Known Vulnerabilities for products from Oppo

Listed below are 17 of the newest known vulnerabilities associated with the vendor "Oppo".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Oppo can be found at device.report : Oppo

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-22077 json Not Provided 2026-04-27 2026-04-27
CVE-2026-22070 json ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. Not Provided 2026-04-30 2026-05-05
CVE-2023-26311 json A remote code execution vulnerability in the webview component of OPPO Store app. 9.8 - CRITICAL 2023-08-10 2023-08-15
CVE-2023-26310 json There is a command injection problem in the old version of the mobile phone backup app. 9.8 - CRITICAL 2023-08-09 2023-08-14
CVE-2021-23247 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 9.8 - CRITICAL 2022-04-01 2022-04-09
CVE-2021-23246 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 7.5 - HIGH 2022-03-11 2022-03-18
CVE-2021-23244 json ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some a... 7.8 - HIGH 2021-12-27 2022-07-12
CVE-2021-23243 json In Oppo's battery application, the third-party SDK provides the function of loading a third-party Provider, which can be used... 7.8 - HIGH 2021-09-27 2022-05-03
CVE-2020-11836 json OPPO Android Phone with MTK chipset and Android 8.1/9/10/11 versions have an information leak vulnerability. The “adb shell... 5.5 - MEDIUM 2021-02-06 2021-02-08
CVE-2020-11835 json In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the func... 5.5 - MEDIUM 2020-12-31 2021-01-06
CVE-2020-11834 json In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_f... 5.5 - MEDIUM 2020-12-31 2021-01-06
CVE-2020-11833 json In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_d... 5.5 - MEDIUM 2020-12-31 2021-01-06
CVE-2020-11832 json In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/... 5.5 - MEDIUM 2020-12-31 2021-01-06
CVE-2020-11831 json OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicema... 9.8 - CRITICAL 2020-11-19 2020-12-04
CVE-2020-11830 json QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0. 9.8 - CRITICAL 2020-11-19 2020-12-02
CVE-2020-11829 json Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codeb... 9.8 - CRITICAL 2020-11-19 2021-07-21
CVE-2020-11828 json In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surface... 7.5 - HIGH 2020-04-21 2021-07-21
CVE-2018-14996 json The Oppo F5 Android device with a build fingerprint of OPPO/CPH1723/CPH1723:7.1.1/N6F26Q/1513597833:user/release-keys contain... 7.8 - HIGH 2019-04-25 2019-10-03

Known software with vulnerabilities from Oppo

Type Vendor Product Version
HardwareOppoA12-
HardwareOppoA15-
HardwareOppoA15s-
HardwareOppoA31-
HardwareOppoA33-
HardwareOppoA5-
HardwareOppoA52-
HardwareOppoA53-
HardwareOppoA9-
Operating
System		OppoColoros-
HardwareOppoF15-
HardwareOppoF17-
HardwareOppoF17 Pro-
ApplicationOppoOvoicemanager2.0.1
ApplicationOppoQualityprotect2.0
HardwareOppoReno 2-
HardwareOppoReno 2f-
HardwareOppoReno 2z-
HardwareOppoReno 3 Pro-
HardwareOppoReno 4 Pro-
Results limited to 20 most recent known configurations
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report