CVE-2026-24458
Mattermost versions 11.3.x
Category: Vulnerabilities
CVE-2026-21004
Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of service. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-21005
Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Smart Switch privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-21000
Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-21001
Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-21002
Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to install arbitrary application. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20992
Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the background data usage of application. More information : https://security.samsungmobile.com/securityUpdate.smsb?year=2026&month=03
CVE-2026-20993
Improper export of android application components in Samsung Assistant prior to version 9.3.10.7 allows local attacker to access saved information. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20994
URL redirection in Samsung Account prior to version 15.5.01.1 allows remote attackers to potentially get access token. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20995
Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7.69.15 allows remote attackers to set a specific configuration. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20996
Use of a broken or risky cryptographic algorithm in Smart Switch prior to version 3.7.69.15 allows remote attackers to configure a downgraded scheme for authentication. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20997
Improper verification of cryptographic signature in Smart Switch prior to version 3.7.69.15 allows remote attackers to potentially bypass authentication. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20998
Improper authentication in Smart Switch prior to version 3.7.69.15 allows remote attackers to bypass authentication. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03
CVE-2026-20999
Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions. More information : https://security.samsungmobile.com/serviceWeb.smsb?year=2026&month=03