What is the CVSS score of CVE-2026-25204?

CVE-2026-25204 has a CVSS 3.1 base score of 6.2 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Java CVE-2026-25204

EUVD-2026-21762 MEDIUM

Deserialization of Untrusted Data (CWE-502)

2026-04-13 samsung.tv_appliance

Denial Of Service Java Deserialization Samsung

6.2

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

Analysis Generated

Apr 13, 2026 - 01:19 vuln.today

EUVD ID Assigned

Apr 13, 2026 - 01:15 euvd

EUVD-2026-21762

Analysis Generated

Apr 13, 2026 - 01:15 vuln.today

CVE Published

Apr 13, 2026 - 00:47 nvd

MEDIUM 6.2

DescriptionNVD

Deserialization of untrusted data vulnerability in Samsung Open Source Escarogt Java Script allows denial of service condition via process abort.

This issue affects escarogt prior to commit hash

97e8115ab1110bc502b4b5e4a0c689a71520d335

AnalysisAI

Deserialization of untrusted data in Samsung Open Source Escargot JavaScript engine prior to commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 allows local attackers without privileges to trigger a denial of service condition via process abort. The vulnerability exploits unsafe deserialization of Java objects, resulting in application termination rather than code execution. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory