CVE-2026-21014

LOW

Samsung Camera <16.5.00.28 - Info Disclosure

Title source: llm

Description

Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability.

References (1)

Core 1

Core References

https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=04

Scores

CVSS v3 2.8

EPSS 0.0001

EPSS Percentile 3.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

Status published

Products (2)

samsung/camera < 16.5.00.28

Samsung Mobile/Samsung Camera 16.5.00.28

Published Apr 13, 2026

Tracked Since Apr 13, 2026