Samsung Open Source Escarogt JavaScript can crash due to bad data

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

6.2

Samsung Open Source Escarogt JavaScript can crash due to bad data

CVE-2026-25204

Summary

If an attacker sends malicious data to Samsung's Open Source Escarogt JavaScript, it can cause the program to crash, leading to a denial of service. This is a serious issue because it can disrupt normal functioning of the system. Affected users should update to the latest version of Escarogt to prevent this issue.

Original title

Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash ...

Original description

Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort.

This issue affects escarogt prior to commit hash

97e8115ab1110bc502b4b5e4a0c689a71520d335

nvd CVSS3.1 6.2

Vulnerability type

CWE-502 Deserialization of Untrusted Data

CWE-843 Type Confusion

https://github.com/Samsung/escargot/pull/1554

Published: 13 Apr 2026 · Updated: 13 Apr 2026 · First seen: 13 Apr 2026