Samsung
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Samsung product.
RSS Feeds for Samsung security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Samsung products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Samsung Sorted by Most Security Vulnerabilities since 2018
Recent Samsung Security Advisories
| Advisory | Title | Published |
|---|---|---|
| SMR-Jul-2026 | Samsung Mobile Security Maintenance Release SMR-Jul-2026 | July 7, 2026 |
| SMR-Jun-2026 | Samsung Mobile Security Maintenance Release SMR-Jun-2026 | June 2, 2026 |
| SMR-May-2026 | Samsung Mobile Security Maintenance Release SMR-May-2026 | May 6, 2026 |
| SMR-Apr-2026 | Samsung Mobile Security Maintenance Release SMR-Apr-2026 | April 7, 2026 |
| SMR-Mar-2026 | Samsung Mobile Security Maintenance Release SMR-Mar-2026 | March 3, 2026 |
| SMR-Feb-2026 | Samsung Mobile Security Maintenance Release SMR-Feb-2026 | February 3, 2026 |
| SMR-Jan-2026 | Samsung Mobile Security Maintenance Release SMR-Jan-2026 | January 6, 2026 |
| SMR-Dec-2025 | Samsung Mobile Security Maintenance Release SMR-Dec-2025 | December 2, 2025 |
| SMR-Nov-2025 | Samsung Mobile Security Maintenance Release SMR-Nov-2025 | November 11, 2025 |
Known Exploited Samsung Vulnerabilities
The following Samsung vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Samsung MagicINFO 9 Server Path Traversal Vulnerability |
Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority. CVE-2024-7399 Exploit Probability: 91.9% |
April 24, 2026 |
| Samsung Mobile Devices Out-of-Bounds Write Vulnerability |
Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code. CVE-2025-21042 Exploit Probability: 11.6% |
November 10, 2025 |
| Samsung Mobile Devices Out-of-Bounds Write Vulnerability |
Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code. CVE-2025-21043 Exploit Probability: 1.4% |
October 2, 2025 |
| Samsung MagicINFO 9 Server Path Traversal Vulnerability |
Samsung MagicINFO 9 Server contains a path traversal vulnerability that allows an attacker to write arbitrary file as system authority. CVE-2025-4632 Exploit Probability: 24.0% |
May 22, 2025 |
| Samsung Mobile Devices Use-After-Free Vulnerability |
Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution. CVE-2022-22265 Exploit Probability: 0.4% |
September 18, 2023 |
| Samsung Mobile Devices Out-of-Bounds Read Vulnerability |
Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. CVE-2021-25487 Exploit Probability: 0.6% |
June 29, 2023 |
| Samsung Mobile Devices Improper Input Validation Vulnerability |
Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic. CVE-2021-25489 Exploit Probability: 0.5% |
June 29, 2023 |
| Samsung Mobile Devices Race Condition Vulnerability |
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. CVE-2021-25394 Exploit Probability: 0.4% |
June 29, 2023 |
| Samsung Mobile Devices Race Condition Vulnerability |
Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised. CVE-2021-25395 Exploit Probability: 0.4% |
June 29, 2023 |
| Samsung Mobile Devices Unspecified Vulnerability |
Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP. CVE-2021-25371 Exploit Probability: 0.8% |
June 29, 2023 |
| Samsung Mobile Devices Improper Boundary Check Vulnerability |
Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access. CVE-2021-25372 Exploit Probability: 0.8% |
June 29, 2023 |
| Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability |
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass. CVE-2023-21492 Exploit Probability: 2.6% |
May 19, 2023 |
| Samsung Mobile Devices Improper Access Control Vulnerability |
Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370. CVE-2021-25337 Exploit Probability: 2.8% |
November 8, 2022 |
| Samsung Mobile Devices Improper Access Control Vulnerability |
Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370. CVE-2021-25369 Exploit Probability: 1.1% |
November 8, 2022 |
| Samsung Mobile Devices Memory Corruption Vulnerability |
Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369. CVE-2021-25370 Exploit Probability: 0.9% |
November 8, 2022 |
The vulnerability CVE-2024-7399: Samsung MagicINFO 9 Server Path Traversal Vulnerability is in the top 1% of the currently known exploitable vulnerabilities. 2 known exploited Samsung vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.
