CVE-2026-30284

Published Mar 31, 2026

Last updated 10 days ago

CVSS high 8.6

Overview

Description
An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.
Source
cve@mitre.org
NVD status
Analyzed
Products
voice_recorder

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.6
Impact score
6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-73

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Improper access control in Samsung Voice Recorder prior to version 21.5.73.12 in Android 15 and 21.5.81.40 in Android 16 allows physical attackers to access recording files on the lock screen.CVE-2025-21063
  2. Improper access control in Samsung Voice Recorder prior to version 21.5.40.37 allows physical attackers to access recording files on the lock screen.CVE-2024-49403
  3. Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers using hardware keyboard to use VoiceRecorder on the lock screen.CVE-2024-20840
  4. Improper access control in Samsung Voice Recorder prior to versions 21.5.16.01 in Android 12 and Android 13, 21.4.51.02 in Android 14 allows physical attackers to access recording files on the lock screen.CVE-2024-20839

References

Sources include official advisories and independent security research.