Search

Find a vulnerability

Search criteria

    446 vulnerabilities found for sc8380xp_firmware by qualcomm

    CVE-2026-25260 (GCVE-0-2026-25260)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
    Summary
    Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:51.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:45.336Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25260",
        "datePublished": "2026-06-01T22:05:45.336Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:51.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25259 (GCVE-0-2026-25259)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Write in DSP Service
    Summary
    Memory corruption while processing multiple IOCTL command for escape operations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25259",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:52.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing multiple IOCTL command for escape operations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:43.934Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25259",
        "datePublished": "2026-06-01T22:05:43.934Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:52.198Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25258 (GCVE-0-2026-25258)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Read in DSP Service
    Summary
    Memory corruption while processing IOCTL calls for escape operations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:53.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing IOCTL calls for escape operations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:42.726Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Read in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25258",
        "datePublished": "2026-06-01T22:05:42.726Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:53.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24092 (GCVE-0-2026-24092)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory Corruption when processing fastboot commands to set display mode.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:06:56.042807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:26.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing fastboot commands to set display mode."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:41.591Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24092",
        "datePublished": "2026-06-01T22:05:41.591Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:26.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24091 (GCVE-0-2026-24091)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory corruption while processing fastboot commands with improperly formatted input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24091",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:12.515624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:40.634Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with improperly formatted input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:40.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24091",
        "datePublished": "2026-06-01T22:05:40.458Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:40.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24090 (GCVE-0-2026-24090)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Missing Authentication for Critical Function in HLOS
    Summary
    Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24090",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:54.473Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:39.371Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Missing Authentication for Critical Function in HLOS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24090",
        "datePublished": "2026-06-01T22:05:39.371Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-03T03:55:54.473Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24089 (GCVE-0-2026-24089)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Kernel
    Summary
    Memory corruption while processing fastboot commands with invalid input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24089",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:08:23.019160Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:55.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with invalid input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:38.322Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Kernel"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24089",
        "datePublished": "2026-06-01T22:05:38.322Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:55.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24088 (GCVE-0-2026-24088)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Missing Authentication for Critical Function in Boot
    Summary
    Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24088",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:55.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:37.195Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Missing Authentication for Critical Function in Boot"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24088",
        "datePublished": "2026-06-01T22:05:37.195Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-03T03:55:55.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24087 (GCVE-0-2026-24087)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Kernel
    Summary
    Memory corruption while processing fastboot OEM commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24087",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:08:06.530295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:24.460Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot OEM commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:36.129Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Kernel"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24087",
        "datePublished": "2026-06-01T22:05:36.129Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:24.460Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24085 (GCVE-0-2026-24085)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Stack-based Buffer Overflow in Display
    Summary
    Memory Corruption when processing display command line information due to improper initialization of a variable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:57.342651Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:40.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing display command line information due to improper initialization of a variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:34.944Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24085",
        "datePublished": "2026-06-01T22:05:34.944Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:40.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59614 (GCVE-0-2025-59614)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:04
    VLAI
    Title
    Out-of-bounds Write in Windows Compute
    Summary
    Memory Corruption when sending random number generator command with insufficient output buffer size.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59614",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:55:57.843395Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:04:38.484Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when sending random number generator command with insufficient output buffer size."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:33.823Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59614",
        "datePublished": "2026-06-01T22:05:33.823Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:04:38.484Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59613 (GCVE-0-2025-59613)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:04
    VLAI
    Title
    Stack-based Buffer Overflow in Windows Compute
    Summary
    Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6700
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59613",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:55:58.966932Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:04:50.787Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when output buffer size is smaller than input buffer size during data copying operation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:32.679Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59613",
        "datePublished": "2026-06-01T22:05:32.679Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:04:50.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59612 (GCVE-0-2025-59612)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:05
    VLAI
    Title
    Stack-based Buffer Overflow in Windows Compute
    Summary
    Memory corruption in windows drivers while sending incorrect trusted application request
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6700
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59612",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:56:00.170135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:05:03.408Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in windows drivers while sending incorrect trusted application request"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:31.596Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59612",
        "datePublished": "2026-06-01T22:05:31.596Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:05:03.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59611 (GCVE-0-2025-59611)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Write in Core Services
    Summary
    Memory corruption in diagnostic services due to absence of input validation
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: AQT1000
    Affected: Cologne
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCA6391
    Affected: QCA6420
    Affected: QCA6430
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: SM6250
    Affected: Snapdragon 7c Compute Platform
    Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8c Compute Platform "Poipu Lite"
    Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
    Affected: Snapdragon 8cx Compute Platform
    Affected: Snapdragon 8cx Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9340
    Affected: WCD9341
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59611",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:56.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AQT1000"
                },
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6420"
                },
                {
                  "status": "affected",
                  "version": "QCA6430"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "SM6250"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9340"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in diagnostic services due to absence of input validation"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:30.351Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in Core Services"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59611",
        "datePublished": "2026-06-01T22:05:30.351Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-03T03:55:56.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59610 (GCVE-0-2025-59610)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:04
    VLAI
    Title
    Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver
    Summary
    Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: 5G Fixed Wireless Access Platform
    Affected: C-V2X 9150
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: CSRB31024
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: Flight RB5 5G Platform
    Affected: FSM100 Platform
    Affected: G1 Gen 1
    Affected: G2 Gen 1
    Affected: IQ6 Series Platform
    Affected: IQ8 Series Platform
    Affected: IQ9 Series Platform
    Affected: LeMans_AU_LGIT
    Affected: LeMansAU
    Affected: Milos
    Affected: Monaco_IOT
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: Pandeiro
    Affected: QAM8255P
    Affected: QAM8295P
    Affected: QAMSRV1H
    Affected: QAMSRV1M
    Affected: QCA6391
    Affected: QCA6564AU
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6595
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8695AU
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6490
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCS2290
    Affected: QCS410
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QLN1083BD
    Affected: QLN1086BD
    Affected: QMP1000
    Affected: QPA1083BD
    Affected: QPA1086BD
    Affected: QRB5165M
    Affected: QRB5165N
    Affected: Qualcomm 215 Mobile Platform
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: Qualcomm Video Collaboration VC5 Platform
    Affected: QXM1093
    Affected: QXM1094
    Affected: QXM1095
    Affected: QXM1096
    Affected: Robotics RB2 Platform
    Affected: Robotics RB5 Platform
    Affected: SA2150P
    Affected: SA4150P
    Affected: SA4155P
    Affected: SA6145P
    Affected: SA6150P
    Affected: SA6155
    Affected: SA6155P
    Affected: SA7255P
    Affected: SA7775P
    Affected: SA8145P
    Affected: SA8150P
    Affected: SA8155
    Affected: SA8155P
    Affected: SA8195P
    Affected: SA8255P
    Affected: SA8295P
    Affected: SA8620P
    Affected: SA8770P
    Affected: SA9000P
    Affected: SAR1250P
    Affected: SAR2130P
    Affected: SAR2230P
    Affected: SD 8 Gen1 5G
    Affected: SD662
    Affected: SD865 5G
    Affected: SDA660
    Affected: SDM429W
    Affected: SM6225P
    Affected: SM6650P
    Affected: SM7250P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 429 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 660 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 720G Mobile Platform
    Affected: Snapdragon 765 5G Mobile Platform
    Affected: Snapdragon 765G 5G Mobile Platform
    Affected: Snapdragon 768G 5G Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon AR1 Gen 1 Platform
    Affected: Snapdragon Auto 5G Modem-RF
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon XR2 5G Platform
    Affected: Snapdragon XR2+ Gen 1 Platform
    Affected: SnapdragonAuto 4GModem
    Affected: SRV1H
    Affected: SRV1M
    Affected: SW5100
    Affected: SW5100P
    Affected: SXR2230P
    Affected: SXR2250P
    Affected: SXR2330P
    Affected: SXR2350P
    Affected: Vision Intelligence 300 Platform
    Affected: Vision Intelligence 400 Platform
    Affected: WCD9326
    Affected: WCD9335
    Affected: WCD9341
    Affected: WCD9360
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3615
    Affected: WCN3620
    Affected: WCN3660B
    Affected: WCN3680B
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN3990
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59610",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:55:55.757043Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:04:12.112Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon CCW",
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon Mobile",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "5G Fixed Wireless Access Platform"
                },
                {
                  "status": "affected",
                  "version": "C-V2X 9150"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "CSRB31024"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "Flight RB5 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "FSM100 Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "G2 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "IQ6 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ8 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ9 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "LeMans_AU_LGIT"
                },
                {
                  "status": "affected",
                  "version": "LeMansAU"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Monaco_IOT"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "Pandeiro"
                },
                {
                  "status": "affected",
                  "version": "QAM8255P"
                },
                {
                  "status": "affected",
                  "version": "QAM8295P"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1H"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1M"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6564AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8695AU"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS410"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QLN1083BD"
                },
                {
                  "status": "affected",
                  "version": "QLN1086BD"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "QPA1083BD"
                },
                {
                  "status": "affected",
                  "version": "QPA1086BD"
                },
                {
                  "status": "affected",
                  "version": "QRB5165M"
                },
                {
                  "status": "affected",
                  "version": "QRB5165N"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm 215 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC5 Platform"
                },
                {
                  "status": "affected",
                  "version": "QXM1093"
                },
                {
                  "status": "affected",
                  "version": "QXM1094"
                },
                {
                  "status": "affected",
                  "version": "QXM1095"
                },
                {
                  "status": "affected",
                  "version": "QXM1096"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB5 Platform"
                },
                {
                  "status": "affected",
                  "version": "SA2150P"
                },
                {
                  "status": "affected",
                  "version": "SA4150P"
                },
                {
                  "status": "affected",
                  "version": "SA4155P"
                },
                {
                  "status": "affected",
                  "version": "SA6145P"
                },
                {
                  "status": "affected",
                  "version": "SA6150P"
                },
                {
                  "status": "affected",
                  "version": "SA6155"
                },
                {
                  "status": "affected",
                  "version": "SA6155P"
                },
                {
                  "status": "affected",
                  "version": "SA7255P"
                },
                {
                  "status": "affected",
                  "version": "SA7775P"
                },
                {
                  "status": "affected",
                  "version": "SA8145P"
                },
                {
                  "status": "affected",
                  "version": "SA8150P"
                },
                {
                  "status": "affected",
                  "version": "SA8155"
                },
                {
                  "status": "affected",
                  "version": "SA8155P"
                },
                {
                  "status": "affected",
                  "version": "SA8195P"
                },
                {
                  "status": "affected",
                  "version": "SA8255P"
                },
                {
                  "status": "affected",
                  "version": "SA8295P"
                },
                {
                  "status": "affected",
                  "version": "SA8620P"
                },
                {
                  "status": "affected",
                  "version": "SA8770P"
                },
                {
                  "status": "affected",
                  "version": "SA9000P"
                },
                {
                  "status": "affected",
                  "version": "SAR1250P"
                },
                {
                  "status": "affected",
                  "version": "SAR2130P"
                },
                {
                  "status": "affected",
                  "version": "SAR2230P"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SD865 5G"
                },
                {
                  "status": "affected",
                  "version": "SDA660"
                },
                {
                  "status": "affected",
                  "version": "SDM429W"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7250P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 429 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 660 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 720G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 765 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 765G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 768G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "SnapdragonAuto 4GModem"
                },
                {
                  "status": "affected",
                  "version": "SRV1H"
                },
                {
                  "status": "affected",
                  "version": "SRV1M"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2250P"
                },
                {
                  "status": "affected",
                  "version": "SXR2330P"
                },
                {
                  "status": "affected",
                  "version": "SXR2350P"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 300 Platform"
                },
                {
                  "status": "affected",
                  "version": "Vision Intelligence 400 Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9326"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9360"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3615"
                },
                {
                  "status": "affected",
                  "version": "WCN3620"
                },
                {
                  "status": "affected",
                  "version": "WCN3660B"
                },
                {
                  "status": "affected",
                  "version": "WCN3680B"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN3990"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:29.149Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59610",
        "datePublished": "2026-06-01T22:05:29.149Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:04:12.112Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59604 (GCVE-0-2025-59604)

    Vulnerability from nvd – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:56
    VLAI
    Title
    NULL Pointer Dereference in SPS Applications
    Summary
    Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: AR8035
    Affected: Cologne
    Affected: CSRA6620
    Affected: CSRA6640
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: FWA Gen 3 Ultra Platform
    Affected: G1 Gen 1
    Affected: G2 Gen 1
    Affected: IQ6 Series Platform
    Affected: IQ8 Series Platform
    Affected: IQ9 Series Platform
    Affected: LeMans_AU_LGIT
    Affected: LeMansAU
    Affected: Milos
    Affected: Monaco_IOT
    Affected: Netrani
    Affected: Orne
    Affected: Palawan25
    Affected: Pandeiro
    Affected: QAM8255P
    Affected: QAM8295P
    Affected: QAM8620P
    Affected: QAMSRV1H
    Affected: QAMSRV1M
    Affected: QCA0000
    Affected: QCA6174A
    Affected: QCA6391
    Affected: QCA6574
    Affected: QCA6574A
    Affected: QCA6574AU
    Affected: QCA6584AU
    Affected: QCA6595
    Affected: QCA6595AU
    Affected: QCA6678AQ
    Affected: QCA6688AQ
    Affected: QCA6696
    Affected: QCA6698AQ
    Affected: QCA6698AU
    Affected: QCA6797AQ
    Affected: QCA8081
    Affected: QCA8337
    Affected: QCA8695AU
    Affected: QCC710
    Affected: QCM2290
    Affected: QCM4325
    Affected: QCM4490
    Affected: QCM5430
    Affected: QCM6125
    Affected: QCM6490
    Affected: QCN6024
    Affected: QCN6224
    Affected: QCN6274
    Affected: QCN9011
    Affected: QCN9012
    Affected: QCN9024
    Affected: QCS2290
    Affected: QCS4290
