CVE-2026-21037
CVE-2026-21037
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.9EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Jun 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
Affected products
Samsung Mobile · Samsung MembersWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →