Vulnerability in Samsung Mobile Devices
CVE-2026-20990
Improper export of android application components in Secure Folder prior to SMR Mar-2026 Release 1 allows local attackers to launch arbitrary activity with Secure Folder privilege.
EPSS: 0.000 (10.9th percentile) — read the EPSS interpretation.
Affected products
- Samsung Mobile Devices — versions SMR Mar-2026 Release in Android 14, 15, 16