    Affected: QCS4490
    Affected: QCS8550
    Affected: QDX1010
    Affected: QDX1011
    Affected: QEP8111
    Affected: QFW7114
    Affected: QFW7124
    Affected: QLN1083BD
    Affected: QLN1086BD
    Affected: QMP1000
    Affected: QPA1083BD
    Affected: QPA1086BD
    Affected: QRU1032
    Affected: Qualcomm Dragonwing QRU100 Platform
    Affected: Qualcomm Dragonwing X100 Accelerator Card
    Affected: Qualcomm Video Collaboration VC1 Platform
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: QXM1093
    Affected: QXM1094
    Affected: QXM1095
    Affected: QXM1096
    Affected: Robotics RB2 Platform
    Affected: SA4150P
    Affected: SA4155P
    Affected: SA6145P
    Affected: SA6150P
    Affected: SA6155P
    Affected: SA7255P
    Affected: SA7775P
    Affected: SA8145P
    Affected: SA8150P
    Affected: SA8155P
    Affected: SA8195P
    Affected: SA8255P
    Affected: SA8295P
    Affected: SA8540P
    Affected: SA8620P
    Affected: SA8770P
    Affected: SA9000P
    Affected: SAR1250P
    Affected: SAR2130P
    Affected: SAR2230P
    Affected: SC8380XP
    Affected: SD 8 Gen1 5G
    Affected: SD662
    Affected: SD865 5G
    Affected: SDX61
    Affected: SM6225P
    Affected: SM6650P
    Affected: SM7250P
    Affected: SM7325P
    Affected: SM7435
    Affected: SM7550
    Affected: SM7550P
    Affected: SM7635P
    Affected: SM7675
    Affected: SM7675P
    Affected: SM8475P
    Affected: SM8550P
    Affected: SM8635
    Affected: SM8635P
    Affected: SM8650Q
    Affected: SM8750P
    Affected: Snapdragon 4 Gen 1 Mobile Platform
    Affected: Snapdragon 4 Gen 2 Mobile Platform
    Affected: Snapdragon 460 Mobile Platform
    Affected: Snapdragon 480 5G Mobile Platform
    Affected: Snapdragon 480+ 5G Mobile Platform
    Affected: Snapdragon 6 Gen 1 Mobile Platform
    Affected: Snapdragon 6 Gen 3 Mobile Platform
    Affected: Snapdragon 6 Gen 4 Mobile Platform
    Affected: Snapdragon 662 Mobile Platform
    Affected: Snapdragon 680 4G Mobile Platform
    Affected: Snapdragon 685 4G Mobile Platform
    Affected: Snapdragon 690 5G Mobile Platform
    Affected: Snapdragon 695 5G Mobile Platform
    Affected: Snapdragon 7 Gen 1 Mobile Platform
    Affected: Snapdragon 7+ Gen 2 Mobile Platform
    Affected: Snapdragon 720G Mobile Platform
    Affected: Snapdragon 765 5G Mobile Platform
    Affected: Snapdragon 765G 5G Mobile Platform
    Affected: Snapdragon 768G 5G Mobile Platform
    Affected: Snapdragon 778G 5G Mobile Platform
    Affected: Snapdragon 778G+ 5G Mobile Platform
    Affected: Snapdragon 782G Mobile Platform
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 7s Gen 3 Mobile Platform
    Affected: Snapdragon 8 Elite
    Affected: Snapdragon 8 Gen 1 Mobile Platform
    Affected: Snapdragon 8 Gen 2 Mobile Platform
    Affected: Snapdragon 8 Gen 3 Mobile Platform
    Affected: Snapdragon 8+ Gen 1 Mobile Platform
    Affected: Snapdragon 8+ Gen 2 Mobile Platform
    Affected: Snapdragon 865 5G Mobile Platform
    Affected: Snapdragon 865+ 5G Mobile Platform
    Affected: Snapdragon 870 5G Mobile Platform
    Affected: Snapdragon 888 5G Mobile Platform
    Affected: Snapdragon 888+ 5G Mobile Platform
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: Snapdragon AR1 Gen 1 Platform
    Affected: Snapdragon Auto 5G Modem-RF Gen 2
    Affected: Snapdragon W5+ Gen 1 Wearable Platform
    Affected: Snapdragon X32 5G Modem-RF System
    Affected: Snapdragon X35 5G Modem-RF System
    Affected: Snapdragon X53 5G Modem-RF System
    Affected: Snapdragon X55 5G Modem-RF System
    Affected: Snapdragon X65 5G Modem-RF System
    Affected: Snapdragon X72 5G Modem-RF System
    Affected: Snapdragon X75 5G Modem-RF System
    Affected: Snapdragon XR2 5G Platform
    Affected: Snapdragon XR2+ Gen 1 Platform
    Affected: SRV1H
    Affected: SRV1L
    Affected: SRV1M
    Affected: SW5100
    Affected: SW5100P
    Affected: SXR2230P
    Affected: SXR2250P
    Affected: SXR2330P
    Affected: SXR2350P
    Affected: WCD9335
    Affected: WCD9340
    Affected: WCD9370
    Affected: WCD9371
    Affected: WCD9375
    Affected: WCD9378
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WCD9390
    Affected: WCD9395
    Affected: WCN3910
    Affected: WCN3950
    Affected: WCN3980
    Affected: WCN3988
    Affected: WCN6650
    Affected: WCN6755
    Affected: WCN7860
    Affected: WCN7861
    Affected: WCN7880
    Affected: WCN7881
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8832
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59604",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:56:00.464Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Auto",
                "Snapdragon CCW",
                "Snapdragon Compute",
                "Snapdragon Consumer IOT",
                "Snapdragon Industrial IOT",
                "Snapdragon Mobile",
                "Snapdragon WBC",
                "Snapdragon Wearables"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AR8035"
                },
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "CSRA6620"
                },
                {
                  "status": "affected",
                  "version": "CSRA6640"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "FWA Gen 3 Ultra Platform"
                },
                {
                  "status": "affected",
                  "version": "G1 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "G2 Gen 1"
                },
                {
                  "status": "affected",
                  "version": "IQ6 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ8 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "IQ9 Series Platform"
                },
                {
                  "status": "affected",
                  "version": "LeMans_AU_LGIT"
                },
                {
                  "status": "affected",
                  "version": "LeMansAU"
                },
                {
                  "status": "affected",
                  "version": "Milos"
                },
                {
                  "status": "affected",
                  "version": "Monaco_IOT"
                },
                {
                  "status": "affected",
                  "version": "Netrani"
                },
                {
                  "status": "affected",
                  "version": "Orne"
                },
                {
                  "status": "affected",
                  "version": "Palawan25"
                },
                {
                  "status": "affected",
                  "version": "Pandeiro"
                },
                {
                  "status": "affected",
                  "version": "QAM8255P"
                },
                {
                  "status": "affected",
                  "version": "QAM8295P"
                },
                {
                  "status": "affected",
                  "version": "QAM8620P"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1H"
                },
                {
                  "status": "affected",
                  "version": "QAMSRV1M"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCA6174A"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6574"
                },
                {
                  "status": "affected",
                  "version": "QCA6574A"
                },
                {
                  "status": "affected",
                  "version": "QCA6574AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6584AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6595"
                },
                {
                  "status": "affected",
                  "version": "QCA6595AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6678AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6688AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6696"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA6698AU"
                },
                {
                  "status": "affected",
                  "version": "QCA6797AQ"
