DNA View

CVE-2026-21006

Low

Low Medium High Critical

2.4

CVSS Score

Published: Apr 13, 2026

Last Modified: Apr 13, 2026

CWE: NVD-CWE-noinfo

Vulnerability Description

Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

1 configuration(s) from 1 vendor(s)

android

Version:

15.0

CPE:

cpe:2.3:o:samsung:android:15.0:smr-nov-2025-r1:*:*:*:*:*:*

This vulnerability affects 1 software configuration(s). Ensure you patch all affected systems.

References & Resources

https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=04
mobile.security@samsung.com Vendor Advisory

Severity Details

2.4

out of 10.0

Low

Weakness Type (CWE)

NVD-CWE-noinfo

View CWE Details on MITRE

Key Information

Published Date: April 13, 2026

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages