Samsung April 2026 Security Patch — 47 Fixes You Can't Ignore
Samsung has officially published the details of its April 2026 Security Maintenance Release (SMR) — and this one is not a routine update. With 47 total security vulnerabilities patched across Google's core Android platform and Samsung's own software and hardware stacks, this is one of the most consequential monthly patches in recent memory. If you own a Galaxy smartphone, tablet, or smartwatch, read on — your device's safety may depend on it.
47
Total vulnerabilities fixed
14
Critical severity flaws
4
Samsung Semiconductor fixes
Where the fixes come from
Three Sources, One Powerful Patch
The April 2026 SMR is not the work of a single team — it's a three-pronged effort between Google, Samsung Mobile, and Samsung Semiconductor. Each layer of the fix targets a different part of your Galaxy device's software and hardware architecture.
33
Google Android Security Bulletin
Core OS
10
Samsung Mobile (SVEs — One UI)
One UI
4
Samsung Semiconductor (Exynos chips)
Hardware
Google handles the platform-level Android vulnerabilities. Samsung Mobile then tightens Galaxy-specific seams through its SVE (Samsung Vulnerabilities and Exposures) program, while Samsung Semiconductor addresses low-level hardware-facing issues in its Exynos chipsets.
Severity breakdown
How Serious Are These Vulnerabilities?
Security patches categorize vulnerabilities using a severity scale: Critical, High, Moderate, and Low. Here's the full severity distribution across all 47 fixes in this month's patch.
Note: High count includes 18 Google-rated + 4 Samsung Semiconductor + 3 Samsung Mobile fixes rated high. Samsung Mobile also includes 1 fix of unknown severity.
⚠ Why "Critical" Matters
A Critical-rated vulnerability means an attacker can potentially execute arbitrary code or gain system-level access on your device — often without any action from you, the user. Two of the critical CVEs confirmed in this patch, CVE-2026-0039 and CVE-2026-0080, are specifically noted as capable of granting system-level access — meaning an attacker could access your stored passwords, 2FA apps, and payment credentials.
Part 1 — Google Android fixes
The 33 Google Android Fixes Explained
Google's Android Security Bulletin for April 2026 brought 33 patches to Samsung's SMR. These address vulnerabilities in the core Android operating system that affect every Android device, not just Samsung Galaxy models. Google actually published 17 additional fixes in its bulletin, but Samsung had already patched 6 of those in March, and 11 were not applicable to Galaxy devices at all.
Critical CVEs (14 fixes)
These 14 critical fixes target core Android layers where privilege escalation and remote code execution are possible. Several are capable of exploiting attack paths that require only brief physical access to a device. The following CVEs were addressed:
CVE-2023-20713
CVE-2025-47392
CVE-2025-64505
CVE-2025-64720
CVE-2025-65018
CVE-2026-0039
CVE-2026-0040
CVE-2026-0041
CVE-2026-0042
CVE-2026-0043
CVE-2026-0044
CVE-2026-0049
CVE-2026-0052
CVE-2026-0080
🔴 Red left border = Critical severity
High-Severity CVEs (18 fixes)
These high-severity fixes patch flaws that could be exploited to cause significant damage — from unauthorized data access to app-level privilege escalation. They include:
CVE-2025-22424
CVE-2025-22426
CVE-2025-48600
CVE-2025-48651
CVE-2026-0016
CVE-2026-0018
CVE-2026-0036
CVE-2026-0045
CVE-2026-0046
CVE-2026-0048
CVE-2026-0050
CVE-2026-0055
CVE-2026-0056
CVE-2026-0058
CVE-2026-0059
CVE-2026-0067
CVE-2026-0079
CVE-2026-21381
🟠 Amber left border = High severity
Moderate-Severity CVE (1 fix)
Part 2 — Samsung Mobile fixes
The 10 Samsung Mobile (SVE) Fixes
Samsung's own vulnerability program — called SVE (Samsung Vulnerabilities and Exposures) — produced 10 individual patches in this month's release. These fix issues unique to Samsung's One UI software layer, things that Google's patches simply don't cover. Here's a breakdown of what was fixed:
🔐
Device Care — Knox Guard Bypass (High)
A vulnerability in the Device Care component could allow a physical attacker to bypass Knox Guard, Samsung's device lock security feature. This is especially concerning for lost or stolen Galaxy devices enrolled in enterprise management.
🖥️
Samsung DeX — Notification Content Leak (Moderate)
A flaw in Samsung DeX could reveal hidden notification content — such as message previews or OTP codes — to anyone viewing the external display without proper authentication, bypassing the user's notification privacy settings.
🛡️
One UI Privilege Escalation Issues (High — multiple)
Multiple SVEs address privilege escalation vulnerabilities where malicious apps could gain elevated permissions they were not granted. These fixes close loopholes in Samsung's One UI permission handling system.
📁
Storage Manager Service — Out-of-Bounds Issues (Moderate)
Issues in the Storage Manager Service related to out-of-bounds reads/writes that could allow unauthorized access to protected areas of device storage were resolved in this patch.
❓
Additional SVEs — Severity Unknown (1 fix)
One Samsung Mobile fix carries an undisclosed severity level. Samsung occasionally withholds severity details for vulnerabilities that require more coordinated disclosure time with third-party partners or researchers.
Severity distribution across 10 SVEs: 3 High · 5 Moderate · 1 Unknown · 1 Moderate/High (context-dependent)
Part 3 — Samsung Semiconductor fixes
The 4 Samsung Semiconductor Patches (All High Severity)
These four fixes operate at the lowest level of your Galaxy device — targeting hardware-facing vulnerabilities in Samsung's in-house Exynos chips. Unlike software patches, these address the firmware and hardware abstraction layers (HALs) directly interfacing with the GPU, modem, and memory systems.
⚙️
CVE-2025-52908 & CVE-2025-52909 — Exynos hardware fixes (High)
Two confirmed high-severity CVEs targeting Samsung's Exynos semiconductor stack. These fixes strengthen the hardware security layer, addressing flaws in firmware or low-level driver code that interfaces with GPU pipelines and modem stacks — components used during everything from calls to online gaming to mobile payments.
📡
2 additional Semiconductor-level fixes (High)
Two further Semiconductor patches round out this section. All four are rated High severity. Devices powered by Snapdragon or MediaTek processors will receive 4 fewer total fixes this month, as Semiconductor patches are Exynos-specific.
"Anything touching firmware or low-level hardware abstraction layers sits in the most trusted region of the device stack — flaws here can undermine every security assumption made above them." — Security Analyst commentary on Samsung Semiconductor fixes
Device rollout
Which Galaxy Devices Are Getting This Patch?
Samsung has begun rolling out the April 2026 patch across a wide range of Galaxy devices, starting with flagships and expanding to mid-range and older models. Below is a summary of confirmed rollout status:
| Device Series | Status | Notes |
|---|
| Galaxy S26 Series | Rolling Out | First patch since launch — Samsung skipped March 2026 |
| Galaxy S25 Series | Rolling Out | Already receiving in multiple regions |
| Galaxy S24 Series | Rolling Out | Available across several regions |
| Galaxy S23 / S23 Ultra | Rolling Out | Also receiving One UI 8.5 Beta alongside patch |
| Galaxy Z Fold 7 / Z Flip 7 | Rolling Out | Confirmed by multiple sources |
| Galaxy Z Fold 5 / Flip 5 | Rolling Out | Started in South Korea, expanding globally |
| Galaxy Z Fold 4 / Flip 4 | Rolling Out | South Korea first, other regions following |
| Galaxy A54 | Rolling Out | Firmware: A546SKSSGEZC2 — Korea first |
| Galaxy Z TriFold | Confirmed | Listed among receiving devices |
| Galaxy Tablets & Wearables | In Progress | Broader rollout underway |
| Snapdragon/MediaTek variants | Partial | Will receive 43 of 47 fixes (4 Semiconductor patches are Exynos-only) |
ℹ Rollout speed note
The April 2026 patch is reportedly rolling out faster than usual. Samsung has signalled urgency due to the sheer number of critical-rated vulnerabilities in this cycle. Not all devices will receive the update on the same day — rollouts are phased by region and carrier, but the global completion target is within the same month.
