CVE-2026-22077

Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet

Description

OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.

INFO

Published Date :

2026-04-27T06:37:05.647Z

Last Modified :

2026-04-27T07:27:33.199Z

Source :

OPPO

AFFECTED PRODUCTS

The following products are affected by CVE-2026-22077 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-22077.

URL	Resource
https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-2048652556296790016

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability