CVE-2026-25209EXPLOITED

samsung · open source escargot

CVE-2026-25209: Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escarg

Description

Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

Affected Products

Vendor	Product	Versions
samsung	open source escargot	97e8115ab1110bc502b4b5e4a0c689a71520d335

References

https://github.com/Samsung/escargot/pull/1554

Related News (1 articles)

Tier C

VulDB1d ago

CVE-2026-25209 | Samsung Escargot 97e8115ab1110bc502b4b5e4a0c689a71520d335 out-of-bounds

→ No new info (linked only)

CVSS 3.16.5 MEDIUM

VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-125

PublishedApr 13, 2026

Last enriched1d agov2

Trending Score34

Source articles1

Independent1

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-25208EXP

CVE-2026-25208: Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8

Trending: 42

CRITICALCVE-2025-62818EXP

CVE-2025-62818: An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 128

Trending: 21

CRITICALCVE-2025-54602EXP

CVE-2025-54602: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 12

Trending: 21

PRE-CVE

Multiple vulnerabilities in Samsung mobile devices prior to SMR-APR-2026 Release 1

Trending: 20

CRITICALCVE-2025-52909

CVE-2025-52909: An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 13

Trending: 18

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Apr 13, 2026

Discovered by ZDM

Apr 13, 2026

Updated: severity, activelyExploited

Apr 13, 2026

Actively Exploited

Apr 13, 2026

Version History

Last enriched 1d ago

v2Tier C1d ago

Updated severity to CRITICAL and noted that there is no exploit available.

severityactivelyExploited

via VulDB

v11d ago

Initial creation