Heytap: Security Vulnerabilities
An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser. NOTE: The supplier is currently disputing this finding and the record is under review.
CVSS Score
5.4
EPSS Score
0.001
Published
2026-01-05
The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component.
CVSS Score
6.1
EPSS Score
0.004
Published
2024-08-19