By the Year
In 2026 there have been 101 vulnerabilities in Samsung with an average score of 7.3 out of ten. Last year, in 2025 Samsung had 191 security vulnerabilities published. Right now, Samsung is on track to have less security vulnerabilities in 2026 than it did last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.98.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 101 | 7.27 |
| 2025 | 191 | 6.29 |
| 2024 | 230 | 5.95 |
| 2023 | 236 | 6.33 |
| 2022 | 147 | 5.66 |
| 2021 | 73 | 5.73 |
| 2020 | 10 | 8.10 |
| 2019 | 7 | 7.00 |
| 2018 | 20 | 7.71 |
It may take a day or so for new Samsung vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Samsung Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-21057 | Jul 10, 2026 |
Samsung Pass <5.2.10.3 Improper Input Validation Enables Local OOB WriteImproper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory. |
|
| CVE-2026-21056 | Jul 10, 2026 |
Samsung Health 7.00.0.106 Improper Auth: Local Access to Connected Device InfoImproper authorization in Samsung Health prior to version 7.00.0.107 allows local attackers to access connected device information. |
|
| CVE-2026-21055 | Jul 10, 2026 |
Samsung Bixby <4.0.70.8 Improper exported component leads to local command execImproper export of android application components in Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege. |
|
| CVE-2026-21054 | Jul 10, 2026 |
InputSharing Improper Component Export (Android) <2.7.01.4 Local ExploitImproper export of android application components in InputSharing prior to version 2.7.01.4 allows local attackers to access sharing data. |
|
| CVE-2026-21053 | Jul 10, 2026 |
Samsung Email <6.2.13.1 Improper Input Validation Allows Local File CreationImproper input validation in Samsung Email prior to version 6.2.13.1 allows local attackers to create arbitrary files within the application sandbox. |
|
| CVE-2026-21052 | Jul 10, 2026 |
CVE-2026-21052: Path Traversal in SemClipboardService (Samsung Mobile)Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system privilege. |
|
| CVE-2026-21051 | Jul 10, 2026 |
Samsung Mobile WLAN Local Priv Escalation via TencentWifiSecurity MisconfigIncorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings. |
|
| CVE-2026-21050 | Jul 10, 2026 |
Improper Access Control in SmartThingsKit - Local Attacker AccessImproper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21049 | Jul 10, 2026 |
Samsung Mobile libpadm.so OOB Write Enables Local Code ExecOut-of-bounds write in libpadm.so library prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code. |
|
| CVE-2026-21048 | Jul 10, 2026 |
Samsung Android DNG OOB Write in libimagecodec.media.quram.soOut-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory. |
|
| CVE-2026-21046 | Jul 10, 2026 |
TOCTOU Race in Samsung FabricKeymaster Trustlet Enables Local Privileged Code ExecTime-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Release 1 allows local privileged attackers to execute arbitrary code. |
|
| CVE-2026-21045 | Jul 10, 2026 |
Samsung libimagecodec.media.quram OOB write in TIFF parserOut-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-2026 Release 1 allows remote attackers to write out-of-bounds memory. |
|
| CVE-2026-21044 | Jul 10, 2026 |
Local Persistence Bypass via Improper Auth in KnoxGuardManagerImproper authorization in KnoxGuardManager prior to SMR Jul-2026 Release 1 allows local attackers to bypass the persistence configuration of the application. |
|
| CVE-2026-21043 | Jul 10, 2026 |
Path Traversal in Samsung Android Wallpaper Service Exposes System FilesPath traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged attackers to access files with system server privilege. |
|
| CVE-2026-21042 | Jul 10, 2026 |
Samsung Android libsavsac.so OOB Write RCE VulnerabilityOut-of-bounds write in libsavsac.so prior to SMR Jul-2026 Release 1 allows local attackers to execute arbitrary code. |
|
| CVE-2026-21041 | Jul 10, 2026 |
Improper Access Control in Samsung SE Agent ServiceImproper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21040 | Jul 10, 2026 |
Improper Access Control in IAFDService Allows Local Privileged UseImproper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged attackers to use the privileged APIs. |
|
| CVE-2026-21039 | Jul 10, 2026 |
Samsung Mobile Settings Improper ACL in Theft-Protection ConfigImproper access control in Settings prior to SMR Jul-2026 Release 1 allows local attackers to configure Theft protection settings. |
|
| CVE-2026-21038 | Jun 05, 2026 |
Samsung Android USB Driver for Windows 1.9.5.0 Improper Validation OOB MemoryImproper input validation in Samsung Android USB Driver for Windows prior to version 1.9.5.0 allows local attacker to access out-of-bounds memory. |
|
| CVE-2026-21037 | Jun 05, 2026 |
Android: Samsung Members <5.8.01.5 IA Arbitrary Activity (CVE-2026-21037)Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege. |
|
| CVE-2026-21036 | Jun 05, 2026 |
Improper Auth in Samsung Internet <30.0.0.39 Local Public Data LeakImproper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to access sensitive information. |
|
| CVE-2026-21035 | Jun 05, 2026 |
Samsung Plus TV Improper Input Validation (before 1.0.28.6)Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information. |
