Samsung Details June 2026 Security Patch, Delivering 45 Fixes for Galaxy Devices

Executive Summary

Samsung has published the details of its June 2026 Security Maintenance Release (SMR) for its extensive lineup of Galaxy smartphones, tablets, and foldable devices. The update addresses a total of 45 security vulnerabilities. This package includes fixes for Common Vulnerabilities and Exposures (CVEs) identified in Google's June 2026 Android Security Bulletin, as well as 11 fixes for Samsung Vulnerabilities and Exposures (SVEs), which are specific to Samsung's own software and hardware. The update is critical for maintaining the security and stability of Galaxy devices. The rollout will occur in stages over the coming weeks, and users are strongly encouraged to apply the update promptly.

Vulnerabilities Addressed

The June 2026 SMR is a comprehensive update that bundles numerous security enhancements.

• Total Fixes: 45
• Google (CVEs): The update incorporates all relevant patches from Google's June 2026 Android Security Bulletin. This includes fixes for critical and high-severity vulnerabilities in the Android Framework and System components, one of which is known to be actively exploited (see separate article on CVE-2025-48595).
• Samsung (SVEs): 11 vulnerabilities specific to Samsung's software have been patched. While Samsung does not always disclose the full technical details of SVEs immediately to prevent reverse-engineering before the patch is widely deployed, these fixes often address issues in the One UI interface, Samsung-specific apps, or hardware drivers.
• Exynos-Specific Fix: An additional patch is included for devices running Samsung's own Exynos line of processors, bringing the total fix count to 45 for those models.

Affected Products

The update will be rolled out to all eligible Samsung Galaxy devices that are currently supported with monthly or quarterly security updates. This includes:

• Flagship lines (Galaxy S series, Galaxy Z Fold/Flip series)
• Mid-range lines (Galaxy A series)
• Tablets (Galaxy Tab series)

The rollout is staggered by device model and carrier. Flagship and unlocked devices typically receive updates first.

Impact Assessment

Applying this security patch is crucial for protecting user data and device integrity. Unpatched vulnerabilities could potentially be exploited by malicious applications or remote attackers to:

• Gain elevated privileges on the device.
• Access sensitive personal information.
• Execute arbitrary code.
• Cause device instability or denial of service.

Given that the underlying Google bulletin includes a patch for an actively exploited zero-day, the urgency of this update is high.

Deployment Priority

Users and enterprise administrators should prioritize the deployment of this patch as follows:

1. High-Risk Users: Individuals who may be targets of sophisticated attacks (journalists, activists, executives) should update immediately.
2. Flagship Devices: Newer, high-end devices are often targeted first.
3. All Other Supported Devices: All users should apply the patch as soon as it is available to them.

Enterprises using Samsung devices should leverage their Mobile Device Management (MDM) or Enterprise Mobility Management (EMM) solution to enforce the update across their fleet.

Installation Instructions

For most users, the update process is straightforward:

1. You may receive a push notification when the update is available for your device.
2. To manually check for the update, navigate to Settings > Software update > Download and install.
3. Ensure your device is connected to Wi-Fi and has sufficient battery life before starting the update process.
4. The device will restart after the update is successfully installed.

Cyber Observables — Hunting Hints

The following indicators can help identify unpatched or at-risk systems in an enterprise environment: