CVE-2026-24091

Analyzed Analyzed - Analysis Complete

Memory Corruption in Fastboot Command Processing

Publication date: 2026-06-01

Last updated on: 2026-06-02

Assigner: Qualcomm, Inc.

Description

Memory corruption while processing fastboot commands with improperly formatted input.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-01

Last Modified

2026-06-02

Generated

2026-06-22

AI Q&A

2026-06-02

EPSS Evaluated

2026-06-21

NVD

CVE-2026-24091

EUVD

EUVD-2026-33848

Affected Vendors & Products

Vendor	Product	Version / Range
qualcomm	c-v2x_9150_firmware	*
qualcomm	cologne_firmware	*
qualcomm	cq7790_firmware	*
qualcomm	cq8725s_firmware	*
qualcomm	cq8750m_firmware	*
qualcomm	csra6620_firmware	*
qualcomm	csra6640_firmware	*
qualcomm	csrb31024_firmware	*
qualcomm	fastconnect_6200_firmware	*
qualcomm	fastconnect_6700_firmware	*
qualcomm	fastconnect_6800_firmware	*
qualcomm	fastconnect_6900_firmware	*
qualcomm	fastconnect_7800_firmware	*
qualcomm	flight_rb5_5g_platform_firmware	*
qualcomm	fsm100_platform_firmware	*
qualcomm	fwa_gen_3_ultra_firmware	*
qualcomm	fwa_gen_5_elite_firmware	*
qualcomm	g1_gen_1_firmware	*
qualcomm	g2_gen_1_firmware	*
qualcomm	g3x_gen_2_firmware	*
qualcomm	iq-9075_firmware	*
qualcomm	kalpeni_firmware	*
qualcomm	kobuk_firmware	*
qualcomm	lemans_au_lgit_firmware	*
qualcomm	lemansau_firmware	*
qualcomm	milos_firmware	*
qualcomm	milos_iot_firmware	*
qualcomm	molokai_firmware	*
qualcomm	netrani_firmware	*
qualcomm	orne_firmware	*
qualcomm	palawan25_firmware	*
qualcomm	pandeiro_firmware	*
qualcomm	qam8255p_firmware	*
qualcomm	qam8295p_firmware	*
qualcomm	qam8397p_firmware	*
qualcomm	qam8797p_firmware	*
qualcomm	qamsrv1h_firmware	*
qualcomm	qamsrv1m_firmware	*
qualcomm	qca2066_firmware	*
qualcomm	qca6174a_firmware	*
qualcomm	qdu1000_firmware	*
qualcomm	qdu1110_firmware	*
qualcomm	qdu1210_firmware	*
qualcomm	qdx1010_firmware	*
qualcomm	qdx1011_firmware	*
qualcomm	qep8111_firmware	*
qualcomm	qfw7114_firmware	*
qualcomm	qfw7124_firmware	*
qualcomm	qln1083bd_firmware	*
qualcomm	qln1086bd_firmware	*
qualcomm	qmb415_firmware	*
qualcomm	qmb715_firmware	*
qualcomm	qmp1000_firmware	*
qualcomm	qmp2001_firmware	*
qualcomm	qpa1083bd_firmware	*
qualcomm	qpa1086bd_firmware	*
qualcomm	qrb5165m_firmware	*
qualcomm	qrb5165n_firmware	*
qualcomm	qru1032_firmware	*
qualcomm	qualcomm_dragonwing_qru100_platform_firmware	*
qualcomm	qualcomm_dragonwing_x100_accelerator_card_firmware	*
qualcomm	video_collaboration_vc1_platform_firmware	*
qualcomm	video_collaboration_vc3_platform_firmware	*
qualcomm	video_collaboration_vc5_platform_firmware	*
qualcomm	qxm1083_firmware	*
qualcomm	qxm1086_firmware	*
qualcomm	qxm1093_firmware	*
qualcomm	qxm1094_firmware	*
qualcomm	qxm1095_firmware	*
qualcomm	qxm1096_firmware	*
qualcomm	robotics_rb2_platform_firmware	*
qualcomm	robotics_rb5_platform_firmware	*
qualcomm	sa2150p_firmware	*
qualcomm	sa4150p_firmware	*
qualcomm	sa4155p_firmware	*
qualcomm	sa510m_firmware	*
qualcomm	sa6145p_firmware	*
qualcomm	sa6150p_firmware	*
qualcomm	sa6155_firmware	*
qualcomm	sa6155p_firmware	*
qualcomm	sm8550p_firmware	*
qualcomm	sm8635_firmware	*
qualcomm	sm8635p_firmware	*
qualcomm	sm8650q_firmware	*
qualcomm	sm8735p_firmware	*
qualcomm	sm8750p_firmware	*
qualcomm	sm8845p_firmware	*
qualcomm	smart_audio_400_platform_firmware	*
qualcomm	snapdragon_4_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_4_gen_2_mobile_platform_firmware	*
qualcomm	snapdragon_460_mobile_platform_firmware	*
qualcomm	snapdragon_480_5g_mobile_platform_firmware	*
