Type Confusion Vulnerability in Samsung Open Source Escargot
CVE-2026-40446

6.9MEDIUM

Key Information:

Vendor: Samsung Open Source
Status: Escargot
Vendor: CVE Published:; 13 April 2026

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2026-40446?

A type confusion vulnerability in Samsung Open Source Escargot allows attackers to manipulate pointers, potentially leading to unauthorized access to resources. This vulnerability arises when a resource is accessed using an incompatible type, enabling exploitation of memory management flaws. The issue is present in Escargot version 97e8115ab1110bc502b4b5e4a0c689a71520d335, emphasizing the need for diligent security practices in software development and usage.

Affected Version(s)

Escargot 97e8115ab1110bc502b4b5e4a0c689a71520d335

References

https://github.com/Samsung/escargot/pull/1554

CVSS V3.1

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Apr 13, 2026

Credit

Sebastián Alba Vives / @Sebasteuo

CVE-2026-40446 Data

JSON