Every CVE whose affected-product data names Samsung Internet, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2021-25400 — CVSS 7.8 (high): Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action.
CVE-2021-25418 — CVSS 7.8 (high): Improper component protection vulnerability in Samsung Internet prior to version 14.0.1.62 allows untrusted applications to execute…
CVE-2024-20838 — CVSS 6.8 (medium): Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code.
CVE-2023-30674 — CVSS 6.5 (medium): Improper configuration in Samsung Internet prior to version 21.0.0.41 allows attacker to bypass SameSite Cookie.
CVE-2021-25419 — CVSS 6.5 (medium): Non-compliance of recommended secure coding scheme in Samsung Internet prior to version 14.0.1.62 allows attackers to display fake URL in…
CVE-2021-25466 — CVSS 6.5 (medium): Improper scheme check vulnerability in Samsung Internet prior to version 15.0.2.47 allows attackers to perform Man-in-the-middle attack and…
CVE-2022-22290 — CVSS 6.5 (medium): Incorrect download source UI in Downloads in Samsung Internet prior to 16.0.6.23 allows attackers to perform domain spoofing via a crafted…
CVE-2021-25520 — CVSS 5.9 (medium): Insecure caller check and input validation vulnerabilities in SearchKeyword deeplink logic prior to Samsung Internet 16.0.2 allows…
CVE-2025-32407 — CVSS 5.9 (medium): Samsung Internet for Galaxy Watch version 5.0.9, available up until Samsung Galaxy Watch 3, does not properly validate TLS certificates…
CVE-2022-22284 — CVSS 5.7 (medium): Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication
CVE-2024-20869 — CVSS 5.5 (medium): Improper privilege management vulnerability in Samsung Internet prior to version 25.0.0.41 allows local attackers to bypass protection for…
CVE-2025-58485 — CVSS 5.5 (medium): Improper input validation in Samsung Internet prior to version 29.0.0.48 allows local attackers to inject arbitrary script.
CVE-2026-21036 — CVSS 5.5 (medium): Improper authorization in Samsung Internet prior to version 30.0.0.39 allows local attackers to access sensitive information.
CVE-2024-20829 — CVSS 5.4 (medium): Missing proper interaction for opening deeplink in Samsung Internet prior to version v24.0.0.0 allows remote attackers to open an…
CVE-2021-25445 — CVSS 5.3 (medium): Unprotected component vulnerability in Samsung Internet prior to version 14.2 allows untrusted application to access internal files in…
CVE-2024-20837 — CVSS 5.3 (medium): Improper handling of granting permission for Trusted Web Activities in Samsung Internet prior to version 24.0.0.41 allows local attackers…
CVE-2025-20995 — CVSS 4.9 (medium): Improper handling of insufficient permission in ClientProvider in Samsung Internet installed on non-Samsung Device prior to version…
CVE-2025-20994 — CVSS 4.5 (medium): Improper handling of insufficient permission in SyncClientProvider in Samsung Internet installed on non-Samsung Device prior to version…
CVE-2022-39873 — CVSS 4.3 (medium): Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret…
CVE-2022-30738 — CVSS 4.3 (medium): Improper check in Loader in Samsung Internet prior to 17.0.1.69 allows attackers to spoof address bar via executing script.
CVE-2022-30740 — CVSS 4.1 (medium): Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical attackers to guess stored credit card numbers.
CVE-2021-25521 — CVSS 4.0 (medium): Insecure caller check in sharevia deeplink logic prior to Samsung Internet 16.0.2 allows unstrusted applications to get current tab URL in…
CVE-2023-30704 — CVSS 3.8 (low): Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in…
CVE-2022-27839 — CVSS 3.3 (low): Improper authentication vulnerability in SecretMode in Samsung Internet prior to version 16.2.1 allows attackers to access bookmark tab…
CVE-2021-25354 — CVSS 3.3 (low): Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch non-exported activity in Samsung Browser via…
CVE-2024-34671 — CVSS 3.3 (low): Use of implicit intent for sensitive communication in translation혻in Samsung Internet prior to version 26.0.3.1 allows local attackers to…
CVE-2021-25366 — CVSS 3.2 (low): Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's…
CVE-2024-20828 — CVSS 2.4 (low): Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical attackers to access files…
CVE-2021-25348 — CVSS 2.1 (low): Improper permission grant check in Samsung Internet prior to version 13.0.1.60 allows access to files in internal storage without…