CVE-2026-30284

HIGH

UXGROUP Voice Recorder 10.0 - File Overwrite

Title source: llm

Description

An arbitrary file overwrite vulnerability in UXGROUP LLC Voice Recorder v10.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure.

References (4)

https://secsys.fudan.edu.cn/

https://appcraze.co/

http://voice.com

https://github.com/Secsys-FDU/AF_CVEs/issues/25

Scores

CVSS v3 8.6

EPSS 0.0001

EPSS Percentile 1.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-73

Status published

Products (1)

uxgroupllc/voice_recorder 10.0

Published Mar 31, 2026

Tracked Since Mar 31, 2026