Qualcomm Snapdragon
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Qualcomm Snapdragon.
By the Year
In 2026 there have been 95 vulnerabilities in Qualcomm Snapdragon with an average score of 7.4 out of ten. Last year, in 2025 Snapdragon had 103 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Snapdragon in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.24
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 95 | 7.37 |
| 2025 | 103 | 7.61 |
| 2024 | 1 | 7.80 |
| 2023 | 6 | 8.23 |
| 2022 | 52 | 7.58 |
| 2021 | 227 | 7.67 |
| 2020 | 167 | 0.00 |
| 2019 | 147 | 0.00 |
| 2018 | 183 | 0.00 |
It may take a day or so for new Snapdragon vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Qualcomm Snapdragon Security Vulnerabilities
Qualcomm Strongbox TEE Buffer Overflow Memory Corruption
CVE-2026-25277
8.8 - High
- June 01, 2026
Memory corruption while using Strongbox due to buffer overflow.
Classic Buffer Overflow
CVE-2026-25276: Memory Corruption in Qualcomm Strongbox (Bound Check Missing)
CVE-2026-25276
8.8 - High
- June 01, 2026
Memory corruption while using Strongbox due to missing bounds check.
out-of-bounds array index
Qualcomm Memory Corruption in Shared Buffer Access (CVE-2026-25260)
CVE-2026-25260
7.8 - High
- June 01, 2026
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
TOCTTOU
Memory corruption in Qualcomm QMI Modem IOCTL escape ops
CVE-2026-25259
7.8 - High
- June 01, 2026
Memory corruption while processing multiple IOCTL command for escape operations.
Memory Corruption
Memory Corruption in Qualcomm IOCTL Escape Handler
CVE-2026-25258
7.8 - High
- June 01, 2026
Memory corruption while processing IOCTL calls for escape operations.
Out-of-bounds Read
Qualcomm Fastboot Memory Corruption on DisplayMode Set
CVE-2026-24092
7.2 - High
- June 01, 2026
Memory Corruption when processing fastboot commands to set display mode.
Improper Validation of Syntactic Correctness of Input
Qualcomm Fastboot Memory Corrupt via Malformed Input
CVE-2026-24091
7.2 - High
- June 01, 2026
Memory corruption while processing fastboot commands with improperly formatted input.
Improper Validation of Syntactic Correctness of Input
Qualcomm Bootloader Crypto Flaw Lets Unauthorized Boot Flow Change
CVE-2026-24090
7.1 - High
- June 01, 2026
Cryptographic issue while processing partition table entries allows unauthorized modification of boot flow.
Missing Authentication for Critical Function
CVE-2026-24089: Memory Corruption in Fastboot Commands
CVE-2026-24089
7.2 - High
- June 01, 2026
Memory corruption while processing fastboot commands with invalid input.
Improper Validation of Syntactic Correctness of Input
Unauthorized Write via Crypto Defect in Qualcomm Partition Handler (BL)
CVE-2026-24088
8.2 - High
- June 01, 2026
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
Missing Authentication for Critical Function
Memory corruption in Qualcomm Fastboot OEM commands
CVE-2026-24087
7.2 - High
- June 01, 2026
Memory corruption while processing fastboot OEM commands.
Improper Validation of Syntactic Correctness of Input
Qualcomm Snapdragon Memory Corruption via Uninitialized Variable in Display CLI
CVE-2026-24085
7.2 - High
- June 01, 2026
Memory Corruption when processing display command line information due to improper initialization of a variable.
Stack Overflow
Qualcomm RNG Driver Buffer Overflow Memory Corruption
CVE-2025-59614
6.7 - Medium
- June 01, 2026
Memory Corruption when sending random number generator command with insufficient output buffer size.
Memory Corruption
Qualcomm Buffer Overflow via Small Output Buffer in Data Copy
CVE-2025-59613
6.7 - Medium
- June 01, 2026
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
Stack Overflow
Memory Corruption in Qualcomm Windows Drivers via Invalid Trusted App Request
CVE-2025-59612
6.7 - Medium
- June 01, 2026
Memory corruption in windows drivers while sending incorrect trusted application request
Stack Overflow
Memory Corruption in Qualcomm Diagnostic Services via Input Validation Failure
CVE-2025-59611
6.7 - Medium
- June 01, 2026
Memory corruption in diagnostic services due to absence of input validation
Memory Corruption
CVE-2025-59610: IOCTL Memory Corruption in Qualcomm Snapdragon Driver
CVE-2025-59610
6.4 - Medium
- June 01, 2026
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
TOCTTOU
Info Disclosure via Short MBSSID in Qualcomm Bluetooth
CVE-2025-59609
5.5 - Medium
- June 01, 2026
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
Buffer Over-read
Qualcomm QSEE Memory Corruption via Heap Overflow in Secure Data Init
CVE-2025-59606
7.8 - High
- June 01, 2026
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
NULL Pointer Dereference
Qualcomm driver memory corruption via overlength device ID
CVE-2025-59605
7.8 - High
- June 01, 2026
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
Memory Corruption
Qualcomm Memory Corruption via Null Ptr on memcpy
CVE-2025-59604
7.8 - High
- June 01, 2026
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
NULL Pointer Dereference
Qualcomm Powerline Info Disclosure on Factory Reset
CVE-2025-59601
6.5 - Medium
- June 01, 2026
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
Exposure of Sensitive Information Through Metadata
PLC FW Assigner Buffer Overflow due to Wrong Auth (Qualcomm)
CVE-2026-25293
9.6 - Critical
- May 04, 2026
Buffer overflow due to incorrect authorization in PLC FW
AuthZ
Qualcomm IOCTL Memory Corruption in Power-Save Mode
CVE-2026-25266
5.5 - Medium
- May 04, 2026
Memory corruption while processing IOCTL command when device is in power-save state.
