CVE-2026-40446

EUVD-2026-21850 MEDIUM

2026-04-13 samsung.tv_appliance

GHSA-jphw-6w8r-xh4r

6.9

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

Lifecycle Timeline

CVSS Changed

Apr 13, 2026 - 06:22 NVD

6.5 (MEDIUM) 6.9 (MEDIUM)

Analysis Generated

Apr 13, 2026 - 05:28 vuln.today

Description

Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

Analysis

Type confusion vulnerability in Samsung Open Source Escargot JavaScript engine allows local attackers with user interaction to manipulate pointers and achieve memory corruption, enabling information disclosure and privilege escalation through heap spray and type-confusion exploitation techniques. CVSS score is 6.5; no public exploit code or CISA KEV status confirmed at time of analysis.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +34

POC: 0

CVE-2026-40446 vulnerability details – vuln.today

Back

CVE-2026-40446

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Analysis

Full analysis requires sign-in

Priority Score

Share

CVE-2026-40446

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Full analysis requires sign-in

Priority Score

Share

External POC / Exploit Code