Account
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-0864 | Hig | 0.52 | 8.0 | 0.01 | Mar 27, 2017 | Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | ||
| CVE-2026-20994 | Med | 0.40 | 6.1 | 0.00 | Mar 16, 2026 | URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token. | ||
| CVE-2025-58486 | 0.00 | — | 0.00 | Dec 2, 2025 | Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script. | |||
| CVE-2023-21481 | 0.00 | — | 0.00 | Sep 3, 2025 | Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information. |
- risk 0.52cvss 8.0epss 0.01
Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.
- risk 0.40cvss 6.1epss 0.00
URL redirection in Samsung Account prior to version 15.5.01.1 allows local attackers to potentially get access token.
- CVE-2025-58486Dec 2, 2025risk 0.00cvss —epss 0.00
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script.
- CVE-2023-21481Sep 3, 2025risk 0.00cvss —epss 0.00
Improper URL input validation vulnerability in Samsung Account application prior to version 14.1.0.0 allows remote attackers to get sensitive information.