|
| CVE-2026-21034 | Jun 05, 2026 |
Samsung Auto - Improper Export of Android Components (v3.1.2.61, v3.2.0.38)Improper export of android application components in Samsung Auto prior to version 3.1.2.61 in Android 15 and 3.2.0.38 in Android 16 allows local attacker to change audio configuration. |
|
| CVE-2026-21033 | Jun 05, 2026 |
Exposed ExpressHomeWidgetReceiver Enables Local Exec in Samsung Assistant <9.3.14Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. |
|
| CVE-2026-21032 | Jun 05, 2026 |
SHWR Android comp exp flaw Samsung Assistant <9.3.14Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script. |
|
| CVE-2026-21031 | Jun 05, 2026 |
AppBlock Improper Authorization for Local Arbitrary ActivityImproper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability. |
|
| CVE-2026-21030 | Jun 05, 2026 |
MediaTek Audio HAL Access Control Bypass (CVE-2026-21030)Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions. |
|
| CVE-2026-21029 | Jun 05, 2026 |
Android Galaxy Editing Service Misexport Enables Local Privilege EscalationImproper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. |
|
| CVE-2026-21028 | Jun 05, 2026 |
Improper ACL in Samsung Android AuditLogService Allows Local Info LeakImproper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21027 | Jun 05, 2026 |
Android ImsSettings Improper Export Enables Local Logging ExploitImproper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function. |
|
| CVE-2026-21026 | Jun 05, 2026 |
SpriteWallpaper Android App Improper Exposed Components Allow Local Info AccessImproper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information. |
|
| CVE-2026-21025 | Jun 05, 2026 |
Samsung Telephony PRIVILEGE Escalation via incorrect permission assignmentIncorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21017 | Jun 05, 2026 |
Android: SecTelephonyProvider Privilege Escalation via Improper Access ControlsImproper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files. |
|
| CVE-2026-8916 | Jun 04, 2026 |
Out-of-bounds Write/OOB Buffer Overflow in Samsung rlottie (CVE-2026-8916)Out-of-bounds write vulnerability in Samsung Open Source rlottie allows Overflow Buffers. This issue affects rlottie: before dcfde72eae1b0464dc0dd760aec00ada6a148635. |
|
| CVE-2026-49510 | Jun 04, 2026 |
Samsung rlottie Integer Overflow Vulnerability CVE-2026-49510Integer overflow or wraparound vulnerability in Samsung Open Source rlottie allows Integer Attacks. This issue affects rlottie: before 21292665023e5074b38254432716866d00f1985f. |
|
| CVE-2026-10305 | Jun 04, 2026 |
OOB Read in Samsung rlottie (Open Source)Out-of-bounds read vulnerability in Samsung Open Source rlottie allows Overread Buffers. This issue affects rlottie: before 223a2a41ba4f462e4abe767bebba49a366c9b9fd. |
|
| CVE-2026-21024 | May 13, 2026 |
Samsung System Support Service <8.0.8.0 LPE via Improper Priv MgtImproper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions. |
|
| CVE-2026-21022 | May 13, 2026 |
Samsung Routines Improper Insufficient Permissions Local Info DisclosureImproper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21021 | May 13, 2026 |
Samsung Mobile Routines Improper Input Validation Enables Priv EscalationImproper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity. |
|
| CVE-2026-21020 | May 13, 2026 |
Android OmaCP Improper Export Enables Local Privilege EscalationImproper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions. |
|
| CVE-2026-21019 | May 13, 2026 |
Galaxy Watch: Input Validation Flaw in FacAtFunction Enables Arbitrary CodeImproper input validation in FacAtFunction in Galaxy Watch prior to SMR May-2026 Release 1 allows local attacker to execute arbitrary code with system privilege. |
|
| CVE-2026-21018 | May 13, 2026 |
OOB write in SveService permits local privileged exec (Samsung)Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code. |
|
| CVE-2026-21016 | May 13, 2026 |
Android LocationManager Privilege Escalation via Incorrect AssignmentIncorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information. |
|
| CVE-2026-21015 | May 13, 2026 |
FactoryCamera default permission flaw exposes unique IDIncorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier. |
|
| CVE-2026-21023 | Apr 29, 2026 |
Android PackageManagerService Data Auth Verification FlawInsufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application. |
|
| CVE-2026-21010 | Apr 13, 2026 |
Samsung Mobile Retail Mode Improper Input Validation for Privileged EscalationImproper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions. |
|
| CVE-2026-21008 | Apr 13, 2026 |
Samsung S Share Sensitive Info Leak via Adjacent AttackExposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information. |
|
| CVE-2026-21014 | Apr 13, 2026 |
Samsung Camera <16.5.00.28 Improper Access Control Exposes Location DataImproper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability. |
|
| CVE-2026-21013 | Apr 13, 2026 |
Galaxy Wearable <=2.2.68.26 Local Perm Leak via Default Perm (CVE202621013)Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information. |
|
| CVE-2026-21012 | Apr 13, 2026 |
Samsung AODManager LFI: Privileged Local File CreationExternal control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege. |
|