qualcomm	snapdragon_480+_5g_mobile_platform_firmware	*
qualcomm	snapdragon_6_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_6_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_6_gen_4_mobile_platform_firmware	*
qualcomm	snapdragon_660_mobile_platform_firmware	*
qualcomm	snapdragon_662_mobile_platform_firmware	*
qualcomm	snapdragon_680_4g_mobile_platform_firmware	*
qualcomm	snapdragon_685_4g_mobile_platform_firmware	*
qualcomm	snapdragon_690_5g_mobile_platform_firmware	*
qualcomm	snapdragon_695_5g_mobile_platform_firmware	*
qualcomm	snapdragon_7_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_7_gen_4_mobile_platform_firmware	*
qualcomm	snapdragon_7+_gen_2_mobile_platform_firmware	*
qualcomm	snapdragon_778g_5g_mobile_platform_firmware	*
qualcomm	snapdragon_778g+_5g_mobile_platform_firmware	*
qualcomm	snapdragon_782g_mobile_platform_firmware	*
qualcomm	snapdragon_7c+_gen_3_compute_firmware	*
qualcomm	snapdragon_7s_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_8_elite_firmware	*
qualcomm	snapdragon_8_elite_gen_5_firmware	*
qualcomm	snapdragon_8_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_8_gen_2_mobile_platform_firmware	*
qualcomm	snapdragon_8_gen_3_mobile_platform_firmware	*
qualcomm	snapdragon_8+_gen_1_mobile_platform_firmware	*
qualcomm	snapdragon_8+_gen_2_mobile_platform_firmware	*
qualcomm	snapdragon_865_5g_mobile_platform_firmware	*
qualcomm	snapdragon_865+_5g_mobile_platform_firmware	*
qualcomm	snapdragon_870_5g_mobile_platform_firmware	*
qualcomm	snapdragon_g1_gen_2_gaming_platform_firmware	*
qualcomm	5g_fixed_wireless_access_platform_firmware	*
qualcomm	apq8098_firmware	*
qualcomm	ar8031_firmware	*
qualcomm	ar8035_firmware	*
qualcomm	qca6391_firmware	*
qualcomm	qca6564au_firmware	*
qualcomm	qca6574_firmware	*
qualcomm	qca6574a_firmware	*
qualcomm	qca6574au_firmware	*
qualcomm	qca6584au_firmware	*
qualcomm	qca6595_firmware	*
qualcomm	qca6595au_firmware	*
qualcomm	qca6678aq_firmware	*
qualcomm	qca6688aq_firmware	*
qualcomm	qca6696_firmware	*
qualcomm	qca6698aq_firmware	*
qualcomm	qca6698au_firmware	*
qualcomm	qca6797aq_firmware	*
qualcomm	qca8081_firmware	*
qualcomm	qca8337_firmware	*
qualcomm	qca8386_firmware	*
qualcomm	qca8695au_firmware	*
qualcomm	qca9367_firmware	*
qualcomm	qca9377_firmware	*
qualcomm	qcc710_firmware	*
qualcomm	qcf8001_firmware	*
qualcomm	qcm2290_firmware	*
qualcomm	qcm4325_firmware	*
qualcomm	qcm4490_firmware	*
qualcomm	qcm5430_firmware	*
qualcomm	qcm6125_firmware	*
qualcomm	qcm6490_firmware	*
qualcomm	qcm8838_firmware	*
qualcomm	qcn6024_firmware	*
qualcomm	qcn6224_firmware	*
qualcomm	qcn6274_firmware	*
qualcomm	qcn9011_firmware	*
qualcomm	qcn9012_firmware	*
qualcomm	qcn9024_firmware	*
qualcomm	qcs2290_firmware	*
qualcomm	qcs4290_firmware	*
qualcomm	qcs4490_firmware	*
qualcomm	qcs6690_firmware	*
qualcomm	qcs8550_firmware	*
qualcomm	sa7255p_firmware	*
qualcomm	sa7775p_firmware	*
qualcomm	sa8145p_firmware	*
qualcomm	sa8150p_firmware	*
qualcomm	sa8155_firmware	*
qualcomm	sa8155p_firmware	*
qualcomm	sa8195p_firmware	*
qualcomm	sa8255p_firmware	*
qualcomm	sa8295p_firmware	*
qualcomm	sa8620p_firmware	*
qualcomm	sa8770p_firmware	*
qualcomm	sa9000p_firmware	*
qualcomm	sar1165p_firmware	*
qualcomm	sar2130p_firmware	*
qualcomm	sc8380xp_firmware	*
qualcomm	sd_8_gen1_5g_firmware	*
qualcomm	sd662_firmware	*
qualcomm	sd865_5g_firmware	*
qualcomm	sda660_firmware	*
qualcomm	sdr753_firmware	*
qualcomm	sdx61_firmware	*
qualcomm	sdx81_firmware	*
qualcomm	sm4850_firmware	*
qualcomm	sm4850p_firmware	*
qualcomm	sm6225p_firmware	*