                },
                {
                  "status": "affected",
                  "version": "QCA8081"
                },
                {
                  "status": "affected",
                  "version": "QCA8337"
                },
                {
                  "status": "affected",
                  "version": "QCA8695AU"
                },
                {
                  "status": "affected",
                  "version": "QCC710"
                },
                {
                  "status": "affected",
                  "version": "QCM2290"
                },
                {
                  "status": "affected",
                  "version": "QCM4325"
                },
                {
                  "status": "affected",
                  "version": "QCM4490"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6125"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "QCN6024"
                },
                {
                  "status": "affected",
                  "version": "QCN6224"
                },
                {
                  "status": "affected",
                  "version": "QCN6274"
                },
                {
                  "status": "affected",
                  "version": "QCN9011"
                },
                {
                  "status": "affected",
                  "version": "QCN9012"
                },
                {
                  "status": "affected",
                  "version": "QCN9024"
                },
                {
                  "status": "affected",
                  "version": "QCS2290"
                },
                {
                  "status": "affected",
                  "version": "QCS4290"
                },
                {
                  "status": "affected",
                  "version": "QCS4490"
                },
                {
                  "status": "affected",
                  "version": "QCS8550"
                },
                {
                  "status": "affected",
                  "version": "QDX1010"
                },
                {
                  "status": "affected",
                  "version": "QDX1011"
                },
                {
                  "status": "affected",
                  "version": "QEP8111"
                },
                {
                  "status": "affected",
                  "version": "QFW7114"
                },
                {
                  "status": "affected",
                  "version": "QFW7124"
                },
                {
                  "status": "affected",
                  "version": "QLN1083BD"
                },
                {
                  "status": "affected",
                  "version": "QLN1086BD"
                },
                {
                  "status": "affected",
                  "version": "QMP1000"
                },
                {
                  "status": "affected",
                  "version": "QPA1083BD"
                },
                {
                  "status": "affected",
                  "version": "QPA1086BD"
                },
                {
                  "status": "affected",
                  "version": "QRU1032"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Dragonwing QRU100 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Dragonwing X100 Accelerator Card"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "QXM1093"
                },
                {
                  "status": "affected",
                  "version": "QXM1094"
                },
                {
                  "status": "affected",
                  "version": "QXM1095"
                },
                {
                  "status": "affected",
                  "version": "QXM1096"
                },
                {
                  "status": "affected",
                  "version": "Robotics RB2 Platform"
                },
                {
                  "status": "affected",
                  "version": "SA4150P"
                },
                {
                  "status": "affected",
                  "version": "SA4155P"
                },
                {
                  "status": "affected",
                  "version": "SA6145P"
                },
                {
                  "status": "affected",
                  "version": "SA6150P"
                },
                {
                  "status": "affected",
                  "version": "SA6155P"
                },
                {
                  "status": "affected",
                  "version": "SA7255P"
                },
                {
                  "status": "affected",
                  "version": "SA7775P"
                },
                {
                  "status": "affected",
                  "version": "SA8145P"
                },
                {
                  "status": "affected",
                  "version": "SA8150P"
                },
                {
                  "status": "affected",
                  "version": "SA8155P"
                },
                {
                  "status": "affected",
                  "version": "SA8195P"
                },
                {
                  "status": "affected",
                  "version": "SA8255P"
                },
                {
                  "status": "affected",
                  "version": "SA8295P"
                },
                {
                  "status": "affected",
                  "version": "SA8540P"
                },
                {
                  "status": "affected",
                  "version": "SA8620P"
                },
                {
                  "status": "affected",
                  "version": "SA8770P"
                },
                {
                  "status": "affected",
                  "version": "SA9000P"
                },
                {
                  "status": "affected",
                  "version": "SAR1250P"
                },
                {
                  "status": "affected",
                  "version": "SAR2130P"
                },
                {
                  "status": "affected",
                  "version": "SAR2230P"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "SD 8 Gen1 5G"
                },
                {
                  "status": "affected",
                  "version": "SD662"
                },
                {
                  "status": "affected",
                  "version": "SD865 5G"
                },
                {
                  "status": "affected",
                  "version": "SDX61"
                },
                {
                  "status": "affected",
                  "version": "SM6225P"
                },
                {
                  "status": "affected",
                  "version": "SM6650P"
                },
                {
                  "status": "affected",
                  "version": "SM7250P"
                },
                {
                  "status": "affected",
                  "version": "SM7325P"
                },
                {
                  "status": "affected",
                  "version": "SM7435"
                },
                {
                  "status": "affected",
                  "version": "SM7550"
                },
                {
                  "status": "affected",
                  "version": "SM7550P"
                },
                {
                  "status": "affected",
                  "version": "SM7635P"
                },
                {
                  "status": "affected",
                  "version": "SM7675"
                },
                {
                  "status": "affected",
                  "version": "SM7675P"
                },
                {
                  "status": "affected",
                  "version": "SM8475P"
                },
                {
                  "status": "affected",
                  "version": "SM8550P"
                },
                {
                  "status": "affected",
                  "version": "SM8635"
                },
                {
                  "status": "affected",
                  "version": "SM8635P"
                },
                {
                  "status": "affected",
                  "version": "SM8650Q"
                },
                {
                  "status": "affected",
                  "version": "SM8750P"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 4 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 460 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 480+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 6 Gen 4 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 662 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 680 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 685 4G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 690 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 695 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 720G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 765 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 765G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 768G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 778G+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 782G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7s Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Elite"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8 Gen 3 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 1 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8+ Gen 2 Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 865+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 870 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 888+ 5G Mobile Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon AR1 Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon Auto 5G Modem-RF Gen 2"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon W5+ Gen 1 Wearable Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X32 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X35 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X53 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X55 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X65 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X72 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon X75 5G Modem-RF System"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2 5G Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon XR2+ Gen 1 Platform"
                },
                {
                  "status": "affected",
                  "version": "SRV1H"
                },
                {
                  "status": "affected",
                  "version": "SRV1L"
                },
                {
                  "status": "affected",
                  "version": "SRV1M"
                },
                {
                  "status": "affected",
                  "version": "SW5100"
                },
                {
                  "status": "affected",
                  "version": "SW5100P"
                },
                {
                  "status": "affected",
                  "version": "SXR2230P"
                },
                {
                  "status": "affected",
                  "version": "SXR2250P"
                },
                {
                  "status": "affected",
                  "version": "SXR2330P"
                },
                {
                  "status": "affected",
                  "version": "SXR2350P"
                },
                {
                  "status": "affected",
                  "version": "WCD9335"
                },
                {
                  "status": "affected",
                  "version": "WCD9340"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9371"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WCD9390"
                },
                {
                  "status": "affected",
                  "version": "WCD9395"
                },
                {
                  "status": "affected",
                  "version": "WCN3910"
                },
                {
                  "status": "affected",
                  "version": "WCN3950"
                },
                {
                  "status": "affected",
                  "version": "WCN3980"
                },
                {
                  "status": "affected",
                  "version": "WCN3988"
                },
                {
                  "status": "affected",
                  "version": "WCN6650"
                },
                {
                  "status": "affected",
                  "version": "WCN6755"
                },
                {
                  "status": "affected",
                  "version": "WCN7860"
                },
                {
                  "status": "affected",
                  "version": "WCN7861"
                },
                {
                  "status": "affected",
                  "version": "WCN7880"
                },
                {
                  "status": "affected",
                  "version": "WCN7881"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8832"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476 NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:24.558Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "NULL Pointer Dereference in SPS Applications"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59604",
        "datePublished": "2026-06-01T22:05:24.558Z",
        "dateReserved": "2025-09-18T03:19:23.201Z",
        "dateUpdated": "2026-06-03T03:56:00.464Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25260 (GCVE-0-2026-25260)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service
    Summary
    Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25260",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:51.034Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:45.336Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Time-of-check Time-of-use (TOCTOU) Race Condition in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25260",
        "datePublished": "2026-06-01T22:05:45.336Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:51.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25259 (GCVE-0-2026-25259)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Write in DSP Service
    Summary
    Memory corruption while processing multiple IOCTL command for escape operations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25259",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:52.198Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing multiple IOCTL command for escape operations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:43.934Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25259",
        "datePublished": "2026-06-01T22:05:43.934Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:52.198Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-25258 (GCVE-0-2026-25258)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Read in DSP Service
    Summary
    Memory corruption while processing IOCTL calls for escape operations.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-25258",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:53.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing IOCTL calls for escape operations."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-125",
                  "description": "CWE-125: Out-of-bounds Read",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:42.726Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Read in DSP Service"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-25258",
        "datePublished": "2026-06-01T22:05:42.726Z",
        "dateReserved": "2026-02-02T04:19:00.939Z",
