Vignesh.K.G

**Name of the Vulnerable Software and Affected Versions** PackageManagerService versions prior to SMR Mar-2026 Release 1 **Description** Insufficient verification of data authenticity in the `PackageManagerService` allows local attackers to modify the installation restriction of specific applications. **Recommendations** Update to SMR Mar-2026 Release 1.

External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege.

**Name of the Vulnerable Software and Affected Versions** Samsung Settings versions prior to SMR Feb-2026 Release 1 **Description** A flaw exists in privilege management within Samsung Settings. This allows local attackers to execute arbitrary actions with elevated privileges. **Recommendations** Update Samsung Settings to SMR Feb-2026 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** PACM versions prior to SMR Feb-2026 Release 1 **Description** Improper input validation in PACM allows a physical attacker to execute arbitrary commands. **Recommendations** Update to SMR Feb-2026 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** FacAtFunction versions prior to SMR Feb-2026 Release 1 **Description** A flaw exists in FacAtFunction due to improper input validation. This allows a physically present, privileged attacker to execute arbitrary commands with system-level privileges. **Recommendations** Update FacAtFunction to SMR Feb-2026 Release 1 or later.

**Name of the Vulnerable Software and Affected Versions** Adobe ShortcutService versions prior to SMR Feb-2026 Release 1 **Description** A path traversal issue exists in ShortcutService. A privileged local attacker can create a file with system privileges. **Recommendations** Update Adobe ShortcutService to SMR Feb-2026 Release 1 or later.