Vulnerability in Samsung Mobile Devices

CVE-2026-20989

Improper verification of cryptographic signature in Font Settings prior to SMR Mar-2026 Release 1 allows physical attackers to use custom font.

EPSS: 0.000 (1.4th percentile) — read the EPSS interpretation.

Affected products

Samsung Mobile Devices — versions SMR Mar-2026 Release in Android 16

References

security.samsungmobile.com/securityUpdate.smsb