CVE-2024-5436

CRITICAL

Snapchat Lenscore < 12.88 - Type Confusion

Title source: rule

Description

Type confusion in Snapchat LensCore could lead to denial of service or arbitrary code execution prior to version 12.88. We recommend upgrading to version 12.88 or above.

References (1)

[Third Party Advisory] https://hackerone.com/snapchat

Scores

CVSS v3 9.8

EPSS 0.0020

EPSS Percentile 41.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-843 CWE-704

Status published

Products (1)

snap/snapchat_lenscore < 12.88

Published May 31, 2024

Tracked Since Feb 18, 2026