CVE-2026-21027

4.8MEDIUM

Key Information:

What is CVE-2026-21027?

Improper export of android application components in ImsSettings prior to SMR Jun-2026 Release 1 allows local attackers to trigger logging function.

Samsung Mobile Devices SMR Jun-2026 Release in Android 14, 15, 16

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

CVE-2026-21027 Data