CVE-2026-40446
6.9 MEDIUMAccess of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.T...
Published: 2026-04-13 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 6.9 MEDIUM
- Vector
- CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H
- CWE
- CWE-843
Affected products
| Vendor | Product |
|---|---|
| samsung | escargot |
Description
Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-21033 — Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local ... (7.1 HIGH)
- CVE-2026-21032 — Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local at... (7.1 HIGH)
- CVE-2026-21031 — Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity (7.8 HIGH)
- CVE-2026-21030 — Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions (7.8 HIGH)
- CVE-2026-21029 — Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to exec... (7.8 HIGH)
Same CWE
- CVE-2026-12299 — JIT miscompilation in the DOM: Core & HTML component (5.4 MEDIUM)
- CVE-2026-8358 — LibreOffice Calc can import tracked changes from a spreadsheet document
- CVE-2026-6047 — LibreOffice can import documents in the OOXML format (DOCX)
- CVE-2026-45641 — Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally (8.4 HIGH)
- CVE-2026-45635 — Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network (8.1 HIGH)