James Dean

**Name of the Vulnerable Software and Affected Versions** Whale browser versions prior to 3.26.244.21 **Description** The issue allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension. **Recommendations** For versions prior to 3.26.244.21, update to version 3.26.244.21 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Samsung Knox version 1.2.02.39 **Description** This issue allows local attackers to disclose sensitive information on affected installations. An attacker must first obtain physical access to the device to exploit this. The flaw exists within the handling of the lock screen for Secure Folder, resulting from the lack of proper validation that a user has correctly authenticated. This can be leveraged to disclose the contents of the secure container. **Recommendations** For Samsung Knox version 1.2.02.39, consider disabling the lock screen feature for Secure Folder until a patch is available to prevent exploitation. Restrict physical access to devices to minimize the risk of this issue being exploited.