CVE-2026-25209EXPLOITED

samsung · open source escargot

CVE-2026-25209: Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escarg

Description

Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

Affected Products

Vendor	Product	Versions
samsung	open source escargot	97e8115ab1110bc502b4b5e4a0c689a71520d335

References

https://github.com/Samsung/escargot/pull/1554

Related News (1 articles)

Tier C

VulDB7d ago

CVE-2026-25209 | Samsung Escargot 97e8115ab1110bc502b4b5e4a0c689a71520d335 out-of-bounds

→ No new info (linked only)

CVSS 3.16.5 MEDIUM

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-125

PublishedApr 13, 2026

Last enriched7d agov2

Trending Score13

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-25208EXP

CVE-2026-25208: Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8

Trending: 17

CRITICALCVE-2025-52908

CVE-2025-52908: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 13

Trending: 11

CRITICALCVE-2025-52909

CVE-2025-52909: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 13

Trending: 11

CRITICALCVE-2025-54602EXP

CVE-2025-54602: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 12

Trending: 10

CRITICALCVE-2025-62818EXP

CVE-2025-62818: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 128

Trending: 10

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 13, 2026

Discovered by ZDM

Apr 13, 2026

Updated: severity, activelyExploited

Apr 13, 2026

Actively Exploited

Apr 13, 2026

Version History

Last enriched 7d ago

v2Tier C7d ago

Updated severity to CRITICAL and noted that there is no exploit available.

severityactivelyExploited

via VulDB

v17d ago

Initial creation