CVE-2026-21000

Severity

7.0HIGH

EPSS

0.0%

top 94.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 16

Description

Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privilege.

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N

CVEList

CVE-2026-21000: Improper access control in Galaxy Store prior to version 4↗2026-03-16

▶

GHSA

GHSA-r7p7-x56g-w5cp: Improper access control in Galaxy Store prior to version 4↗2026-03-16

▶