Galaxy Store <4.6.02: PIV -> local script exec
CVE-2026-20976 Published on January 9, 2026

Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script.

NVD

Products Associated with CVE-2026-20976

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2026-20976 are published in Samsung Galaxy Store:

Samsung Galaxy Store

Affected Versions

Samsung Mobile Galaxy Store Version 4.6.02 is unaffected by CVE-2026-20976

Exploit Probability

EPSS

0.01%

Percentile

1.70%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Galaxy Store <4.6.02: PIV -> local script execCVE-2026-20976 Published on January 9, 2026

Products Associated with CVE-2026-20976

Affected Versions

Exploit Probability

Galaxy Store <4.6.02: PIV -> local script exec
CVE-2026-20976 Published on January 9, 2026