Snapdragon
Monthly
Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer overflow that crosses a security boundary (scope changed) and compromises confidentiality, integrity, and availability of the device. The flaw is reported directly by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 8.8 with no public exploit identified at time of analysis. Strongbox is the hardware-backed keystore used to protect cryptographic material, so successful exploitation undermines a core trust component of Snapdragon-based mobile platforms.
Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox trusted execution component, where a missing bounds check enables memory corruption from a low-privileged context. A successful exploit crosses a trust boundary (CVSS scope=Changed) and yields high impact to confidentiality, integrity, and availability on the affected device. No public exploit identified at time of analysis, and EPSS data was not provided alongside this advisory.
Local privilege escalation in Qualcomm Snapdragon platforms stems from a Time-of-Check to Time-of-Use (TOCTOU) race condition in shared buffer handling, where kernel-mode code reads user-mode input without re-validation after initial checks. A low-privileged local attacker can corrupt memory to gain full confidentiality, integrity, and availability impact on the affected device. No public exploit identified at time of analysis, and the issue is documented in the Qualcomm June 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multiple IOCTL commands for escape operations. The flaw, reported by Qualcomm in its June 2026 security bulletin, affects Snapdragon graphics/driver components and can be triggered by a low-privileged local user to achieve high impact on confidentiality, integrity, and availability. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during IOCTL escape operation processing, resulting in memory corruption. A local authenticated attacker with low privileges on an affected Snapdragon-based device can leverage the flaw to achieve high-impact compromise of confidentiality, integrity, and availability. There is no public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot bootloader when processing commands that set the display mode allows a high-privileged local attacker with physical device access to corrupt memory and potentially execute code outside the bootloader's security context. The flaw, reported by Qualcomm and disclosed in their June 2026 security bulletin, affects Snapdragon platforms across the product line per the supplied CPE. No public exploit has been identified at the time of analysis, and the CVSS 7.2 score reflects the high privilege and physical access barriers that limit broad exploitation.
Memory corruption in Qualcomm Snapdragon fastboot bootloader processing allows a physically present attacker with high privileges to corrupt memory by submitting improperly formatted fastboot commands. The flaw carries a CVSS 7.2 score reflecting physical attack vector with scope change, and no public exploit identified at time of analysis. Disclosed in Qualcomm's June 2026 security bulletin, it affects Snapdragon platforms exposed during device provisioning, recovery, or firmware-flash workflows.
Boot flow tampering in Qualcomm Snapdragon platforms allows a local authenticated attacker to bypass cryptographic verification of partition table entries and modify the device's boot process, achieving high impact to confidentiality and integrity. Qualcomm disclosed the issue in its June 2026 security bulletin, classifying it as an authentication bypass affecting Snapdragon products. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the boot-chain location of the flaw makes it strategically valuable for persistent compromise.
Memory corruption in Qualcomm Snapdragon fastboot bootloader handling allows a privileged local attacker with physical access to corrupt memory by issuing malformed fastboot commands, with scope change (CVSS S:C) indicating impact extends beyond the bootloader's security boundary. The flaw was disclosed by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 7.2 (High). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a specific partition and load a customized (unsigned or tampered) bootloader, breaking the device's chain of trust. The flaw, reported by Qualcomm itself in its June 2026 security bulletin, carries a CVSS of 8.2 with scope change due to its impact on trusted firmware boundaries, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot OEM command handling allows a local attacker with high privileges and physical access to compromise device confidentiality, integrity, and availability. The CVSS 7.2 score reflects the physical attack vector (AV:P) offset by high impact and scope change, and no public exploit identified at time of analysis. Disclosure originates from Qualcomm's June 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon platforms stems from a stack-based memory corruption triggered while processing display command line information with an uninitialized variable. With CVSS 7.2 and a physical attack vector requiring high privileges, the flaw allows a privileged local attacker to corrupt memory and impact confidentiality, integrity, and availability across a changed security scope. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon platforms allows a locally privileged attacker to trigger an out-of-bounds write by issuing a random number generator (RNG) command paired with an undersized output buffer, yielding complete confidentiality, integrity, and availability impact. The vulnerability requires local access and high privileges (CVSS:3.1/AV:L/AC:L/PR:H), placing the base score at 6.7 (Medium) despite the high C/I/A ratings. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
Stack-based buffer overflow in Qualcomm Snapdragon corrupts memory during a data copy operation when the output buffer is sized smaller than the input buffer, enabling a high-privileged local attacker to achieve full compromise of confidentiality, integrity, and availability on affected devices. Rooted in CWE-121, this vulnerability can allow control-flow hijacking via stack memory overwrite on Snapdragon-based platforms. No public exploit identified at time of analysis and no CISA KEV listing, but the high-impact triad (C:H/I:H/A:H) warrants prompt patching in environments where privileged access is shared or contested.
