CVE-2026-25266
Awaiting Analysis
Awaiting Analysis - Queue
Memory Corruption in Qualcomm Chipset Firmware
Publication date: 2026-05-04
Last updated on: 2026-05-06
Assigner: Qualcomm, Inc.
Description
Description
Memory corruption while processing IOCTL command when device is in power-save state.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| qualcomm | cologne_firmware | * |
| qualcomm | fastconnect_6900_firmware | * |
| qualcomm | fastconnect_7800_firmware | * |
| qualcomm | sc8380xp_firmware | * |
| qualcomm | snapdragon_ar1_gen_1_firmware | * |
| qualcomm | wcd9378c_firmware | * |
| qualcomm | wcd9380_firmware | * |
| qualcomm | wcd9385_firmware | * |
| qualcomm | wcn7861_firmware | * |
| qualcomm | wcn7880_firmware | * |
| qualcomm | wsa8830_firmware | * |
| qualcomm | wsa8832_firmware | * |
| qualcomm | wsa8835_firmware | * |
| qualcomm | wsa8840_firmware | * |
| qualcomm | wsa8845_firmware | * |
| qualcomm | wsa8845h_firmware | * |
| qualcomm | x2000077_firmware | * |
| qualcomm | x2000086_firmware | * |
| qualcomm | x2000090_firmware | * |
| qualcomm | x2000092_firmware | * |
| qualcomm | x2000094_firmware | * |
| qualcomm | xg101002_firmware | * |
| qualcomm | xg101032_firmware | * |
| qualcomm | xg101039_firmware | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-749 | The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory corruption issue that occurs when processing an IOCTL command while the device is in a power-save state.
How can this vulnerability impact me? :
The vulnerability can lead to a denial of service (DoS) condition, as indicated by the CVSS score which shows a high impact on availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70