{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25205", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "state": "PUBLISHED", "assignerShortName": "samsung.tv_appliance", "dateReserved": "2026-01-30T06:07:11.090Z", "datePublished": "2026-04-13T04:38:12.099Z", "dateUpdated": "2026-04-13T13:17:22.969Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-04-13T05:40:23.465Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-122", "description": "CWE-122 Heap-based buffer overflow", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "affected": [{"vendor": "Samsung Open Source", "product": "Escargot", "versions": [{"status": "affected", "version": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash\u00a0\n97e8115ab1110bc502b4b5e4a0c689a71520d335\n\n.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.<p>This issue affects Escargot:commit hash&nbsp;\n<span>97e8115ab1110bc502b4b5e4a0c689a71520d335</span>\n\n.</p>"}]}], "references": [{"url": "https://github.com/Samsung/escargot/pull/1554"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Sebasti\u00e1n Alba Vives / @Sebasteuo", "type": "reporter"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-13T13:17:12.937454Z", "id": "CVE-2026-25205", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T13:17:22.969Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25205", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-13T13:17:12.937454Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T13:17:16.953Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "Sebasti\u00e1n Alba Vives / @Sebasteuo"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Samsung Open Source", "product": "Escargot", "versions": [{"status": "affected", "version": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/Samsung/escargot/pull/1554"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash\u00a0\n97e8115ab1110bc502b4b5e4a0c689a71520d335\n\n.", "supportingMedia": [{"type": "text/html", "value": "Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.<p>This issue affects Escargot:commit hash&nbsp;\n<span>97e8115ab1110bc502b4b5e4a0c689a71520d335</span>\n\n.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based buffer overflow"}]}], "providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-04-13T05:40:23.465Z"}}}, "cveMetadata": {"cveId": "CVE-2026-25205", "state": "PUBLISHED", "dateUpdated": "2026-04-13T13:17:22.969Z", "dateReserved": "2026-01-30T06:07:11.090Z", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "datePublished": "2026-04-13T04:38:12.099Z", "assignerShortName": "samsung.tv_appliance"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:samsung:escargot:2026-03-26:*:*:*:*:*:*:*", "matchCriteriaId": "E56434D9-B453-4690-8092-5F07D266E58D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash\u00a0\n97e8115ab1110bc502b4b5e4a0c689a71520d335\n\n."}], "id": "CVE-2026-25205", "lastModified": "2026-04-28T21:09:30.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "PSIRT@samsung.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-04-13T05:16:02.407", "references": [{"source": "PSIRT@samsung.com", "tags": ["Issue Tracking"], "url": "https://github.com/Samsung/escargot/pull/1554"}], "sourceIdentifier": "PSIRT@samsung.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "PSIRT@samsung.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Escargot", "source": "cna", "vendor": "Samsung Open Source"}, "product": "escargot", "vendor": "samsung_open_source"}], "analysis": {"en": {"generated_at": "2026-04-13T07:25:26.771486+00:00", "value": {"mitigation_remediation": ["Apply the patch included in GitHub pull request 1554 that addresses the out\u2011of\u2011bounds write in Escargot", "Upgrade Escargot to a version that excludes commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 or later", "If a patch is not immediately available, restrict the execution of untrusted scripts or disable features that trigger the vulnerable code path", "Monitor system logs for signs of buffer overflow attempts or abnormal memory usage patterns"], "summary": {"action": "Patch ASAP", "impact": "Potential code execution due to heap overflow"}, "threat_synthesis": {"affected_systems": "The issue impacts the Escargot JavaScript engine provided by Samsung Open Source. Vulnerable versions include the code snapshot identified by the commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335, as referenced in the GitHub pull request. Administrators should verify whether their deployment uses this commit or an earlier, unpatched state.", "description_and_impact": "A heap\u2011based buffer overflow in Samsung Open Source Escargot permits an out\u2011of\u2011bounds write that could lead to arbitrary code execution or a denial of service. This vulnerability stems from improper bounds checking when handling input data in the engine, allowing malicious content to corrupt memory and potentially overwrite executable code or pointers. The official CWE identifier for this weakness is CWE\u2011122, which describes heap buffer overflows that may compromise software integrity and availability.", "risk_and_exploitability": "The CVSS score of 7.4 reflects a high severity risk, while the EPSS score is not available and the vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that the attacker would need to supply crafted input to the affected component, most likely via local interaction or possibly through remote input if the engine processes externally sourced scripts. The lack of an EPSS score provides limited insight into the real\u2011world exploitation probability, but the high CVSS indicates a significant potential impact if exploited."}}}}, "created": "2026-04-13T12:37:22.303237+00:00", "title": "Escargot Heap Buffer Overflow Allowing Out\u2011of\u2011Bounds Write", "updated": "2026-04-13T12:53:09.974153+00:00", "vendors": ["samsung_open_source", "samsung_open_source$PRODUCT$escargot"]}