Memory corruption via out-of-bounds write in Qualcomm Snapdragon diagnostic services allows a local, highly-privileged attacker to achieve high-impact compromise of confidentiality, integrity, and availability. The root cause is absent input validation in the diagnostic services component, enabling a crafted payload to corrupt memory. No public exploit identified at time of analysis, and this vulnerability is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon affects the IOCTL request processing path, exploitable by a local attacker with high privileges who can win a race condition between API version validation and user-space buffer consumption. Successful exploitation yields high-impact confidentiality, integrity, and availability compromise despite the moderate overall CVSS score of 6.4, which is suppressed by the high attack complexity and privilege requirements. No public exploit code and no CISA KEV listing have been identified at time of analysis, limiting immediate widespread risk.
Qualcomm Snapdragon chipsets improperly parse 802.11 advertisement frames containing malformed MBSSID (Multiple BSSID) elements of insufficient length, triggering a buffer over-read that discloses memory contents to an attacker. The CVSS vector (AV:N/AC:H/PR:L/UI:R/S:C) indicates network-reachable exploitation with changed scope, meaning the impact crosses beyond the Wi-Fi subsystem into adjacent components. No public exploit identified at time of analysis, and no CISA KEV listing exists; Qualcomm addressed this in their June 2026 Security Bulletin.
Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged local access to corrupt memory during secure data initialization, leading to high impact on confidentiality, integrity, and availability. The flaw is traceable to a NULL pointer dereference (CWE-476) reachable when heap memory is exhausted, and is addressed in the Qualcomm June 2026 security bulletin. No public exploit identified at time of analysis, and EPSS data was not provided.
Local privilege escalation via memory corruption in Qualcomm Snapdragon platform components allows an authenticated low-privileged local attacker to corrupt memory by supplying device identifier strings exceeding the expected maximum length. The CVSS 7.8 (AV:L/AC:L/PR:L) profile combined with CWE-787 out-of-bounds write indicates a classic stack/heap overflow path that can be leveraged for code execution with full confidentiality, integrity, and availability impact on affected devices. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local memory corruption in Qualcomm Snapdragon platforms (CVE-2025-59604) allows a low-privileged local attacker to trigger invalid memory writes via a null pointer condition during a memory copy operation, resulting in high confidentiality, integrity, and availability impact (CVSS 7.8). The flaw is disclosed in the Qualcomm June 2026 security bulletin with no public exploit identified at time of analysis and no CISA KEV listing. While CWE-476 (null pointer dereference) typically yields denial of service, the vendor's CIA:H scoring indicates the invalid writes may be steerable into broader corruption beyond a simple crash.
Sensitive device configuration is exposed to adjacent network attackers during factory reset operations conducted through the powerline interface on Qualcomm Snapdragon chipsets. An unauthenticated attacker present on the same powerline network segment can intercept unprotected configuration data at the moment of reset, gaining unauthorized access to potentially sensitive device parameters such as credentials or network settings. No public exploit has been identified at time of analysis, and Qualcomm addressed this vulnerability in its June 2026 Security Bulletin.
Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unauthenticated attackers to achieve complete system compromise with high impact to confidentiality, integrity, and availability. The vulnerability stems from incorrect authorization logic (CWE-863) that fails to prevent buffer overflow conditions. CVSS score of 9.6 reflects adjacent network attack vector with low complexity and no required privileges or user interaction, with scope change indicating container/hypervisor escape or lateral movement potential. No CISA KEV listing or public exploit identified at time of analysis, though EPSS data not available to assess exploitation probability.
Memory corruption in Qualcomm Snapdragon SDK occurs when processing IOCTL commands while the device is in power-save state, allowing local authenticated attackers to trigger a denial of service. The vulnerability affects all versions of Snapdragon and requires local access with user-level privileges; no authentication bypass or privilege escalation is possible, but successful exploitation causes system crash or hang. EPSS and KEV status not provided; no public exploit code has been identified at time of analysis.
Use-after-free vulnerability in Qualcomm Snapdragon chipsets enables local privilege escalation to achieve full device compromise. Low-privilege authenticated users can trigger memory corruption during performance counter deselect operations, gaining high-integrity code execution with kernel-level access. Qualcomm has released patches in their May 2026 security bulletin. EPSS data not yet available for this future-dated CVE; no confirmed active exploitation or public exploit code identified at time of analysis.
Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary code execution and full system compromise. The vulnerability triggers when malicious drivers invoke specific IOCTLs with intentionally malformed input/output buffers, bypassing buffer validation checks. EPSS and KEV status not available at time of analysis; advisory references May 2026 bulletin suggesting pre-disclosure analysis.
Local privilege escalation in Qualcomm Snapdragon chipsets allows authenticated users to corrupt kernel memory during digital signal processor (DSP) process creation, leading to arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability exploits allocation failure handling at kernel level. Qualcomm has published a security bulletin with remediation details for the May 2026 bulletin cycle. No active exploitation or public exploit code identified at time of analysis, though EPSS data not available to assess probabilistic risk.
Information disclosure in Qualcomm Snapdragon firmware allows local authenticated attackers to read sensitive kernel memory via malformed IOCTL handler callbacks that bypass buffer size validation. The vulnerability affects multiple Snapdragon chipset versions and requires local access with limited privileges; exploitation results in confidentiality breach without direct system compromise. No active exploitation has been confirmed at the time of analysis.
Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.
Memory corruption in Qualcomm Snapdragon occurs when dynamically resizing a previously allocated buffer while its contents are being concurrently modified, enabling local authenticated attackers with user-level privileges to achieve high confidentiality and integrity impact with CVSS 6.5. No active exploitation has been confirmed at the time of analysis, and patch availability details require verification against the May 2026 Qualcomm security bulletin.
Denial of service in Qualcomm Snapdragon wireless chipsets allows unauthenticated attackers in wireless range to crash the device by sending a malformed Fast Transition response frame during roaming operations. The vulnerability triggers a buffer overflow in the 802.11 frame parser when processing an invalid header structure, resulting in temporary denial of service. No authentication is required and exploitation requires only network adjacency.
Transient denial of service in Qualcomm Snapdragon occurs during target power rate table processing when configuring wireless channels, caused by a buffer over-read vulnerability. The vulnerability affects all Snapdragon versions and requires adjacent network access with no authentication or user interaction, resulting in service interruption but no data compromise or unauthorized access.
Memory corruption in Qualcomm Snapdragon components allows local authenticated users to achieve arbitrary code execution with high impact to confidentiality, integrity, and availability through malformed power management requests. The vulnerability stems from improper validation of input/output buffer sizes in power management handlers. EPSS data not available; no confirmed active exploitation (not listed in CISA KEV) or public exploit code identified at time of analysis. Qualcomm addressed this in their April 2026 security bulletin.
Buffer over-read (CWE-126) in Qualcomm Snapdragon devices causes denial-of-service when processing malformed Neighborhood Awareness Networking (NAN) service data frames with excessive length values. Attack requires network proximity, high attacker privileges, user interaction, and high complexity (CVSS 7.6), yielding CVSS scope change with potential high confidentiality/integrity impact beyond availability disruption. Qualcomm April 2026 bulletin addresses this transient DOS condition. No public exploit identified at time of analysis, though the specific protocol implementation flaw in NAN device discovery presents measurable risk in adjacent network scenarios where attackers have elevated Wi-Fi protocol access.
Local privilege escalation via use-after-free in Qualcomm Snapdragon video memory management allows authenticated attackers with low privileges to achieve complete system compromise. The vulnerability exists in deprecated DMABUF IOCTL interfaces used for direct memory access buffer operations. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026 CVE. Qualcomm addressed this in their April 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon camera sensor drivers allows authenticated users to execute arbitrary code with elevated privileges through memory corruption. The vulnerability stems from unbounded buffer access during IOCTL processing, enabling attackers to corrupt memory and achieve complete system compromise (confidentiality, integrity, and availability impact). EPSS data not available; no public exploit identified at time of analysis. Affects Qualcomm Snapdragon-powered devices across mobile and IoT ecosystems.
Local privilege escalation in Qualcomm Snapdragon camera sensor drivers allows authenticated attackers with low privileges to execute arbitrary code with elevated permissions through unchecked output buffer access during IOCTL operations. This out-of-bounds read vulnerability (CWE-126) achieves complete system compromise (confidentiality, integrity, and availability impact all rated High in CVSS). No public exploit identified at time of analysis, though the local attack vector and low complexity suggest proof-of-concept development is feasible for researchers with device access.
Memory corruption in Qualcomm Snapdragon chipsets allows authenticated local attackers with low privileges to execute arbitrary code, elevate privileges, or cause system crashes through improper IOCTL buffer validation. The vulnerability achieves complete compromise of confidentiality, integrity, and availability (CVSS 7.8 HIGH). No public exploit code identified at time of analysis, though exploitation requires only low attack complexity once local access is obtained. Qualcomm addressed this in their April 2026 security bulletin.
Memory corruption in Qualcomm Snapdragon auxiliary sensor I/O control processing allows authenticated local attackers to achieve arbitrary code execution with high integrity and confidentiality impact. The vulnerability stems from insufficient buffer size validation (CWE-126: Buffer Over-read) when handling sensor control commands. With CVSS 7.8 and local attack vector requiring low privileges, this represents a moderate real-world risk for privilege escalation attacks on Android and IoT devices using affected Snapdragon chipsets. No public exploit code or CISA KEV listing identified at time of analysis, though the April 2026 bulletin date suggests recent disclosure.
Local privilege escalation in Qualcomm Snapdragon products allows authenticated attackers to gain kernel-level code execution through memory corruption during IOCTL processing. The vulnerability stems from unchecked buffer size validation when writing to output buffers, enabling high-impact compromise of confidentiality, integrity, and availability on affected mobile and embedded devices. With a CVSS score of 7.8 and low attack complexity (AC:L), this represents a significant privilege escalation vector for malicious applications or local users, though no public exploit or active exploitation has been identified at time of analysis.