        "dateUpdated": "2026-06-03T03:55:53.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24092 (GCVE-0-2026-24092)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory Corruption when processing fastboot commands to set display mode.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24092",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:06:56.042807Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:26.514Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing fastboot commands to set display mode."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:41.591Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24092",
        "datePublished": "2026-06-01T22:05:41.591Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:26.514Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24091 (GCVE-0-2026-24091)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Display
    Summary
    Memory corruption while processing fastboot commands with improperly formatted input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24091",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:12.515624Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:40.634Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with improperly formatted input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:40.458Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24091",
        "datePublished": "2026-06-01T22:05:40.458Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:40.634Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24090 (GCVE-0-2026-24090)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Missing Authentication for Critical Function in HLOS
    Summary
    Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24090",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:54.473Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:39.371Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Missing Authentication for Critical Function in HLOS"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24090",
        "datePublished": "2026-06-01T22:05:39.371Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-03T03:55:54.473Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24089 (GCVE-0-2026-24089)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:12
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Kernel
    Summary
    Memory corruption while processing fastboot commands with invalid input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24089",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:08:23.019160Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:12:55.857Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot commands with invalid input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:38.322Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Kernel"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24089",
        "datePublished": "2026-06-01T22:05:38.322Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:12:55.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24088 (GCVE-0-2026-24088)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Missing Authentication for Critical Function in Boot
    Summary
    Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-306 - Missing Authentication for Critical Function
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24088",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:55.678Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "CWE-306: Missing Authentication for Critical Function",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:37.195Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Missing Authentication for Critical Function in Boot"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24088",
        "datePublished": "2026-06-01T22:05:37.195Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-03T03:55:55.678Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24087 (GCVE-0-2026-24087)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Improper Validation of Syntactic Correctness of Input in Kernel
    Summary
    Memory corruption while processing fastboot OEM commands.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24087",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:08:06.530295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:24.460Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption while processing fastboot OEM commands."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:36.129Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Improper Validation of Syntactic Correctness of Input in Kernel"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24087",
        "datePublished": "2026-06-01T22:05:36.129Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:24.460Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-24085 (GCVE-0-2026-24085)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 12:13
    VLAI
    Title
    Stack-based Buffer Overflow in Display
    Summary
    Memory Corruption when processing display command line information due to improper initialization of a variable.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-24085",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T12:07:57.342651Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T12:13:40.742Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when processing display command line information due to improper initialization of a variable."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "PHYSICAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:34.944Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Display"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2026-24085",
        "datePublished": "2026-06-01T22:05:34.944Z",
        "dateReserved": "2026-01-21T12:51:13.996Z",
        "dateUpdated": "2026-06-02T12:13:40.742Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59614 (GCVE-0-2025-59614)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:04
    VLAI
    Title
    Out-of-bounds Write in Windows Compute
    Summary
    Memory Corruption when sending random number generator command with insufficient output buffer size.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: SC8380XP
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59614",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:55:57.843395Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:04:38.484Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when sending random number generator command with insufficient output buffer size."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:33.823Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59614",
        "datePublished": "2026-06-01T22:05:33.823Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:04:38.484Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59613 (GCVE-0-2025-59613)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:04
    VLAI
    Title
    Stack-based Buffer Overflow in Windows Compute
    Summary
    Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6700
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59613",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:55:58.966932Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:04:50.787Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory Corruption when output buffer size is smaller than input buffer size during data copying operation."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:32.679Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59613",
        "datePublished": "2026-06-01T22:05:32.679Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:04:50.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59612 (GCVE-0-2025-59612)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-02 13:05
    VLAI
    Title
    Stack-based Buffer Overflow in Windows Compute
    Summary
    Memory corruption in windows drivers while sending incorrect trusted application request
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: Cologne
    Affected: FastConnect 6700
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59612",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T03:56:00.170135Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T13:05:03.408Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in windows drivers while sending incorrect trusted application request"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-121",
