{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-40446", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "state": "PUBLISHED", "assignerShortName": "samsung.tv_appliance", "dateReserved": "2026-04-13T04:23:34.942Z", "datePublished": "2026-04-13T04:56:09.635Z", "dateUpdated": "2026-04-13T18:06:17.120Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-04-13T05:40:07.424Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-843", "description": "CWE-843 Access of resource using incompatible type ('type confusion')", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-129", "descriptions": [{"lang": "en", "value": "CAPEC-129 Pointer Manipulation"}]}], "affected": [{"vendor": "Samsung Open Source", "product": "Escargot", "versions": [{"status": "affected", "version": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.<p>This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.</p>"}]}], "references": [{"url": "https://github.com/Samsung/escargot/pull/1554"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H"}}], "credits": [{"lang": "en", "value": "Sebasti\u00e1n Alba Vives / @Sebasteuo", "type": "reporter"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40446", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:35:32.973519Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T18:06:17.120Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-40446", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-13T17:35:32.973519Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-13T17:57:43.606Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "value": "Sebasti\u00e1n Alba Vives / @Sebasteuo"}], "impacts": [{"capecId": "CAPEC-129", "descriptions": [{"lang": "en", "value": "CAPEC-129 Pointer Manipulation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.9, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Samsung Open Source", "product": "Escargot", "versions": [{"status": "affected", "version": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/Samsung/escargot/pull/1554"}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.", "supportingMedia": [{"type": "text/html", "value": "Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.<p>This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-843", "description": "CWE-843 Access of resource using incompatible type ('type confusion')"}]}], "providerMetadata": {"orgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "shortName": "samsung.tv_appliance", "dateUpdated": "2026-04-13T05:40:07.424Z"}}}, "cveMetadata": {"cveId": "CVE-2026-40446", "state": "PUBLISHED", "dateUpdated": "2026-04-13T18:06:17.120Z", "dateReserved": "2026-04-13T04:23:34.942Z", "assignerOrgId": "ca193ba2-0cff-4e34-b04e-1ea07103c6fe", "datePublished": "2026-04-13T04:56:09.635Z", "assignerShortName": "samsung.tv_appliance"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335."}], "id": "CVE-2026-40446", "lastModified": "2026-04-13T15:01:43.663", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.5, "source": "PSIRT@samsung.com", "type": "Secondary"}]}, "published": "2026-04-13T05:16:04.863", "references": [{"source": "PSIRT@samsung.com", "url": "https://github.com/Samsung/escargot/pull/1554"}], "sourceIdentifier": "PSIRT@samsung.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-843"}], "source": "PSIRT@samsung.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "97e8115ab1110bc502b4b5e4a0c689a71520d335"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Escargot", "source": "cna", "vendor": "Samsung Open Source"}, "product": "escargot", "vendor": "samsung_open_source"}], "analysis": {"en": {"generated_at": "2026-04-13T07:24:32.589487+00:00", "value": {"mitigation_remediation": ["Upgrade Samsung Escargot to the latest commit that includes the security fix, such as the version after 97e8115ab1110bc502b4b5e4a0c689a71520d335.", "If an immediate upgrade is not feasible, isolate the Escargot runtime from untrusted input and enforce strict sandboxing.", "Monitor Samsung's GitHub repository or vendor announcements for patch releases and apply them promptly."], "summary": {"action": "Apply Patch", "impact": "Arbitrary pointer manipulation"}, "threat_synthesis": {"affected_systems": "The affected product is Samsung Open Source Escargot, a JavaScript engine used in Samsung devices and applications. The flaw was present in the code base at commit 97e8115ab1110bc502b4b5e4a0c689a71520d335 and later fixed by the merged pull request noted in the official reference.", "description_and_impact": "Escargot contains a type confusion flaw that allows the creation of pointers when an object of an incompatible type is accessed. This vulnerability (CWE\u2011843) provides the attacker with the ability to manipulate memory addresses arbitrarily. If successfully exploited, it could lead to memory corruption, arbitrary code execution, or privilege escalation within the process that runs Escargot.", "risk_and_exploitability": "The CVSS score of 6.9 indicates a medium\u2011severity vulnerability. Exploitation likely requires execution of untrusted JavaScript within Escargot, suggesting a local or remote code execution vector through scripting or loading of malicious scripts. No EPSS data or KEV listing is available, so the current attack likelihood cannot be precisely quantified, but the vulnerability could be leveraged by attackers with access to code execution environments that depend on Escargot."}}}}, "created": "2026-04-13T12:37:16.196619+00:00", "title": "Arbitrary Pointer Manipulation via Type Confusion in Escargot", "updated": "2026-04-13T12:53:03.583871+00:00", "vendors": ["samsung_open_source", "samsung_open_source$PRODUCT$escargot"]}