Local privilege escalation in Qualcomm Snapdragon components allows authenticated local attackers to corrupt kernel memory through malformed IOCTL requests. Exploitation requires low-privilege local access but no user interaction (CVSS 7.8, AV:L/PR:L). The vulnerability enables attackers to achieve high impact across confidentiality, integrity, and availability through unsafe memcpy operations that fail to validate buffer sizes. No public exploit identified at time of analysis, though the straightforward attack complexity (AC:L) suggests exploitation development is feasible for adversaries with local access.
Memory corruption in Qualcomm Snapdragon components allows local authenticated attackers to execute arbitrary code with high privileges. A buffer overflow vulnerability (CWE-126) occurs during output buffer retrieval due to insufficient size validation, enabling complete system compromise with high confidentiality, integrity, and availability impact. EPSS risk data not available; no confirmed active exploitation (not in CISA KEV) and no public exploit code identified at time of analysis. The local attack vector (AV:L) and low complexity (AC:L) make this exploitable by malicious apps or local users on affected Snapdragon-powered devices.
Out-of-bounds read in Qualcomm Snapdragon WiFi firmware triggers denial-of-service when processing malformed FILS Discovery frames during network scans. Remote attackers on the same wireless network can crash affected devices by broadcasting specially crafted 802.11ai Fast Initial Link Setup frames with invalid action field sizes. CVSS 7.6 (High) reflects the high attack complexity and required high privileges, though the confidentiality/integrity impacts appear overstated for a transient DOS condition. EPSS data not available; no public exploit identified at time of analysis.
Buffer overread in Qualcomm Snapdragon cryptographic implementation allows authenticated local attackers to expose sensitive memory contents and potentially manipulate cryptographic operations. The vulnerability (CWE-126) stems from copying data to a destination buffer without size validation, creating high confidentiality and integrity risk. EPSS scoring and KEV status not available at time of analysis; no public exploit identified. Affects Qualcomm Snapdragon chipsets with fix documented in April 2026 security bulletin.
Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution without authentication when processing malformed satellite data files containing invalid signature offsets. The vulnerability stems from an integer overflow (CWE-190) that leads to buffer overflow conditions during satellite data decoding. With a CVSS score of 8.8 and adjacent network attack vector, this represents a significant risk for devices with satellite communication capabilities in proximity-based attack scenarios. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.
Local privilege escalation in Qualcomm Snapdragon allows authenticated users to execute arbitrary code through memory corruption when processing frame requests. This CWE-121 stack-based buffer overflow enables complete system compromise (high confidentiality, integrity, and availability impact). No public exploit identified at time of analysis, with CVSS 7.8 indicating high severity requiring low attack complexity and low privileges. Qualcomm's April 2026 security bulletin addresses this vulnerability.
Local privilege escalation via memory corruption in Qualcomm Snapdragon JPEG driver allows authenticated local users to achieve full system compromise (high confidentiality, integrity, and availability impact). The buffer overflow vulnerability (CWE-126) occurs during IOCTL request preprocessing, a common attack surface in kernel-mode device drivers. CVSS 7.8 indicates high severity with low attack complexity. No public exploit identified at time of analysis, and EPSS data not available in provided intelligence. Qualcomm's April 2026 security bulletin addresses this issue, indicating coordinated disclosure timeframe.
Local privilege escalation in Qualcomm Snapdragon components enables authenticated users to achieve arbitrary code execution with elevated privileges through memory corruption triggered by integer overflow during attestation report generation. The vulnerability requires low attack complexity and low-level authentication (CVSS:3.1/AV:L/AC:L/PR:L), allowing complete compromise of confidentiality, integrity, and availability on affected devices. With CVSS 7.8 (High severity) and local attack vector, this represents a significant risk on multi-user Android devices where malicious apps could exploit the flaw to break out of sandboxing. No public exploit identified at time of analysis, though the buffer overflow class (CWE-120) is well-understood by exploit developers.
Memory corruption via use-after-free in Qualcomm Snapdragon SDK occurs when concurrent fence deregistration and signal handling operations access freed memory, allowing authenticated local attackers with low privileges to achieve information disclosure and integrity/availability compromise. CVSS 6.5 reflects local attack vector with high complexity; no public exploit code or active exploitation confirmed at time of analysis.
Memory corruption in Qualcomm Snapdragon Strongbox component allows local low-privileged attackers to trigger a buffer overflow that crosses a security boundary (scope changed) and compromises confidentiality, integrity, and availability of the device. The flaw is reported directly by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 8.8 with no public exploit identified at time of analysis. Strongbox is the hardware-backed keystore used to protect cryptographic material, so successful exploitation undermines a core trust component of Snapdragon-based mobile platforms.
Local privilege escalation in Qualcomm Snapdragon chipsets stems from an out-of-bounds memory access in the Strongbox trusted execution component, where a missing bounds check enables memory corruption from a low-privileged context. A successful exploit crosses a trust boundary (CVSS scope=Changed) and yields high impact to confidentiality, integrity, and availability on the affected device. No public exploit identified at time of analysis, and EPSS data was not provided alongside this advisory.
