What is the CVSS score of CVE-2026-40446?

CVE-2026-40446 has a CVSS 3.1 base score of 6.9 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H. EPSS exploitation probability: 0.0%.

Samsung CVE-2026-40446

EUVD-2026-21850 MEDIUM

Access of Resource Using Incompatible Type (Type Confusion) (CWE-843)

2026-04-13 samsung.tv_appliance

GHSA-jphw-6w8r-xh4r

Information Disclosure Memory Corruption Samsung

6.9

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

High

Lifecycle Timeline

CVSS changed

Apr 13, 2026 - 06:22 NVD

6.5 (MEDIUM) 6.9 (MEDIUM)

Analysis Generated

Apr 13, 2026 - 05:28 vuln.today

EUVD ID Assigned

Apr 13, 2026 - 05:15 euvd

EUVD-2026-21850

Analysis Generated

Apr 13, 2026 - 05:15 vuln.today

CVE Published

Apr 13, 2026 - 04:56 nvd

MEDIUM 6.9

DescriptionNVD

Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

AnalysisAI

Type confusion vulnerability in Samsung Open Source Escargot JavaScript engine allows local attackers with user interaction to manipulate pointers and achieve memory corruption, enabling information disclosure and privilege escalation through heap spray and type-confusion exploitation techniques. CVSS score is 6.5; no public exploit code or CISA KEV status confirmed at time of analysis.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory