Notes
This hub aggregates every CVE we track for Notes. Use it to gauge the current risk picture and drill into individual advisories.
other
90
CVEs tracked
5
Critical
24
High
0
In CISA KEV
Severity distribution
MEDIUM57HIGH24CRITICAL5LOW4
Monthly trend
0
15
4
0
0
0
0
0
19
1
2
0
0
0
2
6
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Notes.
- CVE-2025-21070Out-of-bounds write in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to write out-of-bounds memory.4.0
- CVE-2025-21069Out-of-bounds read in the parsing of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.4.0
- CVE-2025-21068Out-of-bounds read in the reading of image data in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.4.0
- CVE-2025-21067Out-of-bounds read in the allocation of image buffer in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.4.0
- CVE-2025-21066Out-of-bounds read in the SPI decoder in Samsung Notes prior to version 4.4.30.63 allows local attackers to access out-of-bounds memory.4.0
- CVE-2025-21057Use of implicit intent for sensitive communication in Samsung Notes prior to version 4.4.30.63 allows local attackers to access shared notes.4.0
- CVE-2025-21037Improper access control in Samsung Notes prior to version 4.4.30.63 allows physical attackers to access data across multiple user profiles. User interaction is required for triggering this vulnerab...4.1
- CVE-2025-21036Improper access control in Samsung Notes prior to version 4.4.30.63 allows local privileged attackers to access exported note files. User interaction is required for triggering this vulnerability.5.0
- CVE-2025-20977Use of implicit intent for sensitive communication in translation in Samsung Notes prior to version 4.4.29.23 allows local attackers to get sensitive information. User interaction is required for t...3.3
- CVE-2025-20976Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.5.5
- CVE-2025-20950Use of implicit intent for sensitive communication in SamsungNotes prior to version 4.4.26.45 allows local attackers to access sensitive information.4.0
- CVE-2025-20933Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.5.5
- CVE-2025-20932Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.5.5
- CVE-2025-20931Out-of-bounds write in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to execute arbitrary code.7.3
- CVE-2025-20930Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.5.5
Product normalization is registry-driven with AI assist and human review. How it works