CVE-2026-21381

Received Received - Intake

Denial of Service via Oversized Frame in Qualcomm NDN Protocol

Publication date: 2026-04-06

Last updated on: 2026-04-08

Assigner: Qualcomm, Inc.

Description

Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-04-06

Last Modified

2026-04-08

Generated

2026-05-07

AI Q&A

2026-04-06

EPSS Evaluated

2026-05-05

NVD

CVE-2026-21381

EUVD

EUVD-2026-19337

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	ar8035_firmware	*
qualcomm	cologne_firmware	*
qualcomm	fastconnect_6200_firmware	*
qualcomm	fastconnect_6700_firmware	*
qualcomm	fastconnect_6900_firmware	*
qualcomm	fastconnect_7800_firmware	*
qualcomm	fwa_gen_3_ultra_firmware	*
qualcomm	g2_gen_1_firmware	*
qualcomm	milos_firmware	*
qualcomm	netrani_firmware	*
qualcomm	orne_firmware	*
qualcomm	palawan25_firmware	*
qualcomm	pandeiro_firmware	*
qualcomm	qca6391_firmware	*
qualcomm	qca6698au_firmware	*
qualcomm	qca6777aq_firmware	*
qualcomm	qca6787aq_firmware	*
qualcomm	qca6797aq_firmware	*
qualcomm	qca8081_firmware	*
qualcomm	qca8337_firmware	*
qualcomm	qcc2073_firmware	*
qualcomm	qcc2076_firmware	*
qualcomm	qcc710_firmware	*
qualcomm	qcn6224_firmware	*
qualcomm	qcn6274_firmware	*
qualcomm	qcn9011_firmware	*
qualcomm	qcn9012_firmware	*
qualcomm	qcs8550_firmware	*
qualcomm	qfw7114_firmware	*
qualcomm	qfw7124_firmware	*
qualcomm	qln1083bd_firmware	*
qualcomm	qln1086bd_firmware	*
qualcomm	qmp1000_firmware	*
qualcomm	qpa1083bd_firmware	*
qualcomm	qpa1086bd_firmware	*
qualcomm	qxm1083_firmware	*
qualcomm	qxm1086_firmware	*
qualcomm	qxm1093_firmware	*
qualcomm	qxm1094_firmware	*
qualcomm	qxm1095_firmware	*
qualcomm	qxm1096_firmware	*
qualcomm	sar1165p_firmware	*
qualcomm	sar2130p_firmware	*
qualcomm	sc8380xp_firmware	*
qualcomm	sm6650p_firmware	*
qualcomm	sm7435_firmware	*
qualcomm	sm7635p_firmware	*
qualcomm	sm7675_firmware	*
qualcomm	sm7675p_firmware	*
qualcomm	sm8635_firmware	*
qualcomm	sm8635p_firmware	*
qualcomm	sm8650q_firmware	*
qualcomm	sm8750p_firmware	*
qualcomm	snapdragon_6_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_6_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_6_gen_4_mobile_platform_firmware	*
qualcomm	snapdragon_7s_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_8_elite_firmware	*
qualcomm	snapdragon_8_elite_gen_5_firmware	*
qualcomm	snapdragon_8_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_ar1_gen_1_platform_firmware	*
qualcomm	snapdragon_ar1+_gen_1_platform_firmware	*
qualcomm	snapdragon_x72_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x75_5g_modem-rf_system_firmware	*
qualcomm	sxr2230p_firmware	*
qualcomm	sxr2250p_firmware	*
qualcomm	sxr2330p_firmware	*
qualcomm	sxr2350p_firmware	*
qualcomm	wcd9340_firmware	*
qualcomm	wcd9370_firmware	*
qualcomm	wcd9375_firmware	*
qualcomm	wcd9378_firmware	*
qualcomm	wcd9378c_firmware	*
qualcomm	wcd9380_firmware	*
qualcomm	wcd9385_firmware	*
qualcomm	wcd9390_firmware	*
qualcomm	wcd9395_firmware	*
qualcomm	wcn3988_firmware	*
qualcomm	wcn6450_firmware	*
qualcomm	wcn6650_firmware	*
qualcomm	wcn6755_firmware	*
qualcomm	wcn7860_firmware	*
qualcomm	wcn7861_firmware	*
qualcomm	wcn7880_firmware	*
qualcomm	wcn7881_firmware	*
qualcomm	wsa8810_firmware	*
qualcomm	wsa8815_firmware	*
qualcomm	wsa8830_firmware	*
qualcomm	wsa8832_firmware	*
qualcomm	wsa8835_firmware	*
qualcomm	wsa8840_firmware	*
qualcomm	wsa8845_firmware	*
qualcomm	wsa8845h_firmware	*
qualcomm	x2000077_firmware	*
qualcomm	x2000086_firmware	*
qualcomm	x2000090_firmware	*
qualcomm	x2000092_firmware	*
qualcomm	x2000094_firmware	*
qualcomm	xg101002_firmware	*
qualcomm	xg101032_firmware	*
qualcomm	xg101039_firmware	*
qualcomm	xrv7209_firmware	*
qualcomm	xrv9209_firmware	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-126	The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

Attack-Flow Graph

AI Powered Q&A

Can you explain this vulnerability to me?

This vulnerability is a transient denial of service (DOS) issue that occurs when a device receives a service data frame with an excessive length during the device matching process over a neighborhood awareness network protocol connection.

How can this vulnerability impact me? :

The impact of this vulnerability is a denial of service condition, which can temporarily disrupt the normal operation of the affected device by causing it to become unresponsive or unavailable during the processing of oversized service data frames.

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2026-21381

Denial of Service via Oversized Frame in Qualcomm NDN Protocol

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Powered Q&A

Ask Our AI Assistant

EPSS Chart