VYPR
Vendor

realme

Products
6
CVEs
4
Across products
5
Status
Private

Products

6

Recent CVEs

4
  • CVE-2023-38297HigApr 22, 2024
    risk 0.55cvss 8.4epss 0.01

    An issue was discovered in a third-party com.factory.mmigroup component, shipped on devices from multiple device manufacturers. Certain software builds for various Android devices contain a vulnerable pre-installed app with a package name of com.factory.mmigroup…

  • CVE-2025-25370MedMay 14, 2025
    risk 0.30cvss 4.6epss 0.00

    An issue in realme GT 2 (RMX3311) running Android 14 with realme UI 5.0 allows a physically proximate attacker to obtain sensitive information via the show app only setting function.

  • CVE-2025-67316Jan 5, 2026
    risk 0.00cvss epss 0.00

    An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser. NOTE: The supplier is currently disputing this finding and the record is under review.

  • CVE-2025-57452Sep 18, 2025
    risk 0.00cvss epss 0.00

    In realme BackupRestore app v15.1.12_2810c08_250314, improper URI scheme handling in com.coloros.pc.PcToolMainActivity allows local attackers to cause a crash and potential XSS via crafted ADB intents.