NULL Pointer Dereference Vulnerability in Samsung Open Source Walrus
CVE-2026-47307

5.5MEDIUM

Key Information:

Vendor: Samsung Open Source
Status: Walrus
Vendor: CVE Published:; 19 May 2026

🔔 Create Samsung Open Source Vulnerability Alert

What is CVE-2026-47307?

A NULL pointer dereference vulnerability in Samsung's Open Source Walrus could be exploited by an attacker to induce a denial of service. This occurs through the manipulation of a specially crafted WebAssembly module containing deeply nested instructions, which can lead to unexpected application behavior. Users of affected versions of Walrus need to be aware of this risk and consider implementing security measures to mitigate potential attacks.

Affected Version(s)

Walrus f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9

References

https://github.com/Samsung/walrus/pull/409

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 19, 2026
Vulnerability Reserved
May 19, 2026

Credit

Sebastián Alba Vives

CVE-2026-47307 Data

JSON