Improper Export of Android Application Components in SpriteWallpaper by Samsung
CVE-2026-21026

6.4MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 5 June 2026

What is CVE-2026-21026?

The SpriteWallpaper application by Samsung has a vulnerability that stems from the improper export of Android application components. This flaw allows local attackers to gain unauthorized access to sensitive information, which could lead to data exposure or misuse. It is crucial for users to update to SMR Jun-2026 Release 1 to mitigate this risk and enhance their device security.

Affected Version(s)

Samsung Mobile Devices SMR Jun-2026 Release in Android 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V4

Score:

6.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2026
Vulnerability Reserved
Dec 11, 2025

CVE-2026-21026 Data

JSON