Improper Access Control in Samsung Camera Affects User Location Data
CVE-2026-21014

5.1MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Camera
Vendor: CVE Published:; 13 April 2026

What is CVE-2026-21014?

An access control vulnerability in Samsung Camera prior to version 16.5.00.28 allows local attackers to exploit user interaction and gain unauthorized access to sensitive location data. This flaw can lead to privacy breaches, underscoring the need for users to keep their applications updated to the latest version to mitigate potential risks.

Affected Version(s)

Samsung Camera 16.5.00.28

References

https://security.samsungmobile.com/serviceWeb.smsb?year=2...

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21014 Data

JSON