Local privilege escalation in Qualcomm Snapdragon platforms stems from a Time-of-Check to Time-of-Use (TOCTOU) race condition in shared buffer handling, where kernel-mode code reads user-mode input without re-validation after initial checks. A low-privileged local attacker can corrupt memory to gain full confidentiality, integrity, and availability impact on the affected device. No public exploit identified at time of analysis, and the issue is documented in the Qualcomm June 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon platforms is possible through memory corruption when processing multiple IOCTL commands for escape operations. The flaw, reported by Qualcomm in its June 2026 security bulletin, affects Snapdragon graphics/driver components and can be triggered by a low-privileged local user to achieve high impact on confidentiality, integrity, and availability. There is no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Local privilege escalation in Qualcomm Snapdragon platforms stems from an out-of-bounds read (CWE-125) triggered during IOCTL escape operation processing, resulting in memory corruption. A local authenticated attacker with low privileges on an affected Snapdragon-based device can leverage the flaw to achieve high-impact compromise of confidentiality, integrity, and availability. There is no public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot bootloader when processing commands that set the display mode allows a high-privileged local attacker with physical device access to corrupt memory and potentially execute code outside the bootloader's security context. The flaw, reported by Qualcomm and disclosed in their June 2026 security bulletin, affects Snapdragon platforms across the product line per the supplied CPE. No public exploit has been identified at the time of analysis, and the CVSS 7.2 score reflects the high privilege and physical access barriers that limit broad exploitation.
Memory corruption in Qualcomm Snapdragon fastboot bootloader processing allows a physically present attacker with high privileges to corrupt memory by submitting improperly formatted fastboot commands. The flaw carries a CVSS 7.2 score reflecting physical attack vector with scope change, and no public exploit identified at time of analysis. Disclosed in Qualcomm's June 2026 security bulletin, it affects Snapdragon platforms exposed during device provisioning, recovery, or firmware-flash workflows.
Boot flow tampering in Qualcomm Snapdragon platforms allows a local authenticated attacker to bypass cryptographic verification of partition table entries and modify the device's boot process, achieving high impact to confidentiality and integrity. Qualcomm disclosed the issue in its June 2026 security bulletin, classifying it as an authentication bypass affecting Snapdragon products. No public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the boot-chain location of the flaw makes it strategically valuable for persistent compromise.
Memory corruption in Qualcomm Snapdragon fastboot bootloader handling allows a privileged local attacker with physical access to corrupt memory by issuing malformed fastboot commands, with scope change (CVSS S:C) indicating impact extends beyond the bootloader's security boundary. The flaw was disclosed by Qualcomm in the June 2026 security bulletin and carries a CVSS 3.1 base score of 7.2 (High). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Bootloader integrity bypass in Qualcomm Snapdragon platforms allows a high-privileged local attacker to write to a specific partition and load a customized (unsigned or tampered) bootloader, breaking the device's chain of trust. The flaw, reported by Qualcomm itself in its June 2026 security bulletin, carries a CVSS of 8.2 with scope change due to its impact on trusted firmware boundaries, and at the time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon fastboot OEM command handling allows a local attacker with high privileges and physical access to compromise device confidentiality, integrity, and availability. The CVSS 7.2 score reflects the physical attack vector (AV:P) offset by high impact and scope change, and no public exploit identified at time of analysis. Disclosure originates from Qualcomm's June 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon platforms stems from a stack-based memory corruption triggered while processing display command line information with an uninitialized variable. With CVSS 7.2 and a physical attack vector requiring high privileges, the flaw allows a privileged local attacker to corrupt memory and impact confidentiality, integrity, and availability across a changed security scope. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon platforms allows a locally privileged attacker to trigger an out-of-bounds write by issuing a random number generator (RNG) command paired with an undersized output buffer, yielding complete confidentiality, integrity, and availability impact. The vulnerability requires local access and high privileges (CVSS:3.1/AV:L/AC:L/PR:H), placing the base score at 6.7 (Medium) despite the high C/I/A ratings. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.
Stack-based buffer overflow in Qualcomm Snapdragon corrupts memory during a data copy operation when the output buffer is sized smaller than the input buffer, enabling a high-privileged local attacker to achieve full compromise of confidentiality, integrity, and availability on affected devices. Rooted in CWE-121, this vulnerability can allow control-flow hijacking via stack memory overwrite on Snapdragon-based platforms. No public exploit identified at time of analysis and no CISA KEV listing, but the high-impact triad (C:H/I:H/A:H) warrants prompt patching in environments where privileged access is shared or contested.
Memory corruption via out-of-bounds write in Qualcomm Snapdragon diagnostic services allows a local, highly-privileged attacker to achieve high-impact compromise of confidentiality, integrity, and availability. The root cause is absent input validation in the diagnostic services component, enabling a crafted payload to corrupt memory. No public exploit identified at time of analysis, and this vulnerability is not listed in CISA KEV.
