CVE-2026-25204

MEDIUM 6.2

CVSS Score

6.2

EPSS Score

0.0%

EPSS Percentile

2th

Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335

CWE	CWE-502 CWE-843
Vendor	samsung open source
Product	escargot
Published	Apr 13, 2026
Last Updated	Apr 14, 2026

Stay Ahead of the Next One

Get instant alerts for samsung open source escargot

Be the first to know when new medium vulnerabilities affecting samsung open source escargot are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected Versions

Samsung Open Source / Escargot

97e8115ab1110bc502b4b5e4a0c689a71520d335

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/Samsung/escargot/pull/1554

Credits

LeeJaeWook