DNA View

CVE-2026-21010

Medium

Low Medium High Critical

6.6

CVSS Score

Published: Apr 13, 2026

Last Modified: Apr 13, 2026

CWE: NVD-CWE-noinfo

Vulnerability Description

Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

Known Affected Software

3 configuration(s) from 1 vendor(s)

android

Version:

15.0

CPE:

cpe:2.3:o:samsung:android:15.0:smr-nov-2025-r1:*:*:*:*:*:*

android

Version:

16.0

CPE:

cpe:2.3:o:samsung:android:16.0:smr-nov-2025-r1:*:*:*:*:*:*

android

Version:

14.0

CPE:

cpe:2.3:o:samsung:android:14.0:smr-nov-2025-r1:*:*:*:*:*:*

This vulnerability affects 3 software configuration(s). Ensure you patch all affected systems.

References & Resources

https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=04
mobile.security@samsung.com Vendor Advisory

Severity Details

6.6

out of 10.0

Medium

Weakness Type (CWE)

NVD-CWE-noinfo

View CWE Details on MITRE

Key Information

Published Date: April 13, 2026

External Resources

NIST NVD

National Vulnerability Database

MITRE CVE

Official CVE record

CVE Vulnerabilities

Posts & Pages

CVE-2026-21010

Vulnerability Description

CVSS Metrics

Known Affected Software

samsung

References & Resources

Severity Details

Weakness Type (CWE)

Key Information

External Resources