65 matches found
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21033
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21033
CVE-2026-21033 describes an improper export of Android components in Samsung Assistant’s ExpressHomeWidgetReceiver, making devices vulnerable before version 9.3.14. A local attacker could exploit this issue to execute arbitrary scripts. The available documents do not specify exploit code or in‑th...
CVE-2026-21033
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21033
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-21032
CVE-2026-21032 concerns Samsung Assistant's SmartHomeWidgetReceiver where improper export of Android app components allows a local attacker to execute arbitrary script. Affected software: Samsung Assistant prior to version 9.3.14 (the vulnerable component is SmartHomeWidgetReceiver). Root cause: ...
PT-2026-46923
Improper export of android application components in ExpressHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
PT-2026-46922
Improper export of android application components in SmartHomeWidgetReceiver of Samsung Assistant prior to version 9.3.14 allows local attacker to execute arbitrary script...
CVE-2026-41360
OpenClaw
CVE-2026-32979 OpenClaw < 2026.3.11 - Unbound Interpreter and Runtime Commands Bypass in node-host Approval
OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution to achieve...
CVE-2026-32901
Rejected reason: This CVE ID has been rejected...
CVE-2026-32901
...
PT-2026-27235
OpenClaw before 2026.3.2 contains a semantic drift vulnerability in node system.run approval hardening that rewrites wrapper command argv, allowing execution of unintended local scripts. Attackers who can influence wrapper argv and place malicious files in the approved working directory can execu...
Arbitrary Argument Injection
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Arbitrary Argument Injection via the system.run process. An attacker can execute unintended local scripts by manipulating the wrapper arguments and placing a malicious file in the approve...
CVE-2026-20976
Improper input validation in Galaxy Store prior to version 4.6.02 allows local attacker to execute arbitrary script...
CVE-2025-58486
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script...
CVE-2025-58486
Improper input validation in Samsung Account prior to version 15.5.01.1 allows local attacker to execute arbitrary script...