Notable context
The Galaxy S26 Situation — Why April Is Extra Important
One detail stands out in this cycle: Samsung skipped the March 2026 security update entirely for the Galaxy S26 series. This makes April 2026 the very first security patch this lineup has received since launch — meaning Galaxy S26 owners are getting a double-dose of urgency with this release.
This was flagged in Samsung's community forums as "unusual" and raised concerns around communication transparency. Samsung's normal pattern is to announce the patch details first, then begin the rollout. In April, the rollout started silently before official details were published — drawing user complaints on the Samsung Members forums, particularly from Galaxy S25 Ultra owners who noted delayed availability.
What it means for you
Real-World Impact — What Could These Flaws Actually Do?
🎮
Mobile gamers — GPU and modem layer risks
The four Samsung Semiconductor fixes sit closest to the GPU and modem firmware — the exact components handling rendering pipelines and network stacks in online multiplayer games. Past Semiconductor patches have quietly resolved audio crashes, frame drops, and modem-related disconnects in competitive matches.
💳
Payments and banking users — credential exposure risk
CVE-2026-0039 and CVE-2026-0080 can theoretically grant an attacker system-level access, putting your saved payment credentials in Google Play, banking apps, and 2FA authenticators at risk. Install this patch before your next transaction.
🏢
Enterprise users — Knox Guard bypass alert
The Device Care / Knox Guard bypass vulnerability is a significant concern for corporate-managed Samsung devices. Any lost or stolen device running pre-patch firmware could have its Knox Guard security circumvented by a physically present attacker.
👩💼
Samsung DeX users — notification privacy risk
If you use Samsung DeX with an external monitor in a shared workspace or hotel room, the pre-patch flaw could have exposed your notifications (OTP codes, message previews) to anyone viewing the external display.
How to update
How to Install the April 2026 Security Patch Right Now
1
Open the Settings app
Tap the gear icon from your Galaxy home screen or notification shade.
2
Scroll to "Software update"
On most Galaxy devices, this option appears near the bottom of the Settings menu.
3
Tap "Download and install"
Your device will check Samsung's servers for the latest available update for your region and firmware version.
4
Install and restart
Once downloaded, tap Install. You will be prompted to restart. The full patch only takes effect after a restart — don't skip this step.
5
Verify your patch date
After restart, go to Settings → About phone → Software information. Confirm "Android security patch level" reads April 2026 or later.
Alternatively, you can check for updates through the Samsung Members app if the update appears as a banner there before reaching your Settings.
Summary
Final Verdict — Install This Patch Immediately
The April 2026 Samsung Security Maintenance Release is one of the most comprehensive monthly patches Samsung has released in recent times. With 14 critical vulnerabilities, 24 high-severity flaws, hardware-level Exynos fixes, and Galaxy-specific software patches covering everything from Knox Guard to Samsung DeX, this update addresses a genuinely alarming breadth of attack surface.
The fact that Samsung is rolling this out faster than usual — and that the Galaxy S26 lineup is only now receiving its first patch since launch — makes this an especially urgent update. There is no safe reason to delay it.
Action required: Install the April 2026 patch now
Go to Settings → Software update → Download and install. The patch takes under a minute to check for and mere minutes to install. The 47 vulnerabilities it closes are not theoretical — some have been confirmed capable of granting system-level access to attackers. Your data, payments, and device security depend on it.
COMMENTS