This page aggregates publicly disclosed CVE and security risk information related to heytap, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-67316 | An issue in realme Internet browser v.45.13.4.1 allows a remote attacker to execute arbitrary code via a crafted webpage in the built-in HeyTap/ColorOS browser. NOTE: The supplier is currently disputing this finding and the record is under review. | [email protected] | 5.4 | 0.05% | 2026-01-05 | 2026-03-26 |
| CVE-2024-23729 | The ColorOS Internet Browser com.heytap.browser application 45.10.3.4.1 for Android allows a remote attacker to execute arbitrary JavaScript code via the com.android.browser.RealBrowserActivity component. | [email protected] | 6.1 | 0.42% | 2024-08-19 | 2024-08-20 |