeDetailnvdVendor Advisory
News mentions
0No linked articles in our index yet.