CVE-2026-14160
MediumCVSS 5.9Exploitation Probability (EPSS)
Low risk1th percentile — higher than 1% of all known CVEs
Summary
A Time-of-check time-of-use (TOCTOU) race condition vulnerability has been discovered in Samsung Open Source Escargot. This flaw allows leveraging race conditions to compromise data integrity.
Risk Assessment
An attacker can exploit the time window between resource check and use, potentially leading to unauthorized access or data modification in systems using Escargot.
Recommendation
Immediately update the Escargot library to a patched version or apply a workaround by synchronizing access to shared resources.
Original NVD description (English source)
Time-of-check time-of-use (TOCTOU) race condition vulnerability in Samsung Open Source Escargot allows Leveraging Race Conditions. This issue affects Escargot: bab3a5797557014ce3c2e28419a6310cfba90d0d.

