Skip to main content

Samsung CVE-2026-25205

| EUVD-2026-21819 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-04-13 samsung.tv_appliance GHSA-vwvq-v5q8-rq3p
Buffer Overflow Heap Overflow Samsung
7.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

6
Re-analysis Queued
Apr 28, 2026 - 21:23 vuln.today
cvss_changed
CVSS changed
Apr 13, 2026 - 06:22 NVD
8.1 (HIGH) 7.4 (HIGH)
Analysis Generated
Apr 13, 2026 - 05:26 vuln.today
EUVD ID Assigned
Apr 13, 2026 - 05:15 euvd
EUVD-2026-21819
Analysis Generated
Apr 13, 2026 - 05:15 vuln.today
CVE Published
Apr 13, 2026 - 04:38 nvd
HIGH 7.4

DescriptionNVD

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335

.

AnalysisAI

Heap-based buffer overflow in Samsung Open Source Escargot JavaScript engine enables out-of-bounds memory writes with high integrity and availability impact through local attack vectors. Affects Escargot commit 97e8115ab1110bc502b4b5e4a0c689a71520d335. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all systems and applications using Samsung Escargot JavaScript engine, particularly those running commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 or earlier. Within 7 days: Contact Samsung for confirmed patched version availability and timeline; monitor Samsung security advisories for official release. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

More from same product – last 7 days

CVE-2026-8915 HIGH
8.8 May 28

Out-of-bounds write in Samsung's Escargot JavaScript engine allows attacker-supplied scripts to corrupt memory through t
CVE-2026-45956
May 27

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv->vidi_dev for ctx lookup
CVE-2026-45958
May 27

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: fix to avoid directly dereferenci

Share

CVE-2026-25205 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy