CVE Catalog

CVE-2026-21033

HighCVSS 7.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.01%

2th percentile - higher than 2% of all known CVEs

Summary

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

Risk Assessment

An attacker could exploit this vulnerability to execute malicious code on the device, potentially leading to data loss or system compromise.

Recommendation

It is recommended to update Samsung Assistant to version 9.3.14 or later to mitigate this vulnerability.

Original NVD description (English source)

Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS