CVE-2026-47309
Uncontrolled Recursion in Samsung Open Source Escargot
Publication date: 2026-05-19
Last updated on: 2026-05-19
Assigner: Samsung TV & Appliance
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | escargot | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-674 | The product does not properly control the amount of recursion that takes place, consuming excessive resources, such as allocated memory or the program stack. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is an Uncontrolled Recursion issue in Samsung Open Source Escargot that allows oversized serialized data payloads. This means that the software does not properly control recursive calls when processing serialized data, which can lead to problems such as crashes.
How can this vulnerability impact me? :
This vulnerability can cause denial of service by crashing the affected software. Since the vulnerability allows oversized serialized data payloads to trigger uncontrolled recursion, it can lead to application instability or unavailability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the Uncontrolled Recursion vulnerability in Samsung Open Source Escargot, you should update Escargot to the fixed version that addresses the crash issues caused by oversized serialized data payloads.
Refer to the official Samsung Escargot repository pull request #1565 which contains the fix for this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any impact of the vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.