Qualcomm: community verdicts
12 notable / known-exploited Qualcomm CVEs the community has triaged.
- CVE-2026-24082HIGH 7.8Real · low riskEPSS 0%
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
- CVE-2026-25268HIGH 8.8Real · low riskEPSS 0%
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
- CVE-2026-21379HIGH 7.8Real · low riskEPSS 0%
Memory Corruption when allocating memory with sizes that exceed the maximum allowed value.
- CVE-2026-21383HIGH 7.1Real · low riskEPSS 0%
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
- CVE-2025-59617MED 6.6EPSS 0%
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input.
- CVE-2025-59616MED 6.6EPSS 0%
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.
- CVE-2025-59615MED 6.6EPSS 0%
Memory Corruption when invoking device input/output control operations for mapping and unmapping persistent memory buffers due to improper synchronization.
- CVE-2026-21370MED 5.3EPSS 0%
Memory Corruption when validating input batch size and buffer plane count exceeds maximum allowed values.
- CVE-2026-21369MED 5.3EPSS 0%
Memory Corruption when handling flash commands due to outdated LED count values being used after userspace modification.
- CVE-2026-21368MED 5.3EPSS 0%
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.
- CVE-2026-21384MED 5.3EPSS 0%
Memory Corruption when updating prepared commands with invalid port indices based on user space input exceeds supported read client limits.
- CVE-2026-25271HIGH 7.8Real · low riskEPSS 0%
Memory Corruption when processing asynchronous input parameters due to improper handling of modified values between check and use.