                  "description": "CWE-121 Stack-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:31.596Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Stack-based Buffer Overflow in Windows Compute"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59612",
        "datePublished": "2026-06-01T22:05:31.596Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-02T13:05:03.408Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-59611 (GCVE-0-2025-59611)

    Vulnerability from cvelistv5 – Published: 2026-06-01 22:05 – Updated: 2026-06-03 03:55
    VLAI
    Title
    Out-of-bounds Write in Core Services
    Summary
    Memory corruption in diagnostic services due to absence of input validation
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    Qualcomm, Inc. Snapdragon Affected: AQT1000
    Affected: Cologne
    Affected: FastConnect 6200
    Affected: FastConnect 6700
    Affected: FastConnect 6800
    Affected: FastConnect 6900
    Affected: FastConnect 7800
    Affected: QCA0000
    Affected: QCA6391
    Affected: QCA6420
    Affected: QCA6430
    Affected: QCM5430
    Affected: QCM6490
    Affected: Qualcomm Video Collaboration VC3 Platform
    Affected: SC8380XP
    Affected: SM6250
    Affected: Snapdragon 7c Compute Platform
    Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro"
    Affected: Snapdragon 7c+ Gen 3 Compute
    Affected: Snapdragon 8c Compute Platform "Poipu Lite"
    Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
    Affected: Snapdragon 8cx Compute Platform
    Affected: Snapdragon 8cx Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform
    Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro"
    Affected: Snapdragon 8cx Gen 3 Compute Platform
    Affected: WCD9340
    Affected: WCD9341
    Affected: WCD9370
    Affected: WCD9375
    Affected: WCD9378C
    Affected: WCD9380
    Affected: WCD9385
    Affected: WSA8810
    Affected: WSA8815
    Affected: WSA8830
    Affected: WSA8835
    Affected: WSA8840
    Affected: WSA8845
    Affected: WSA8845H
    Affected: X2000077
    Affected: X2000086
    Affected: X2000090
    Affected: X2000092
    Affected: X2000094
    Affected: XG101002
    Affected: XG101032
    Affected: XG101039
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-59611",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-03T03:55:56.800Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Snapdragon Compute",
                "Snapdragon Industrial IOT"
              ],
              "product": "Snapdragon",
              "vendor": "Qualcomm, Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "AQT1000"
                },
                {
                  "status": "affected",
                  "version": "Cologne"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6200"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6700"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6800"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 6900"
                },
                {
                  "status": "affected",
                  "version": "FastConnect 7800"
                },
                {
                  "status": "affected",
                  "version": "QCA0000"
                },
                {
                  "status": "affected",
                  "version": "QCA6391"
                },
                {
                  "status": "affected",
                  "version": "QCA6420"
                },
                {
                  "status": "affected",
                  "version": "QCA6430"
                },
                {
                  "status": "affected",
                  "version": "QCM5430"
                },
                {
                  "status": "affected",
                  "version": "QCM6490"
                },
                {
                  "status": "affected",
                  "version": "Qualcomm Video Collaboration VC3 Platform"
                },
                {
                  "status": "affected",
                  "version": "SC8380XP"
                },
                {
                  "status": "affected",
                  "version": "SM6250"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 7c+ Gen 3 Compute"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
                },
                {
                  "status": "affected",
                  "version": "Snapdragon 8cx Gen 3 Compute Platform"
                },
                {
                  "status": "affected",
                  "version": "WCD9340"
                },
                {
                  "status": "affected",
                  "version": "WCD9341"
                },
                {
                  "status": "affected",
                  "version": "WCD9370"
                },
                {
                  "status": "affected",
                  "version": "WCD9375"
                },
                {
                  "status": "affected",
                  "version": "WCD9378C"
                },
                {
                  "status": "affected",
                  "version": "WCD9380"
                },
                {
                  "status": "affected",
                  "version": "WCD9385"
                },
                {
                  "status": "affected",
                  "version": "WSA8810"
                },
                {
                  "status": "affected",
                  "version": "WSA8815"
                },
                {
                  "status": "affected",
                  "version": "WSA8830"
                },
                {
                  "status": "affected",
                  "version": "WSA8835"
                },
                {
                  "status": "affected",
                  "version": "WSA8840"
                },
                {
                  "status": "affected",
                  "version": "WSA8845"
                },
                {
                  "status": "affected",
                  "version": "WSA8845H"
                },
                {
                  "status": "affected",
                  "version": "X2000077"
                },
                {
                  "status": "affected",
                  "version": "X2000086"
                },
                {
                  "status": "affected",
                  "version": "X2000090"
                },
                {
                  "status": "affected",
                  "version": "X2000092"
                },
                {
                  "status": "affected",
                  "version": "X2000094"
                },
                {
                  "status": "affected",
                  "version": "XG101002"
                },
                {
                  "status": "affected",
                  "version": "XG101032"
                },
                {
                  "status": "affected",
                  "version": "XG101039"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Memory corruption in diagnostic services due to absence of input validation"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787: Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-06-01T22:05:30.351Z",
            "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
            "shortName": "qualcomm"
          },
          "references": [
            {
              "url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html"
            }
          ],
          "title": "Out-of-bounds Write in Core Services"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
        "assignerShortName": "qualcomm",
        "cveId": "CVE-2025-59611",
        "datePublished": "2026-06-01T22:05:30.351Z",
        "dateReserved": "2025-09-18T03:19:23.202Z",
        "dateUpdated": "2026-06-03T03:55:56.800Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }