CVE-2026-21007
- EPSS 0.16%
- Veröffentlicht 13.04.2026 05:04:27
- Zuletzt bearbeitet 13.04.2026 18:38:21
Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard.
CVE-2026-21006
- EPSS 0.13%
- Veröffentlicht 13.04.2026 05:04:23
- Zuletzt bearbeitet 13.04.2026 18:38:14
Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents.
CVE-2026-21003
- EPSS 0.16%
- Veröffentlicht 13.04.2026 04:57:14
- Zuletzt bearbeitet 16.04.2026 17:25:45
Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions.
CVE-2026-20992
- EPSS 0.08%
- Veröffentlicht 16.03.2026 04:31:59
- Zuletzt bearbeitet 20.03.2026 13:37:26
Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application.
CVE-2026-20991
- EPSS 0.12%
- Veröffentlicht 16.03.2026 04:31:57
- Zuletzt bearbeitet 20.03.2026 13:46:34
Improper privilege management in ThemeManager prior to SMR Mar-2026 Release 1 allows local privileged attackers to reuse trial contents.
CVE-2026-20990
- EPSS 0.16%
- Veröffentlicht 16.03.2026 04:31:56
- Zuletzt bearbeitet 20.03.2026 13:48:21
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
CVE-2026-20989
- EPSS 0.11%
- Veröffentlicht 16.03.2026 04:31:55
- Zuletzt bearbeitet 20.03.2026 13:53:30
Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.
- EPSS 0.08%
- Veröffentlicht 16.03.2026 04:31:53
- Zuletzt bearbeitet 20.03.2026 14:29:28
Improper verification of intent by broadcast receiver in Settings prior to SMR Mar-2026 Release 1 allows local attacker to launch arbitrary activity with Settings privilege. User interaction is required for triggering this vulnerability.
CVE-2026-20983
- EPSS 0.13%
- Veröffentlicht 04.02.2026 06:14:45
- Zuletzt bearbeitet 05.02.2026 21:21:13
Improper export of android application components in Samsung Dialer prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Samsung Dialer privilege.
- EPSS 0.3%
- Veröffentlicht 04.02.2026 06:14:44
- Zuletzt bearbeitet 05.02.2026 21:20:12
Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allows privileged local attacker to create file with system privilege.