Memory corruption in Qualcomm Snapdragon affects the IOCTL request processing path, exploitable by a local attacker with high privileges who can win a race condition between API version validation and user-space buffer consumption. Successful exploitation yields high-impact confidentiality, integrity, and availability compromise despite the moderate overall CVSS score of 6.4, which is suppressed by the high attack complexity and privilege requirements. No public exploit code and no CISA KEV listing have been identified at time of analysis, limiting immediate widespread risk.
Qualcomm Snapdragon chipsets improperly parse 802.11 advertisement frames containing malformed MBSSID (Multiple BSSID) elements of insufficient length, triggering a buffer over-read that discloses memory contents to an attacker. The CVSS vector (AV:N/AC:H/PR:L/UI:R/S:C) indicates network-reachable exploitation with changed scope, meaning the impact crosses beyond the Wi-Fi subsystem into adjacent components. No public exploit identified at time of analysis, and no CISA KEV listing exists; Qualcomm addressed this in their June 2026 Security Bulletin.
Local privilege escalation and memory corruption in Qualcomm Snapdragon platforms allows an attacker with low-privileged local access to corrupt memory during secure data initialization, leading to high impact on confidentiality, integrity, and availability. The flaw is traceable to a NULL pointer dereference (CWE-476) reachable when heap memory is exhausted, and is addressed in the Qualcomm June 2026 security bulletin. No public exploit identified at time of analysis, and EPSS data was not provided.
Local privilege escalation via memory corruption in Qualcomm Snapdragon platform components allows an authenticated low-privileged local attacker to corrupt memory by supplying device identifier strings exceeding the expected maximum length. The CVSS 7.8 (AV:L/AC:L/PR:L) profile combined with CWE-787 out-of-bounds write indicates a classic stack/heap overflow path that can be leveraged for code execution with full confidentiality, integrity, and availability impact on affected devices. No public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Local memory corruption in Qualcomm Snapdragon platforms (CVE-2025-59604) allows a low-privileged local attacker to trigger invalid memory writes via a null pointer condition during a memory copy operation, resulting in high confidentiality, integrity, and availability impact (CVSS 7.8). The flaw is disclosed in the Qualcomm June 2026 security bulletin with no public exploit identified at time of analysis and no CISA KEV listing. While CWE-476 (null pointer dereference) typically yields denial of service, the vendor's CIA:H scoring indicates the invalid writes may be steerable into broader corruption beyond a simple crash.
Sensitive device configuration is exposed to adjacent network attackers during factory reset operations conducted through the powerline interface on Qualcomm Snapdragon chipsets. An unauthenticated attacker present on the same powerline network segment can intercept unprotected configuration data at the moment of reset, gaining unauthorized access to potentially sensitive device parameters such as credentials or network settings. No public exploit has been identified at time of analysis, and Qualcomm addressed this vulnerability in its June 2026 Security Bulletin.
Buffer overflow in Qualcomm Snapdragon firmware enables authentication bypass on adjacent networks, allowing remote unauthenticated attackers to achieve complete system compromise with high impact to confidentiality, integrity, and availability. The vulnerability stems from incorrect authorization logic (CWE-863) that fails to prevent buffer overflow conditions. CVSS score of 9.6 reflects adjacent network attack vector with low complexity and no required privileges or user interaction, with scope change indicating container/hypervisor escape or lateral movement potential. No CISA KEV listing or public exploit identified at time of analysis, though EPSS data not available to assess exploitation probability.
Memory corruption in Qualcomm Snapdragon SDK occurs when processing IOCTL commands while the device is in power-save state, allowing local authenticated attackers to trigger a denial of service. The vulnerability affects all versions of Snapdragon and requires local access with user-level privileges; no authentication bypass or privilege escalation is possible, but successful exploitation causes system crash or hang. EPSS and KEV status not provided; no public exploit code has been identified at time of analysis.
Use-after-free vulnerability in Qualcomm Snapdragon chipsets enables local privilege escalation to achieve full device compromise. Low-privilege authenticated users can trigger memory corruption during performance counter deselect operations, gaining high-integrity code execution with kernel-level access. Qualcomm has released patches in their May 2026 security bulletin. EPSS data not yet available for this future-dated CVE; no confirmed active exploitation or public exploit code identified at time of analysis.
Memory corruption in Qualcomm Snapdragon allows local authenticated attackers with low privileges to achieve arbitrary code execution and full system compromise. The vulnerability triggers when malicious drivers invoke specific IOCTLs with intentionally malformed input/output buffers, bypassing buffer validation checks. EPSS and KEV status not available at time of analysis; advisory references May 2026 bulletin suggesting pre-disclosure analysis.
Local privilege escalation in Qualcomm Snapdragon chipsets allows authenticated users to corrupt kernel memory during digital signal processor (DSP) process creation, leading to arbitrary code execution with high confidentiality, integrity, and availability impact. The vulnerability exploits allocation failure handling at kernel level. Qualcomm has published a security bulletin with remediation details for the May 2026 bulletin cycle. No active exploitation or public exploit code identified at time of analysis, though EPSS data not available to assess probabilistic risk.
