CVE-2026-21020

Description

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions.

References

• https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=05