MEDIUM🇵🇱 Wersja polska

CVE-2026-20986

CVSS 5.1v4.0pub. 2026-02-04upd. 2026-02-25

Path traversal in Samsung Members prior to Chinese version 15.5.05.4 allows local attackers to overwrite data within Samsung Members.

CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Samsung Members

    APP
    Samsung
    < 15.5.05.4
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References

Related vulnerabilities

CVE-2026-20985HIGH7.0ten sam produkt

Improper input validation in Samsung Members prior to version 5.6.00.11 allows remote attackers to connect arb...

CVE-2025-21079HIGH7.1ten sam produkt

Improper input validation in Samsung Members prior to version 5.5.01.3 allows remote attackers to connect arbi...

CVE-2021-25438HIGH7.8ten sam produkt

Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and bel...

CVE-2021-25374HIGH8.6ten sam produkt

An improper authorization vulnerability in Samsung Members "samsungrewards" scheme for deeplink in versions 2....

CVE-2026-21037MEDIUM6.9ten sam produkt

Improper input validation in Samsung Members prior to version 5.8.01.5 allows local attackers to access arbitr...