Information disclosure in Qualcomm Snapdragon firmware allows local authenticated attackers to read sensitive kernel memory via malformed IOCTL handler callbacks that bypass buffer size validation. The vulnerability affects multiple Snapdragon chipset versions and requires local access with limited privileges; exploitation results in confidentiality breach without direct system compromise. No active exploitation has been confirmed at the time of analysis.
Memory corruption in Qualcomm Snapdragon camera subsystem allows local authenticated users to execute arbitrary code with high privileges through crafted input/output control (ioctl) calls targeting camera sensor interfaces with malformed output buffers. CVSS score of 7.8 reflects local attack vector requiring low-privilege account access. No EPSS data or KEV listing at time of analysis, suggesting exploitation has not been publicly observed. Qualcomm security bulletin scheduled for May 2026 indicates vendor-coordinated disclosure with patches expected in that timeframe.
Memory corruption in Qualcomm Snapdragon occurs when dynamically resizing a previously allocated buffer while its contents are being concurrently modified, enabling local authenticated attackers with user-level privileges to achieve high confidentiality and integrity impact with CVSS 6.5. No active exploitation has been confirmed at the time of analysis, and patch availability details require verification against the May 2026 Qualcomm security bulletin.
Denial of service in Qualcomm Snapdragon wireless chipsets allows unauthenticated attackers in wireless range to crash the device by sending a malformed Fast Transition response frame during roaming operations. The vulnerability triggers a buffer overflow in the 802.11 frame parser when processing an invalid header structure, resulting in temporary denial of service. No authentication is required and exploitation requires only network adjacency.
Transient denial of service in Qualcomm Snapdragon occurs during target power rate table processing when configuring wireless channels, caused by a buffer over-read vulnerability. The vulnerability affects all Snapdragon versions and requires adjacent network access with no authentication or user interaction, resulting in service interruption but no data compromise or unauthorized access.
Memory corruption in Qualcomm Snapdragon components allows local authenticated users to achieve arbitrary code execution with high impact to confidentiality, integrity, and availability through malformed power management requests. The vulnerability stems from improper validation of input/output buffer sizes in power management handlers. EPSS data not available; no confirmed active exploitation (not listed in CISA KEV) or public exploit code identified at time of analysis. Qualcomm addressed this in their April 2026 security bulletin.
Buffer over-read (CWE-126) in Qualcomm Snapdragon devices causes denial-of-service when processing malformed Neighborhood Awareness Networking (NAN) service data frames with excessive length values. Attack requires network proximity, high attacker privileges, user interaction, and high complexity (CVSS 7.6), yielding CVSS scope change with potential high confidentiality/integrity impact beyond availability disruption. Qualcomm April 2026 bulletin addresses this transient DOS condition. No public exploit identified at time of analysis, though the specific protocol implementation flaw in NAN device discovery presents measurable risk in adjacent network scenarios where attackers have elevated Wi-Fi protocol access.
Local privilege escalation via use-after-free in Qualcomm Snapdragon video memory management allows authenticated attackers with low privileges to achieve complete system compromise. The vulnerability exists in deprecated DMABUF IOCTL interfaces used for direct memory access buffer operations. No public exploit identified at time of analysis, with EPSS data unavailable for this 2026 CVE. Qualcomm addressed this in their April 2026 security bulletin.
Local privilege escalation in Qualcomm Snapdragon camera sensor drivers allows authenticated users to execute arbitrary code with elevated privileges through memory corruption. The vulnerability stems from unbounded buffer access during IOCTL processing, enabling attackers to corrupt memory and achieve complete system compromise (confidentiality, integrity, and availability impact). EPSS data not available; no public exploit identified at time of analysis. Affects Qualcomm Snapdragon-powered devices across mobile and IoT ecosystems.
Local privilege escalation in Qualcomm Snapdragon camera sensor drivers allows authenticated attackers with low privileges to execute arbitrary code with elevated permissions through unchecked output buffer access during IOCTL operations. This out-of-bounds read vulnerability (CWE-126) achieves complete system compromise (confidentiality, integrity, and availability impact all rated High in CVSS). No public exploit identified at time of analysis, though the local attack vector and low complexity suggest proof-of-concept development is feasible for researchers with device access.
Memory corruption in Qualcomm Snapdragon chipsets allows authenticated local attackers with low privileges to execute arbitrary code, elevate privileges, or cause system crashes through improper IOCTL buffer validation. The vulnerability achieves complete compromise of confidentiality, integrity, and availability (CVSS 7.8 HIGH). No public exploit code identified at time of analysis, though exploitation requires only low attack complexity once local access is obtained. Qualcomm addressed this in their April 2026 security bulletin.
Memory corruption in Qualcomm Snapdragon auxiliary sensor I/O control processing allows authenticated local attackers to achieve arbitrary code execution with high integrity and confidentiality impact. The vulnerability stems from insufficient buffer size validation (CWE-126: Buffer Over-read) when handling sensor control commands. With CVSS 7.8 and local attack vector requiring low privileges, this represents a moderate real-world risk for privilege escalation attacks on Android and IoT devices using affected Snapdragon chipsets. No public exploit code or CISA KEV listing identified at time of analysis, though the April 2026 bulletin date suggests recent disclosure.
