[NEW] [medium] Samsung Android: Multiple vulnerabilities
An attacker can exploit multiple vulnerabilities in Samsung Android to execute arbitrary code, bypass security measures, and disclose information.
CSIRTS triage
- What
- Multiple vulnerabilities in Samsung Android can be exploited to execute arbitrary code, bypass security measures, and disclose information.
- Who is affected
- Users of Samsung Android devices with the affected versions.
- Urgency
- Remediation is medium urgency as these vulnerabilities could lead to significant security breaches.
- Action
- Install the latest security updates for Samsung Android.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Android
Get an email when a new Android advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2275
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Low exploitation riskCVE-2026-210390.10% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-210400.10% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-210410.10% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-210420.12% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 2% of all scored CVEs.
- Low exploitation riskCVE-2026-210430.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
- Low exploitation riskCVE-2026-210440.10% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-210450.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2026-210460.10% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 1% of all scored CVEs.
- Low exploitation riskCVE-2026-210480.38% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 30% of all scored CVEs.
- Low exploitation riskCVE-2026-210490.13% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 3% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2026-21039 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21040 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21041 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21042 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21043 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21044 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21045 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21046 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21048 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21049 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21050 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21051 | coverage & exploitation status | NVD · CVE.org |
| CVE-2026-21052 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- unknownCVE-2026-21052: Path traversal in SemClipboardService prior to SMR Jul-2026 Release 1 allows local privileged …nvd
- unknownCVE-2026-21051: Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local at…nvd
- unknownCVE-2026-21050: Improper access control in SmartThingsKit prior to SMR Jul-2026 Release 1 allows local attacke…nvd
- unknownCVE-2026-21049: Out-of-bounds write in libpadm.so library prior to SMR Jul-2026 Release 1 allows local attacke…nvd
- unknownCVE-2026-21048: Out-of-bounds write in parsing DNG format in libimagecodec.media.quram.so prior to SMR Jul-202…nvd
- unknownCVE-2026-21046: Time-of-check time-of-use race condition in fabricKeymaster trustlet prior to SMR Jul-2026 Rel…nvd
- unknownCVE-2026-21045: Out-of-bounds write in parsing TIFF format in libimagecodec.media.quram.so prior to SMR Jul-20…nvd
- unknownCVE-2026-21044: Improper authorization in KnoxGuardManager prior to SMR Jul-2026 Release 1 allows local attack…nvd
- unknownCVE-2026-21043: Path traversal in Wallpaper service prior to SMR Jul-2026 Release 1 allows local privileged at…nvd
- unknownCVE-2026-21042: Out-of-bounds write in libsavsac.so prior to SMR Jul-2026 Release 1 allows local attackers to …nvd
- unknownCVE-2026-21041: Improper access control in SamsungSEAgentService prior to SMR Jul-2026 Release 1 allows local …nvd
- unknownCVE-2026-21040: Improper access control in IAFDService prior to SMR Jul-2026 Release 1 allows local privileged…nvd
More from CERT-Bund (BSI) Security Advisories
- medium[NEW] [medium] DENX U-Boot: Multiple vulnerabilities allow execution of arbitrary code and DoS2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow unspecified attack2026-07-10
- medium[UPDATE] [medium] Linux Kernel: Multiple vulnerabilities allow denial of service2026-07-10
- high[UPDATE] [high] Linux Kernel: Multiple vulnerabilities2026-07-10