Improper Export of Application Components in Bixby by Samsung
CVE-2026-21055

8.5HIGH

Key Information:

Vendor

Samsung

Status
Vendor
CVE Published:
10 July 2026

What is CVE-2026-21055?

An improper export of application components in Samsung's Bixby prior to version 4.0.70.8 allows local attackers to exploit this vulnerability. By executing arbitrary commands with Bixby privileges, attackers can potentially manipulate device operations and access sensitive information. This poses a risk to user security and device integrity, making it essential for users to update to the latest version to mitigate this exposure.

Affected Version(s)

Bixby 4.0.70.8

References

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.