EUVD-2026-32679
GHSA-h78v-r6mm-5vwf
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.
This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.
AnalysisAI
Out-of-bounds write in Samsung's Escargot JavaScript engine allows attacker-supplied scripts to corrupt memory through the ArrayBuffer.prototype.transfer() built-in, with high confidentiality, integrity, and availability impact (CVSS 8.8). The flaw stems from a missing length-bounds check when transferring an ArrayBuffer to a new byte length, enabling writes past the allocated buffer that can lead to remote code execution if a victim runs the malicious script. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all Samsung devices running Escargot across corporate infrastructure (smart TVs, IoT devices, set-top boxes, signage systems). Within 7 days: Contact Samsung for confirmed patch timeline and security advisories; implement content validation and code signing controls where feasible. …
Sign in for detailed remediation steps.
More from same product – last 7 days
Share
External POC / Exploit Code
Leaving vuln.today