Heap-Based Buffer Overflow in Samsung Open Source Escargot
CVE-2026-25205

7.4HIGH

Key Information:

Vendor: Samsung Open Source
Status: Escargot
Vendor: CVE Published:; 13 April 2026

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2026-25205?

A heap-based buffer overflow vulnerability exists in Samsung's Open Source Escargot, which allows an out-of-bounds write. This flaw can potentially enable an attacker to execute arbitrary code or cause undefined behavior, putting systems at risk. Immediate action is recommended to mitigate potential threats.

Affected Version(s)

Escargot 97e8115ab1110bc502b4b5e4a0c689a71520d335

References

https://github.com/Samsung/escargot/pull/1554

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Jan 30, 2026

Credit

Sebastián Alba Vives / @Sebasteuo

CVE-2026-25205 Data

JSON