Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2026-AVI-0679
Vulnerability from certfr_avis - Published: 2026-06-02 - Updated: 2026-06-02
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Google indique que la vulnérabilité CVE-2025-48595 est activement exploitée.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Android versions ant\u00e9rieures \u00e0 14, 15, 16, 16-qpr2 et Filet avant le correctif du 1er juin 2026",
"product": {
"name": "Android",
"vendor": {
"name": "Google",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0075"
},
{
"name": "CVE-2025-47384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47384"
},
{
"name": "CVE-2026-0046",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0046"
},
{
"name": "CVE-2026-20449",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20449"
},
{
"name": "CVE-2026-22167",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22167"
},
{
"name": "CVE-2026-0100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0100"
},
{
"name": "CVE-2026-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0042"
},
{
"name": "CVE-2026-21372",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21372"
},
{
"name": "CVE-2026-0087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0087"
},
{
"name": "CVE-2026-21546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21546"
},
{
"name": "CVE-2026-28574",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28574"
},
{
"name": "CVE-2026-0052",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0052"
},
{
"name": "CVE-2026-21378",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21378"
},
{
"name": "CVE-2025-71254",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71254"
},
{
"name": "CVE-2026-0091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0091"
},
{
"name": "CVE-2025-48595",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48595"
},
{
"name": "CVE-2026-0088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0088"
},
{
"name": "CVE-2026-21374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21374"
},
{
"name": "CVE-2026-0016",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0016"
},
{
"name": "CVE-2026-0078",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0078"
},
{
"name": "CVE-2026-0048",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0048"
},
{
"name": "CVE-2025-59606",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59606"
},
{
"name": "CVE-2026-21736",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21736"
},
{
"name": "CVE-2026-28581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28581"
},
{
"name": "CVE-2026-0044",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0044"
},
{
"name": "CVE-2025-47401",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47401"
},
{
"name": "CVE-2026-0051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0051"
},
{
"name": "CVE-2026-21547",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21547"
},
{
"name": "CVE-2025-26418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26418"
},
{
"name": "CVE-2026-21544",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21544"
},
{
"name": "CVE-2026-0050",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0050"
},
{
"name": "CVE-2026-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0096"
},
{
"name": "CVE-2026-0055",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0055"
},
{
"name": "CVE-2026-0086",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0086"
},
{
"name": "CVE-2026-0061",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0061"
},
{
"name": "CVE-2026-0043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0043"
},
{
"name": "CVE-2026-20431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20431"
},
{
"name": "CVE-2026-21373",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21373"
},
{
"name": "CVE-2025-48570",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48570"
},
{
"name": "CVE-2026-20433",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20433"
},
{
"name": "CVE-2026-0056",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0056"
},
{
"name": "CVE-2026-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0095"
},
{
"name": "CVE-2026-21541",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21541"
},
{
"name": "CVE-2026-20432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20432"
},
{
"name": "CVE-2026-0076",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0076"
},
{
"name": "CVE-2025-47400",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47400"
},
{
"name": "CVE-2025-48600",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48600"
},
{
"name": "CVE-2026-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0009"
},
{
"name": "CVE-2026-0070",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0070"
},
{
"name": "CVE-2026-0039",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0039"
},
{
"name": "CVE-2026-21542",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21542"
},
{
"name": "CVE-2026-28586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28586"
},
{
"name": "CVE-2026-21353",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21353"
},
{
"name": "CVE-2026-0036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0036"
},
{
"name": "CVE-2026-0069",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0069"
},
{
"name": "CVE-2025-48649",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48649"
},
{
"name": "CVE-2026-21545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21545"
},
{
"name": "CVE-2026-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0059"
},
{
"name": "CVE-2025-71255",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71255"
},
{
"name": "CVE-2025-64505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
},
{
"name": "CVE-2026-28577",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28577"
},
{
"name": "CVE-2025-48648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48648"
},
{
"name": "CVE-2026-0077",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0077"
},
{
"name": "CVE-2025-48612",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48612"
},
{
"name": "CVE-2026-0060",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0060"
},
{
"name": "CVE-2025-71256",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71256"
},
{
"name": "CVE-2026-21367",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21367"
},
{
"name": "CVE-2025-71253",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71253"
},
{
"name": "CVE-2026-0079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0079"
},
{
"name": "CVE-2026-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0099"
},
{
"name": "CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"name": "CVE-2026-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21538"
},
{
"name": "CVE-2026-28580",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28580"
},
{
"name": "CVE-2026-28578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-28578"
},
{
"name": "CVE-2025-48652",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48652"
},
{
"name": "CVE-2026-24089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24089"
},
{
"name": "CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"name": "CVE-2026-21376",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21376"
},
{
"name": "CVE-2026-21540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21540"
},
{
"name": "CVE-2026-20455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20455"
},
{
"name": "CVE-2026-20448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20448"
},
{
"name": "CVE-2026-0074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0074"
},
{
"name": "CVE-2025-48581",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48581"
},
{
"name": "CVE-2025-22426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22426"
},
{
"name": "CVE-2026-21375",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21375"
},
{
"name": "CVE-2025-40214",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40214"
},
{
"name": "CVE-2026-21352",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21352"
},
{
"name": "CVE-2026-21543",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21543"
},
{
"name": "CVE-2026-0093",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0093"
},
{
"name": "CVE-2026-21381",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21381"
},
{
"name": "CVE-2025-71252",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71252"
},
{
"name": "CVE-2026-20435",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20435"
},
{
"name": "CVE-2025-32348",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32348"
},
{
"name": "CVE-2025-48616",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48616"
},
{
"name": "CVE-2025-47392",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47392"
},
{
"name": "CVE-2026-20447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20447"
},
{
"name": "CVE-2026-25277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25277"
},
{
"name": "CVE-2026-0094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0094"
},
{
"name": "CVE-2026-22163",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22163"
},
{
"name": "CVE-2026-25276",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25276"
},
{
"name": "CVE-2026-0045",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0045"
},
{
"name": "CVE-2026-20454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20454"
},
{
"name": "CVE-2026-0067",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0067"
},
{
"name": "CVE-2025-48615",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48615"
},
{
"name": "CVE-2026-21539",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21539"
},
{
"name": "CVE-2026-0085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0085"
},
{
"name": "CVE-2026-0097",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0097"
},
{
"name": "CVE-2026-0089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0089"
},
{
"name": "CVE-2025-71251",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71251"
},
{
"name": "CVE-2025-59604",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59604"
},
{
"name": "CVE-2025-59605",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59605"
},
{
"name": "CVE-2026-0018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0018"
},
{
"name": "CVE-2025-47403",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47403"
},
{
"name": "CVE-2026-0098",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0098"
},
{
"name": "CVE-2026-21380",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21380"
},
{
"name": "CVE-2026-0080",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0080"
},
{
"name": "CVE-2026-20450",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20450"
},
{
"name": "CVE-2026-0041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0041"
},
{
"name": "CVE-2026-0040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0040"
},
{
"name": "CVE-2026-24085",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24085"
},
{
"name": "CVE-2026-20453",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-20453"
},
{
"name": "CVE-2025-22424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22424"
}
],
"initial_release_date": "2026-06-02T00:00:00",
"last_revision_date": "2026-06-02T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0679",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-06-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Android. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n\nGoogle indique que la vuln\u00e9rabilit\u00e9 CVE-2025-48595 est activement exploit\u00e9e.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android",
"vendor_advisories": [
{
"published_at": "2026-06-01",
"title": "Bulletin de s\u00e9curit\u00e9 Google Android",
"url": "https://source.android.com/docs/security/bulletin/2026/2026-06-01?hl=fr"
}
]
}
CVE-2026-21367 (GCVE-0-2026-21367)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-06 16:22
VLAI
EPSS
Title
Buffer Over-read in WLAN Firmware
Summary
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8035
Affected: Cologne Affected: CSR8811 Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: FWA Gen 3 Ultra Platform Affected: G2 Gen 1 Affected: Immersive Home 214 Platform Affected: Immersive Home 216 Platform Affected: Immersive Home 316 Platform Affected: Immersive Home 318 Platform Affected: IPQ5010 Affected: IPQ5028 Affected: IPQ6000 Affected: IPQ6010 Affected: IPQ6018 Affected: IPQ8076 Affected: IPQ8078 Affected: IPQ9574 Affected: Milos Affected: Netrani Affected: Networking Pro 1200 Platform Affected: Networking Pro 1210 Platform Affected: Networking Pro 1610 Platform Affected: Networking Pro 400 Platform Affected: Networking Pro 600 Platform Affected: Networking Pro 610 Platform Affected: Networking Pro 800 Platform Affected: Networking Pro 810 Platform Affected: Orne Affected: Palawan25 Affected: Pandeiro Affected: QCA4024 Affected: QCA6391 Affected: QCA6698AU Affected: QCA6777AQ Affected: QCA6787AQ Affected: QCA6797AQ Affected: QCA8075 Affected: QCA8081 Affected: QCA8082 Affected: QCA8084 Affected: QCA8085 Affected: QCA8337 Affected: QCA8386 Affected: QCA9888 Affected: QCA9889 Affected: QCC2073 Affected: QCC2076 Affected: QCC710 Affected: QCM4490 Affected: QCN5022 Affected: QCN5024 Affected: QCN5052 Affected: QCN5122 Affected: QCN5124 Affected: QCN5152 Affected: QCN5154 Affected: QCN5164 Affected: QCN6023 Affected: QCN6024 Affected: QCN6122 Affected: QCN6132 Affected: QCN6224 Affected: QCN6274 Affected: QCN9000 Affected: QCN9011 Affected: QCN9012 Affected: QCN9022 Affected: QCN9024 Affected: QCN9070 Affected: QCN9100 Affected: QCN9274 Affected: QCS4490 Affected: QCS8550 Affected: QFW7114 Affected: QFW7124 Affected: QLN1083BD Affected: QLN1086BD Affected: QMP1000 Affected: QPA1083BD Affected: QPA1086BD Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: SAR2130P Affected: SC8380XP Affected: SD 8 Gen1 5G Affected: SM6650P Affected: SM7435 Affected: SM7635P Affected: SM7675 Affected: SM7675P Affected: SM8475P Affected: SM8635 Affected: SM8635P Affected: SM8650Q Affected: SM8750P Affected: Snapdragon 6 Gen 1 Mobile Platform Affected: Snapdragon 6 Gen 3 Mobile Platform Affected: Snapdragon 6 Gen 4 Mobile Platform Affected: Snapdragon 7 Gen 1 Mobile Platform Affected: Snapdragon 7+ Gen 2 Mobile Platform Affected: Snapdragon 7s Gen 3 Mobile Platform Affected: Snapdragon 8 Elite Affected: Snapdragon 8 Elite Gen 5 Affected: Snapdragon 8 Gen 1 Mobile Platform Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon 8+ Gen 1 Mobile Platform Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: WCD9340 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3950 Affected: WCN3988 Affected: WCN6450 Affected: WCN6650 Affected: WCN6755 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 Affected: XRV7209 Affected: XRV9209 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21367",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T16:11:56.406673Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:22:15.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon CCW",
"Snapdragon Compute",
"Snapdragon Consumer Electronics Connectivity",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon MC",
"Snapdragon Mobile",
"Snapdragon WBC",
"Snapdragon Wired Infrastructure and Networking"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "CSR8811"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "FWA Gen 3 Ultra Platform"
},
{
"status": "affected",
"version": "G2 Gen 1"
},
{
"status": "affected",
"version": "Immersive Home 214 Platform"
},
{
"status": "affected",
"version": "Immersive Home 216 Platform"
},
{
"status": "affected",
"version": "Immersive Home 316 Platform"
},
{
"status": "affected",
"version": "Immersive Home 318 Platform"
},
{
"status": "affected",
"version": "IPQ5010"
},
{
"status": "affected",
"version": "IPQ5028"
},
{
"status": "affected",
"version": "IPQ6000"
},
{
"status": "affected",
"version": "IPQ6010"
},
{
"status": "affected",
"version": "IPQ6018"
},
{
"status": "affected",
"version": "IPQ8076"
},
{
"status": "affected",
"version": "IPQ8078"
},
{
"status": "affected",
"version": "IPQ9574"
},
{
"status": "affected",
"version": "Milos"
},
{
"status": "affected",
"version": "Netrani"
},
{
"status": "affected",
"version": "Networking Pro 1200 Platform"
},
{
"status": "affected",
"version": "Networking Pro 1210 Platform"
},
{
"status": "affected",
"version": "Networking Pro 1610 Platform"
},
{
"status": "affected",
"version": "Networking Pro 400 Platform"
},
{
"status": "affected",
"version": "Networking Pro 600 Platform"
},
{
"status": "affected",
"version": "Networking Pro 610 Platform"
},
{
"status": "affected",
"version": "Networking Pro 800 Platform"
},
{
"status": "affected",
"version": "Networking Pro 810 Platform"
},
{
"status": "affected",
"version": "Orne"
},
{
"status": "affected",
"version": "Palawan25"
},
{
"status": "affected",
"version": "Pandeiro"
},
{
"status": "affected",
"version": "QCA4024"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6698AU"
},
{
"status": "affected",
"version": "QCA6777AQ"
},
{
"status": "affected",
"version": "QCA6787AQ"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8075"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8082"
},
{
"status": "affected",
"version": "QCA8084"
},
{
"status": "affected",
"version": "QCA8085"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCA8386"
},
{
"status": "affected",
"version": "QCA9888"
},
{
"status": "affected",
"version": "QCA9889"
},
{
"status": "affected",
"version": "QCC2073"
},
{
"status": "affected",
"version": "QCC2076"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCM4490"
},
{
"status": "affected",
"version": "QCN5022"
},
{
"status": "affected",
"version": "QCN5024"
},
{
"status": "affected",
"version": "QCN5052"
},
{
"status": "affected",
"version": "QCN5122"
},
{
"status": "affected",
"version": "QCN5124"
},
{
"status": "affected",
"version": "QCN5152"
},
{
"status": "affected",
"version": "QCN5154"
},
{
"status": "affected",
"version": "QCN5164"
},
{
"status": "affected",
"version": "QCN6023"
},
{
"status": "affected",
"version": "QCN6024"
},
{
"status": "affected",
"version": "QCN6122"
},
{
"status": "affected",
"version": "QCN6132"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN9000"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCN9022"
},
{
"status": "affected",
"version": "QCN9024"
},
{
"status": "affected",
"version": "QCN9070"
},
{
"status": "affected",
"version": "QCN9100"
},
{
"status": "affected",
"version": "QCN9274"
},
{
"status": "affected",
"version": "QCS4490"
},
{
"status": "affected",
"version": "QCS8550"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QLN1083BD"
},
{
"status": "affected",
"version": "QLN1086BD"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QPA1083BD"
},
{
"status": "affected",
"version": "QPA1086BD"
},
{
"status": "affected",
"version": "QXM1093"
},
{
"status": "affected",
"version": "QXM1094"
},
{
"status": "affected",
"version": "QXM1095"
},
{
"status": "affected",
"version": "QXM1096"
},
{
"status": "affected",
"version": "SAR2130P"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SD 8 Gen1 5G"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7435"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM7675"
},
{
"status": "affected",
"version": "SM7675P"
},
{
"status": "affected",
"version": "SM8475P"
},
{
"status": "affected",
"version": "SM8635"
},
{
"status": "affected",
"version": "SM8635P"
},
{
"status": "affected",
"version": "SM8650Q"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 4 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7+ Gen 2 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7s Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite Gen 5"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8+ Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN6450"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
},
{
"status": "affected",
"version": "XRV7209"
},
{
"status": "affected",
"version": "XRV9209"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:46.114Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in WLAN Firmware"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21367",
"datePublished": "2026-04-06T15:33:46.114Z",
"dateReserved": "2025-12-17T04:35:45.741Z",
"dateUpdated": "2026-04-06T16:22:15.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21372 (GCVE-0-2026-21372)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Heap-Based Buffer Overflow in Power Management IC
Summary
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-122 - Heap-Based Buffer Overflow
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
Cologne
Affected: FastConnect 6700 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c+ Gen 3 Compute Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21372",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:49.327Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-Based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:48.447Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Heap-Based Buffer Overflow in Power Management IC"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21372",
"datePublished": "2026-04-06T15:33:48.447Z",
"dateReserved": "2025-12-17T04:35:45.742Z",
"dateUpdated": "2026-04-07T03:55:49.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21373 (GCVE-0-2026-21373)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Over-read in Camera
Summary
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AQT1000
Affected: Cologne Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: QCA6391 Affected: QCA6420 Affected: QCA6430 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8380XP Affected: SM6250 Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c Compute Platform Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro" Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8c Compute Platform "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform Affected: Snapdragon 8cx Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21373",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:50.599Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when accessing an output buffer without validating its size during IOCTL processing."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:49.475Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in Camera"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21373",
"datePublished": "2026-04-06T15:33:49.475Z",
"dateReserved": "2025-12-17T04:35:45.742Z",
"dateUpdated": "2026-04-07T03:55:50.599Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21374 (GCVE-0-2026-21374)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Over-read in Camera
Summary
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AQT1000
Affected: Cologne Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: QCA6391 Affected: QCA6420 Affected: QCA6430 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8380XP Affected: SM6250 Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c Compute Platform Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro" Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8c Compute Platform "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform Affected: Snapdragon 8cx Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21374",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:51.831Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:50.515Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in Camera"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21374",
"datePublished": "2026-04-06T15:33:50.515Z",
"dateReserved": "2025-12-17T04:35:45.742Z",
"dateUpdated": "2026-04-07T03:55:51.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21375 (GCVE-0-2026-21375)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Over-read in Camera
Summary
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
Cologne
Affected: FastConnect 6700 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8380XP Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:52.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when accessing an output buffer without validating its size during IOCTL processing."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:51.531Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in Camera"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21375",
"datePublished": "2026-04-06T15:33:51.531Z",
"dateReserved": "2025-12-17T04:35:45.742Z",
"dateUpdated": "2026-04-07T03:55:52.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21376 (GCVE-0-2026-21376)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Over-read in Camera
Summary
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AQT1000
Affected: Cologne Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: QCA6391 Affected: QCA6420 Affected: QCA6430 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8380XP Affected: SM6250 Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c Compute Platform Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro" Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8c Compute Platform "Poipu Lite" Affected: Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite" Affected: Snapdragon 8cx Compute Platform Affected: Snapdragon 8cx Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 2 5G Compute Platform Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:54.062Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:52.662Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in Camera"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21376",
"datePublished": "2026-04-06T15:33:52.662Z",
"dateReserved": "2025-12-17T04:35:45.742Z",
"dateUpdated": "2026-04-07T03:55:54.062Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21378 (GCVE-0-2026-21378)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Buffer Over-read in Camera
Summary
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AQT1000
Affected: Cologne Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6800 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: QCA6391 Affected: QCA6420 Affected: QCA6430 Affected: QCM5430 Affected: QCM6490 Affected: Qualcomm Video Collaboration VC3 Platform Affected: SC8380XP Affected: SM6250 Affected: Snapdragon 460 Mobile Platform Affected: Snapdragon 662 Mobile Platform Affected: Snapdragon 7c Compute Platform Affected: Snapdragon 7c Gen 2 Compute Platform "Rennell Pro" Affected: Snapdragon 7c+ Gen 3 Compute Affected: Snapdragon 8c Compute Platform "Poipu Lite" Affected: Snapdragon 8cx Compute Platform Affected: Snapdragon 8cx Gen 2 5G Compute Platform "Poipu Pro" Affected: Snapdragon 8cx Gen 3 Compute Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9340 Affected: WCD9341 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCN3950 Affected: WCN3988 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21378",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:55.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT",
"Snapdragon Mobile"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AQT1000"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6800"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6420"
},
{
"status": "affected",
"version": "QCA6430"
},
{
"status": "affected",
"version": "QCM5430"
},
{
"status": "affected",
"version": "QCM6490"
},
{
"status": "affected",
"version": "Qualcomm Video Collaboration VC3 Platform"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SM6250"
},
{
"status": "affected",
"version": "Snapdragon 460 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 662 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 7c Gen 2 Compute Platform \"Rennell Pro\""
},
{
"status": "affected",
"version": "Snapdragon 7c+ Gen 3 Compute"
},
{
"status": "affected",
"version": "Snapdragon 8c Compute Platform \"Poipu Lite\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 2 5G Compute Platform \"Poipu Pro\""
},
{
"status": "affected",
"version": "Snapdragon 8cx Gen 3 Compute Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9341"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCN3950"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:53.704Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in Camera"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21378",
"datePublished": "2026-04-06T15:33:53.704Z",
"dateReserved": "2025-12-17T04:35:45.743Z",
"dateUpdated": "2026-04-07T03:55:55.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21380 (GCVE-0-2026-21380)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-07 03:55
VLAI
EPSS
Title
Use After Free in DSP Service
Summary
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
Cologne
Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: QCA0000 Affected: SC8380XP Affected: Snapdragon AR1 Gen 1 Platform Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21380",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-07T03:55:56.434Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Compute",
"Snapdragon Industrial IOT"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "QCA0000"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:54.786Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Use After Free in DSP Service"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21380",
"datePublished": "2026-04-06T15:33:54.786Z",
"dateReserved": "2025-12-17T04:35:45.743Z",
"dateUpdated": "2026-04-07T03:55:56.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-21381 (GCVE-0-2026-21381)
Vulnerability from cvelistv5 – Published: 2026-04-06 15:33 – Updated: 2026-04-06 16:22
VLAI
EPSS
Title
Buffer Over-read in WLAN Firmware
Summary
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Severity
7.6 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-126 - Buffer Over-read
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Qualcomm, Inc. | Snapdragon |
Affected:
AR8035
Affected: Cologne Affected: FastConnect 6200 Affected: FastConnect 6700 Affected: FastConnect 6900 Affected: FastConnect 7800 Affected: FWA Gen 3 Ultra Platform Affected: G2 Gen 1 Affected: Milos Affected: Netrani Affected: Orne Affected: Palawan25 Affected: Pandeiro Affected: QCA6391 Affected: QCA6698AU Affected: QCA6777AQ Affected: QCA6787AQ Affected: QCA6797AQ Affected: QCA8081 Affected: QCA8337 Affected: QCC2073 Affected: QCC2076 Affected: QCC710 Affected: QCN6224 Affected: QCN6274 Affected: QCN9011 Affected: QCN9012 Affected: QCS8550 Affected: QFW7114 Affected: QFW7124 Affected: QLN1083BD Affected: QLN1086BD Affected: QMP1000 Affected: QPA1083BD Affected: QPA1086BD Affected: QXM1083 Affected: QXM1086 Affected: QXM1093 Affected: QXM1094 Affected: QXM1095 Affected: QXM1096 Affected: SAR1165P Affected: SAR2130P Affected: SC8380XP Affected: SM6650P Affected: SM7435 Affected: SM7635P Affected: SM7675 Affected: SM7675P Affected: SM8635 Affected: SM8635P Affected: SM8650Q Affected: SM8750P Affected: Snapdragon 6 Gen 1 Mobile Platform Affected: Snapdragon 6 Gen 3 Mobile Platform Affected: Snapdragon 6 Gen 4 Mobile Platform Affected: Snapdragon 7s Gen 3 Mobile Platform Affected: Snapdragon 8 Elite Affected: Snapdragon 8 Elite Gen 5 Affected: Snapdragon 8 Gen 3 Mobile Platform Affected: Snapdragon AR1 Gen 1 Platform Affected: Snapdragon AR1+ Gen 1 Platform Affected: Snapdragon X72 5G Modem-RF System Affected: Snapdragon X75 5G Modem-RF System Affected: SXR2230P Affected: SXR2250P Affected: SXR2330P Affected: SXR2350P Affected: WCD9340 Affected: WCD9370 Affected: WCD9375 Affected: WCD9378 Affected: WCD9378C Affected: WCD9380 Affected: WCD9385 Affected: WCD9390 Affected: WCD9395 Affected: WCN3988 Affected: WCN6450 Affected: WCN6650 Affected: WCN6755 Affected: WCN7860 Affected: WCN7861 Affected: WCN7880 Affected: WCN7881 Affected: WSA8810 Affected: WSA8815 Affected: WSA8830 Affected: WSA8832 Affected: WSA8835 Affected: WSA8840 Affected: WSA8845 Affected: WSA8845H Affected: X2000077 Affected: X2000086 Affected: X2000090 Affected: X2000092 Affected: X2000094 Affected: XG101002 Affected: XG101032 Affected: XG101039 Affected: XRV7209 Affected: XRV9209 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-21381",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-06T16:12:39.661755Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T16:22:14.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Snapdragon Auto",
"Snapdragon CCW",
"Snapdragon Compute",
"Snapdragon Consumer Electronics Connectivity",
"Snapdragon Consumer IOT",
"Snapdragon Industrial IOT",
"Snapdragon MC",
"Snapdragon Mobile",
"Snapdragon WBC"
],
"product": "Snapdragon",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "AR8035"
},
{
"status": "affected",
"version": "Cologne"
},
{
"status": "affected",
"version": "FastConnect 6200"
},
{
"status": "affected",
"version": "FastConnect 6700"
},
{
"status": "affected",
"version": "FastConnect 6900"
},
{
"status": "affected",
"version": "FastConnect 7800"
},
{
"status": "affected",
"version": "FWA Gen 3 Ultra Platform"
},
{
"status": "affected",
"version": "G2 Gen 1"
},
{
"status": "affected",
"version": "Milos"
},
{
"status": "affected",
"version": "Netrani"
},
{
"status": "affected",
"version": "Orne"
},
{
"status": "affected",
"version": "Palawan25"
},
{
"status": "affected",
"version": "Pandeiro"
},
{
"status": "affected",
"version": "QCA6391"
},
{
"status": "affected",
"version": "QCA6698AU"
},
{
"status": "affected",
"version": "QCA6777AQ"
},
{
"status": "affected",
"version": "QCA6787AQ"
},
{
"status": "affected",
"version": "QCA6797AQ"
},
{
"status": "affected",
"version": "QCA8081"
},
{
"status": "affected",
"version": "QCA8337"
},
{
"status": "affected",
"version": "QCC2073"
},
{
"status": "affected",
"version": "QCC2076"
},
{
"status": "affected",
"version": "QCC710"
},
{
"status": "affected",
"version": "QCN6224"
},
{
"status": "affected",
"version": "QCN6274"
},
{
"status": "affected",
"version": "QCN9011"
},
{
"status": "affected",
"version": "QCN9012"
},
{
"status": "affected",
"version": "QCS8550"
},
{
"status": "affected",
"version": "QFW7114"
},
{
"status": "affected",
"version": "QFW7124"
},
{
"status": "affected",
"version": "QLN1083BD"
},
{
"status": "affected",
"version": "QLN1086BD"
},
{
"status": "affected",
"version": "QMP1000"
},
{
"status": "affected",
"version": "QPA1083BD"
},
{
"status": "affected",
"version": "QPA1086BD"
},
{
"status": "affected",
"version": "QXM1083"
},
{
"status": "affected",
"version": "QXM1086"
},
{
"status": "affected",
"version": "QXM1093"
},
{
"status": "affected",
"version": "QXM1094"
},
{
"status": "affected",
"version": "QXM1095"
},
{
"status": "affected",
"version": "QXM1096"
},
{
"status": "affected",
"version": "SAR1165P"
},
{
"status": "affected",
"version": "SAR2130P"
},
{
"status": "affected",
"version": "SC8380XP"
},
{
"status": "affected",
"version": "SM6650P"
},
{
"status": "affected",
"version": "SM7435"
},
{
"status": "affected",
"version": "SM7635P"
},
{
"status": "affected",
"version": "SM7675"
},
{
"status": "affected",
"version": "SM7675P"
},
{
"status": "affected",
"version": "SM8635"
},
{
"status": "affected",
"version": "SM8635P"
},
{
"status": "affected",
"version": "SM8650Q"
},
{
"status": "affected",
"version": "SM8750P"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 1 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 6 Gen 4 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 7s Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite"
},
{
"status": "affected",
"version": "Snapdragon 8 Elite Gen 5"
},
{
"status": "affected",
"version": "Snapdragon 8 Gen 3 Mobile Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1 Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon AR1+ Gen 1 Platform"
},
{
"status": "affected",
"version": "Snapdragon X72 5G Modem-RF System"
},
{
"status": "affected",
"version": "Snapdragon X75 5G Modem-RF System"
},
{
"status": "affected",
"version": "SXR2230P"
},
{
"status": "affected",
"version": "SXR2250P"
},
{
"status": "affected",
"version": "SXR2330P"
},
{
"status": "affected",
"version": "SXR2350P"
},
{
"status": "affected",
"version": "WCD9340"
},
{
"status": "affected",
"version": "WCD9370"
},
{
"status": "affected",
"version": "WCD9375"
},
{
"status": "affected",
"version": "WCD9378"
},
{
"status": "affected",
"version": "WCD9378C"
},
{
"status": "affected",
"version": "WCD9380"
},
{
"status": "affected",
"version": "WCD9385"
},
{
"status": "affected",
"version": "WCD9390"
},
{
"status": "affected",
"version": "WCD9395"
},
{
"status": "affected",
"version": "WCN3988"
},
{
"status": "affected",
"version": "WCN6450"
},
{
"status": "affected",
"version": "WCN6650"
},
{
"status": "affected",
"version": "WCN6755"
},
{
"status": "affected",
"version": "WCN7860"
},
{
"status": "affected",
"version": "WCN7861"
},
{
"status": "affected",
"version": "WCN7880"
},
{
"status": "affected",
"version": "WCN7881"
},
{
"status": "affected",
"version": "WSA8810"
},
{
"status": "affected",
"version": "WSA8815"
},
{
"status": "affected",
"version": "WSA8830"
},
{
"status": "affected",
"version": "WSA8832"
},
{
"status": "affected",
"version": "WSA8835"
},
{
"status": "affected",
"version": "WSA8840"
},
{
"status": "affected",
"version": "WSA8845"
},
{
"status": "affected",
"version": "WSA8845H"
},
{
"status": "affected",
"version": "X2000077"
},
{
"status": "affected",
"version": "X2000086"
},
{
"status": "affected",
"version": "X2000090"
},
{
"status": "affected",
"version": "X2000092"
},
{
"status": "affected",
"version": "X2000094"
},
{
"status": "affected",
"version": "XG101002"
},
{
"status": "affected",
"version": "XG101032"
},
{
"status": "affected",
"version": "XG101039"
},
{
"status": "affected",
"version": "XRV7209"
},
{
"status": "affected",
"version": "XRV9209"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "CWE-126 Buffer Over-read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-06T15:33:55.889Z",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"url": "https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"
}
],
"title": "Buffer Over-read in WLAN Firmware"
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2026-21381",
"datePublished": "2026-04-06T15:33:55.889Z",
"dateReserved": "2025-12-17T04:35:45.743Z",
"dateUpdated": "2026-04-06T16:22:14.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…