Samsung Internet
29 CVEs affecting Samsung Internet. Latest disclosed: 2026-06-05. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-25418 | High | 7.8 | 2021-06-11 | Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute arbitrary activity in speci… |
CVE-2021-25400 | High | 7.8 | 2021-06-11 | Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. |
CVE-2024-20838 | Medium | 6.8 | 2024-03-05 | Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code. |
CVE-2023-30674 | Medium | 6.5 | 2023-07-06 | Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie. |
CVE-2022-22290 | Medium | 6.5 | 2022-01-14 | Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted HTML page. |
CVE-2021-25466 | Medium | 6.5 | 2021-09-09 | Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and obtain Samsung Acco… |
CVE-2021-25419 | Medium | 6.5 | 2021-06-11 | Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in address bar via phisi… |
CVE-2025-32407 | Medium | 5.9 | 2025-05-16 | Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates, allowing for an attack… |
CVE-2021-25520 | Medium | 5.9 | 2021-12-08 | Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to e… |
CVE-2022-22284 | Medium | 5.7 | 2022-01-10 | Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication |
CVE-2026-21036 | Medium | 5.5 | 2026-06-05 | Improper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to access sensitive information. |
CVE-2025-58485 | Medium | 5.5 | 2025-12-02 | Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script. |
CVE-2024-20869 | Medium | 5.5 | 2024-05-07 | Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for cookies. |
CVE-2024-20829 | Medium | 5.4 | 2024-03-05 | Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an application without proper in… |
CVE-2024-20837 | Medium | 5.3 | 2024-03-05 | Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers to grant permission t… |
CVE-2021-25445 | Medium | 5.3 | 2021-08-05 | Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in Samsung Internet. |
CVE-2025-20995 | Medium | 4.9 | 2025-06-04 | Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local atta… |
CVE-2025-20994 | Medium | 4.5 | 2025-06-04 | Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version 28.0.0.59 allows local… |
CVE-2022-39873 | Medium | 4.3 | 2022-10-07 | Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user auth… |
CVE-2022-30738 | Medium | 4.3 | 2022-06-07 | Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script. |