These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
## Summary CVE-2026-47317 documents an Uncontrolled Recursion vulnerability in Samsung Open Source Escargot, a JavaScript engine, that can lead to Excessive Allocation. The vulnerability affects Escargot commit 590345cc6258317c5da850d846ce6baaf2afc2d3. The issue was published on 2026-05-19 and is currently undergoing analysis by NVD. A fix has been proposed via pull request.
CVE-2026-47316 is a medium-severity vulnerability (CVSS 5.5) in Samsung's open-source JavaScript engine, Escargot. The flaw stems from improper handling of exceptional conditions (CWE-703), enabling input data manipulation. The vulnerability affects Escargot at commit 590345cc6258317c5da850d846ce6baaf2afc2d3. Published on 2026-05-19, this issue is currently undergoing analysis in the NVD. A pull request a [truncated]
CVE-2026-47315 is a medium-severity vulnerability (CVSS 5.5) in Samsung Open Source Escargot, a JavaScript engine. The flaw involves an improper check for unusual or exceptional conditions (CWE-754), allowing input data manipulation. The vulnerability affects Escargot version 590345cc6258317c5da850d846ce6baaf2afc2d3. The CVE was published on 2026-05-19 and is currently undergoing analysis per NVD status. [truncated]
CVE-2026-47314 is a high-severity out-of-bounds write vulnerability in Samsung Open Source Escargot, a JavaScript engine. The vulnerability allows for buffer overflow conditions and affects Escargot at commit 590345cc6258317c5da850d846ce6baaf2afc2d3. The issue was published on 2026-05-19 and is currently undergoing analysis by NVD. A pull request has been submitted to address the vulnerability.
A memory allocation vulnerability in Samsung's Escargot JavaScript engine allows excessive allocation, potentially causing denial of service through local attack vectors. The vulnerability affects commit 590345cc6258317c5da850d846ce6baaf2afc2d3 of the Escargot project. Samsung's PSIRT has identified this as CWE-789 (Memory Allocation with Excessive Size Value). A fix has been proposed via pull request. Th [truncated]
A use-after-free vulnerability in Samsung's Escargot JavaScript engine allows local attackers to cause denial of service through buffer manipulation. The issue affects a specific commit (590345cc6258317c5da850d846ce6baaf2afc2d3) of the open-source project. A fix has been proposed via pull request.
A heap-based buffer overflow vulnerability exists in Samsung Open Source Escargot, a JavaScript engine. The vulnerability affects commit 590345cc6258317c5da850d846ce6baaf2afc2d3 and is classified as CWE-122 (Heap-based Buffer Overflow). The CVSS 3.1 vector indicates a local attack vector requiring user interaction, with high impacts to confidentiality, integrity, and availability. Samsung's PSIRT has iden [truncated]
A use-after-free vulnerability in Samsung's Escargot JavaScript engine allows pointer manipulation, potentially enabling arbitrary code execution. The vulnerability affects commit 590345cc6258317c5da850d846ce6baaf2afc2d3. A fix has been proposed via pull request.
CVE-2026-47309 documents an uncontrolled recursion vulnerability in Samsung's Escargot JavaScript engine, specifically affecting commit 590345cc6258317c5da850d846ce6baaf2afc2d3. The flaw enables oversized serialized data payloads to trigger excessive recursion, resulting in denial of service through stack exhaustion. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) indicates a local attack vector [truncated]
A NULL pointer dereference vulnerability exists in Samsung Open Source Walrus, a WebAssembly runtime engine. The flaw, present in commit f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9, allows for pointer manipulation that could lead to denial of service conditions. The vulnerability requires local access with user interaction, as indicated by the CVSS vector (AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H). Samsung's PSIR [truncated]
A NULL pointer dereference vulnerability exists in Samsung Open Source Walrus, a WebAssembly runtime. The flaw can be triggered by a crafted WebAssembly module containing deeply nested instructions, resulting in denial of service. The vulnerability affects Walrus commit f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9. A fix has been proposed via pull request.