CVE-2026-25205 PUBLISHED

Assigner: samsung.tv_appliance
Reserved: 30.01.2026 Published: 13.04.2026 Updated: 13.04.2026

Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 7.4

Attack Vector	Local	Scope	Unchanged
Attack Complexity	High	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Samsung Open Source
Product	Escargot
Versions	Default: unaffected Version 97e8115ab1110bc502b4b5e4a0c689a71520d335 is affected

Credits

Sebastián Alba Vives / @Sebasteuo reporter

References

https://github.com/Samsung/escargot/pull/1554

Problem Types

CWE-122 Heap-based buffer overflow CWE

Impacts

CAPEC-100 Overflow Buffers