PT-2026-25605 · Samsung · Galaxy Store

Sacha Kozma

+1

·

Published

2026-03-16

·

Updated

2026-03-17

·

CVE-2026-21000

CVSS v4.0

7.0

High

VectorAV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N
Name of the Vulnerable Software and Affected Versions Galaxy Store versions prior to 4.6.03.8
Description An improper access control issue exists in Galaxy Store. A local attacker can create a file with Galaxy Store privileges.
Recommendations Update Galaxy Store to version 4.6.03.8 or later.

Fix

LPE

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2026-21000

Affected Products

Galaxy Store