S

Samsung Security Vulnerabilities (CVE)

Explore vulnerabilities and security advisories affecting Samsung products.

13 known CVE vulnerabilities tracked

Critical
0
High
2
Medium
11
Low
0
None
0

Vulnerabilities By Year

1
2021
12
2026

Products Affected

Android 7 Escargot 4 Account 1 Galaxy I9305 Firmware 1

All Samsung CVEs

Recent Highest Score Oldest
CVE-2026-8915
8.8 high

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.

Escargot May 28, 2026
CVE-2026-21022
5.5 medium

Improper handling of insufficient permissions in Routines prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.

Android May 13, 2026
CVE-2026-21021
6.8 medium

Improper input validation in Routines prior to SMR May-2026 Release 1 allows physical attackers to launch privileged activity.

Android May 13, 2026
CVE-2026-21020
7.8 high

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions.

Android May 13, 2026
CVE-2026-21018
6.7 medium

Out-of-bounds write in SveService prior to SMR May-2026 Release 1 allows local privileged attackers to execute arbitrary code.

Android May 13, 2026
CVE-2026-21016
5.5 medium

Incorrect privilege assignment in LocationManager prior to SMR May-2026 Release 1 allows local attackers to access sensitive information.

Android May 13, 2026
CVE-2026-21015
5.5 medium

Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier.

Android May 13, 2026
CVE-2026-21023
5.5 medium

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application.

Android Apr 29, 2026
CVE-2026-40447
5.1 medium

Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

Escargot Apr 13, 2026
CVE-2026-40446
6.9 medium

Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

Escargot Apr 13, 2026
CVE-2026-25204
6.2 medium

Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335

Escargot Apr 13, 2026
CVE-2026-20994
6.1 medium

URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.

Account Mar 16, 2026
CVE-2020-26146
5.3 medium

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented fra

Galaxy I9305 Firmware May 11, 2021