qualcomm	sm6450p_firmware	*
qualcomm	sm6475p_firmware	*
qualcomm	sm6475q_firmware	*
qualcomm	sm6650p_firmware	*
qualcomm	sm6850_firmware	*
qualcomm	sm7325p_firmware	*
qualcomm	sm7435_firmware	*
qualcomm	sm7435p_firmware	*
qualcomm	sm7525_firmware	*
qualcomm	sm7550_firmware	*
qualcomm	sm7550p_firmware	*
qualcomm	sm7635p_firmware	*
qualcomm	sm7675_firmware	*
qualcomm	sm7675p_firmware	*
qualcomm	sm8475p_firmware	*
qualcomm	snapdragon_888_5g_mobile_platform_firmware	*
qualcomm	snapdragon_888+_5g_mobile_platform_firmware	*
qualcomm	snapdragon_ar1_gen_1_platform_firmware	*
qualcomm	snapdragon_ar1+_gen_1_platform_firmware	*
qualcomm	snapdragon_auto_5g_modem-rf_firmware	*
qualcomm	snapdragon_auto_5g_modem-rf_gen_2_firmware	*
qualcomm	snapdragon_w5+_gen_1_wearable_platform_firmware	*
qualcomm	snapdragon_x32_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x35_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x53_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x55_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x62_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x65_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x72_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_x75_5g_modem-rf_system_firmware	*
qualcomm	snapdragon_xr2_5g_platform_firmware	*
qualcomm	snapdragon_xr2+_gen_1_platform_firmware	*
qualcomm	snapdragon_auto_4g_modem_firmware	*
qualcomm	snapdragon_wear_elite_platform_firmware	*
qualcomm	srv1h_firmware	*
qualcomm	srv1m_firmware	*
qualcomm	sw5100_firmware	*
qualcomm	sw5100p_firmware	*
qualcomm	sxr2230p_firmware	*
qualcomm	sxr2250p_firmware	*
qualcomm	sxr2330p_firmware	*
qualcomm	sxr2350p_firmware	*
qualcomm	themisto_firmware	*
qualcomm	vision_intelligence_400_platform_firmware	*
qualcomm	wcd9335_firmware	*
qualcomm	wcd9340_firmware	*
qualcomm	wcd9341_firmware	*
qualcomm	wcd9360_firmware	*
qualcomm	wcd9370_firmware	*
qualcomm	wcd9371_firmware	*
qualcomm	wcd9375_firmware	*
qualcomm	wcd9378_firmware	*
qualcomm	wcd9380_firmware	*
qualcomm	wcd9385_firmware	*
qualcomm	wcd9390_firmware	*
qualcomm	wcd9395_firmware	*
qualcomm	wcn3910_firmware	*
qualcomm	wcn3950_firmware	*
qualcomm	wcn3980_firmware	*
qualcomm	wcn3988_firmware	*
qualcomm	wcn3990_firmware	*
qualcomm	wcn6450_firmware	*
qualcomm	wcn6650_firmware	*
qualcomm	wcn6755_firmware	*
qualcomm	wcn7760_firmware	*
qualcomm	wcn7860_firmware	*
qualcomm	wcn7861_firmware	*
qualcomm	wcn7880_firmware	*
qualcomm	wcn7881_firmware	*
qualcomm	wsa8810_firmware	*
qualcomm	wsa8815_firmware	*
qualcomm	wsa8830_firmware	*
qualcomm	wsa8832_firmware	*
qualcomm	wsa8835_firmware	*
qualcomm	wsa8840_firmware	*
qualcomm	wsa8845_firmware	*
qualcomm	wsa8845h_firmware	*
qualcomm	wsa8850_firmware	*
qualcomm	wsa8850w_firmware	*
qualcomm	wsa8855c_firmware	*
qualcomm	x1e80100_firmware	*
qualcomm	xrv7209_firmware	*
qualcomm	xrv9209_firmware	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-1286	The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

Attack-Flow Graph

Executive Summary

This vulnerability is a memory corruption issue that occurs when processing fastboot commands with improperly formatted input.

Impact Analysis

The vulnerability has a high severity with a CVSS base score of 7.2, indicating it can lead to significant impacts including complete confidentiality, integrity, and availability compromise.

Hi! I’m here to help you understand CVE-2026-24091. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2026-24091

Memory Corruption in Fastboot Command Processing

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart