Input Validation Flaw in Samsung Members App
CVE-2026-21037

6.9MEDIUM

Key Information:

Vendor

Samsung

Vendor
CVE Published:
5 June 2026

What is CVE-2026-21037?

The Samsung Members application prior to version 5.8.01.5 contains an improper input validation flaw that can be exploited by local attackers. This vulnerability allows unauthorized access to arbitrary URLs, enabling the execution of arbitrary activities with the privileges of the Samsung Members app. Users are advised to update to the latest version to mitigate potential risks associated with this vulnerability.

Affected Version(s)

Samsung Members 5.8.01.5

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.