CVE Catalog
CVE-2026-21037
HighCVSS 7.1Exploitation Probability (EPSS)
Low risk0.11%
1th percentile - higher than 1% of all known CVEs
Summary
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URLs and launch arbitrary activities with Samsung Members privileges.
Risk Assessment
The risk involves potential privilege escalation by a local attacker, leading to unauthorized access to sensitive device functions or data.
Recommendation
Immediately update Samsung Members to version 5.8.01.5 or later, which includes the fix.
Original NVD description (English source)
Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitrary URL and launch arbitrary activity with Samsung Members privilege.

