Every CVE whose affected-product data names Samsung Account, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2026-20994 — CVSS 6.1 (medium): URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.
CVE-2022-30735 — CVSS 5.9 (medium): Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the access_token without…
CVE-2025-21076 — CVSS 5.5 (medium): Improper handling of insufficient permissions or privileges in Samsung Account prior to version 15.5.00.18 allows local attackers to access…
CVE-2022-30732 — CVSS 5.5 (medium): Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive…
CVE-2023-42551 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows…
CVE-2023-42550 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows…
CVE-2023-42546 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version…
CVE-2021-25381 — CVSS 5.5 (medium): Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in Android P(9.0) and below, and 12.1.1.3 in Android Q(10.0) and above…
CVE-2023-42549 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version…
CVE-2023-42548 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version…
CVE-2023-42547 — CVSS 5.5 (medium): Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version…
CVE-2023-21481 — CVSS 5.4 (medium): Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get…
CVE-2022-30736 — CVSS 5.3 (medium): Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery…
CVE-2022-30743 — CVSS 5.3 (medium): Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get the data of contact and gallery…
CVE-2022-39875 — CVSS 5.1 (medium): Improper component protection vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CVE-2024-20841 — CVSS 5.1 (medium): Improper Handling of Insufficient Privileges in Samsung Account prior to version 14.8.00.3 allows local attackers to access data.
CVE-2023-42540 — CVSS 4.0 (medium): Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via…
CVE-2022-39874 — CVSS 4.0 (medium): Sensitive log information leakage vulnerability in Samsung Account prior to version 13.5.0 allows attackers to unauthorized logout.
CVE-2022-30734 — CVSS 4.0 (medium): Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone…
CVE-2022-30733 — CVSS 4.0 (medium): Sensitive information exposure in Sign-in log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone…
CVE-2025-58486 — CVSS 4.0 (medium): Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
CVE-2025-58487 — CVSS 4.0 (medium): Improper authorization in Samsung Account prior to version 15.5.01.1 allows local attacker to launch arbitrary activity with Samsung…
CVE-2022-30739 — CVSS 4.0 (medium): Improper privilege management vulnerability in Samsung Account prior to 13.2.00.6 allows attackers to get an user email or phone number…
CVE-2022-30737 — CVSS 4.0 (medium): Implicit Intent hijacking vulnerability in Samsung Account prior to version 13.2.00.6 allows attackers to get email ID.
CVE-2022-39863 — CVSS 3.6 (low): Intent redirection vulnerability in Samsung Account prior to version 13.5.01.3 allows attackers to access content providers without…
CVE-2021-25403 — CVSS 3.3 (low): Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0)…
CVE-2021-25351 — CVSS 3.2 (low): Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate…
CVE-2021-25350 — CVSS 2.0 (low): Information Exposure vulnerability in Samsung Account prior to version 12.1.1.3 allows physically proximate attackers to access user…