Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025
CVE-2025-58486
CVE-2025-58486
Description
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 15.5.01.1
- Range: 15.5.01.1
Patches
Vulnerability mechanics
References
1News mentions
1- ZDI-26-224: (Pwn2Own) Samsung Galaxy S25 Samsung Account Cross-Site Scripting Remote Code Execution VulnerabilityZero Day Initiative · Mar 23, 2026