CVE Catalog
CVE-2026-21033
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk0.01%
2th percentile - higher than 2% of all known CVEs
Summary
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.
Risk Assessment
An attacker could exploit this vulnerability to execute malicious code on the device, potentially leading to data loss or system compromise.
Recommendation
It is recommended to update Samsung Assistant to version 9.3.14 or later to mitigate this vulnerability.
Original NVD description (English source)
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script.

