CVE-2026-21014
Received
Received - Intake
Improper Access Control in Samsung Camera Exposes Location Data
Vulnerability report for CVE-2026-21014, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-04-13
Last updated on: 2026-04-16
Assigner: Samsung Mobile
Description
Description
Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | camera | to 16.5.00.28 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |