Overview

• On July 25, Samsung closed a loophole in its internal FOTA test servers that had exposed pre-release One UI firmware to the public.
• The fix prevents unauthorized downloads of under-development One UI 8.5 and 9.0 builds unless another vulnerability is discovered.
• Leaks had been driven by a community-made C# tool that decrypted firmware metadata and accessed internal OTA test files.
• A community user known as Farlune formally notified Samsung of the breach after identifying the unauthorized distribution of internal test builds.
• Samsung maintains its official One UI beta program for registered users ahead of the Galaxy S26 launch to offer a controlled preview of new features.