Local privilege escalation in Qualcomm Snapdragon products allows authenticated attackers to gain kernel-level code execution through memory corruption during IOCTL processing. The vulnerability stems from unchecked buffer size validation when writing to output buffers, enabling high-impact compromise of confidentiality, integrity, and availability on affected mobile and embedded devices. With a CVSS score of 7.8 and low attack complexity (AC:L), this represents a significant privilege escalation vector for malicious applications or local users, though no public exploit or active exploitation has been identified at time of analysis.
Local privilege escalation in Qualcomm Snapdragon components allows authenticated local attackers to corrupt kernel memory through malformed IOCTL requests. Exploitation requires low-privilege local access but no user interaction (CVSS 7.8, AV:L/PR:L). The vulnerability enables attackers to achieve high impact across confidentiality, integrity, and availability through unsafe memcpy operations that fail to validate buffer sizes. No public exploit identified at time of analysis, though the straightforward attack complexity (AC:L) suggests exploitation development is feasible for adversaries with local access.
Memory corruption in Qualcomm Snapdragon components allows local authenticated attackers to execute arbitrary code with high privileges. A buffer overflow vulnerability (CWE-126) occurs during output buffer retrieval due to insufficient size validation, enabling complete system compromise with high confidentiality, integrity, and availability impact. EPSS risk data not available; no confirmed active exploitation (not in CISA KEV) and no public exploit code identified at time of analysis. The local attack vector (AV:L) and low complexity (AC:L) make this exploitable by malicious apps or local users on affected Snapdragon-powered devices.
Out-of-bounds read in Qualcomm Snapdragon WiFi firmware triggers denial-of-service when processing malformed FILS Discovery frames during network scans. Remote attackers on the same wireless network can crash affected devices by broadcasting specially crafted 802.11ai Fast Initial Link Setup frames with invalid action field sizes. CVSS 7.6 (High) reflects the high attack complexity and required high privileges, though the confidentiality/integrity impacts appear overstated for a transient DOS condition. EPSS data not available; no public exploit identified at time of analysis.
Buffer overread in Qualcomm Snapdragon cryptographic implementation allows authenticated local attackers to expose sensitive memory contents and potentially manipulate cryptographic operations. The vulnerability (CWE-126) stems from copying data to a destination buffer without size validation, creating high confidentiality and integrity risk. EPSS scoring and KEV status not available at time of analysis; no public exploit identified. Affects Qualcomm Snapdragon chipsets with fix documented in April 2026 security bulletin.
Memory corruption in Qualcomm Snapdragon chipsets allows adjacent network attackers to achieve arbitrary code execution without authentication when processing malformed satellite data files containing invalid signature offsets. The vulnerability stems from an integer overflow (CWE-190) that leads to buffer overflow conditions during satellite data decoding. With a CVSS score of 8.8 and adjacent network attack vector, this represents a significant risk for devices with satellite communication capabilities in proximity-based attack scenarios. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.
Local privilege escalation in Qualcomm Snapdragon allows authenticated users to execute arbitrary code through memory corruption when processing frame requests. This CWE-121 stack-based buffer overflow enables complete system compromise (high confidentiality, integrity, and availability impact). No public exploit identified at time of analysis, with CVSS 7.8 indicating high severity requiring low attack complexity and low privileges. Qualcomm's April 2026 security bulletin addresses this vulnerability.
Local privilege escalation via memory corruption in Qualcomm Snapdragon JPEG driver allows authenticated local users to achieve full system compromise (high confidentiality, integrity, and availability impact). The buffer overflow vulnerability (CWE-126) occurs during IOCTL request preprocessing, a common attack surface in kernel-mode device drivers. CVSS 7.8 indicates high severity with low attack complexity. No public exploit identified at time of analysis, and EPSS data not available in provided intelligence. Qualcomm's April 2026 security bulletin addresses this issue, indicating coordinated disclosure timeframe.
Local privilege escalation in Qualcomm Snapdragon components enables authenticated users to achieve arbitrary code execution with elevated privileges through memory corruption triggered by integer overflow during attestation report generation. The vulnerability requires low attack complexity and low-level authentication (CVSS:3.1/AV:L/AC:L/PR:L), allowing complete compromise of confidentiality, integrity, and availability on affected devices. With CVSS 7.8 (High severity) and local attack vector, this represents a significant risk on multi-user Android devices where malicious apps could exploit the flaw to break out of sandboxing. No public exploit identified at time of analysis, though the buffer overflow class (CWE-120) is well-understood by exploit developers.
Memory corruption via use-after-free in Qualcomm Snapdragon SDK occurs when concurrent fence deregistration and signal handling operations access freed memory, allowing authenticated local attackers with low privileges to achieve information disclosure and integrity/availability compromise. CVSS 6.5 reflects local attack vector with high complexity; no public exploit code or active exploitation confirmed at time of analysis.