Exposed Dangerous Method or Function
Memory Corruption in Qualcomm Snapdragon Perf Counter Driver During Deselect
CVE-2026-24082
7.8 - High
- May 04, 2026
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
Dangling pointer
Qualcomm Driver IOCTL Buffer Corruption Vulnerability
CVE-2025-47408
7.8 - High
- May 04, 2026
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
Untrusted Pointer Dereference
Memory Corruption in Qualcomm DSP Process Creation due to Allocation Failure
CVE-2025-47407
7.8 - High
- May 04, 2026
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
TOCTTOU
CVE-2025-47406: Qualcomm IOCTL Buffer Size OOB Disclosure
CVE-2025-47406
6.1 - Medium
- May 04, 2026
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
Buffer Over-read
Qualcomm Camera Driver Buffer Overflow via Invalid Output Buffers
CVE-2025-47405
7.8 - High
- May 04, 2026
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
Untrusted Pointer Dereference
Qualcomm Snapdragon Driver Buffer Resize Memory Corruption
CVE-2025-47404
6.5 - Medium
- May 04, 2026
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Classic Buffer Overflow
Qualcomm Wireless Driver DOS via Malformed FT Frame
CVE-2025-47403
6.5 - Medium
- May 04, 2026
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
Buffer Over-read
Qualcomm Target Power Rate Table Channel Config DoS
CVE-2025-47401
6.5 - Medium
- May 04, 2026
Transient DOS when processing target power rate tables during channel configuration.
Buffer Over-read
Memory Corruption via Improper Buffer Sizing in Qualcomm PM
CVE-2026-21382
7.8 - High
- April 06, 2026
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Classic Buffer Overflow
Qualcomm QCA WiFi NAN DoS via Excessive Service Data Frame Length
CVE-2026-21381
7.6 - High
- April 06, 2026
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Buffer Over-read
Qualcomm DMABUF IOCTL Memory Corruption
CVE-2026-21380
7.8 - High
- April 06, 2026
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
Dangling pointer
Qualcomm Camera Driver Output Buffer Size Validation Bypass
CVE-2026-21378
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Buffer Over-read
Qualcomm Camera Sensor Driver IOCTL Buffer Validation Flaw
CVE-2026-21376
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Buffer Over-read
Qualcomm IOCTL Output Buffer Size Bypass Causing Mem Corruption
CVE-2026-21375
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Buffer Over-read
Memory Corruption in Qualcomm Sensor Driver Aux IO Ctl CMD Buffer Overflow
CVE-2026-21374
7.8 - High
- April 06, 2026
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Buffer Over-read
Qualcomm Kernel Driver Output Buffer Size Validation Flaw
CVE-2026-21373
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Buffer Over-read
Qualcomm IOCTL Buffer Overrun via memcpy (CVE-2026-21372)
CVE-2026-21372
7.8 - High
- April 06, 2026
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
Heap-based Buffer Overflow
Qualcomm Android Kernel: Buffer Size Validation Causes Memory Corruption
CVE-2026-21371
7.8 - High
- April 06, 2026
Memory Corruption when retrieving output buffer with insufficient size validation.
Buffer Over-read
Qualcomm WiFi 6 FW DOS via out-of-range FILS Discovery Frames
CVE-2026-21367
7.6 - High
- April 06, 2026
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Buffer Over-read
Qualcomm Crypto Lib Buffer Overflow During Data Copy CVE-2025-47400
CVE-2025-47400
7.1 - High
- April 06, 2026
Cryptographic issue while copying data to a destination buffer without validating its size.
Buffer Over-read
Qualcomm Satellite Decoder MemCorrupt on Invalid Sign Offsets
CVE-2025-47392
8.8 - High
- April 06, 2026
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
Integer Overflow or Wraparound
Qualcomm Snapdragon: Mem Corruption in Frame Request Handling
CVE-2025-47391
7.8 - High
- April 06, 2026
Memory corruption while processing a frame request from user.
Stack Overflow
Qualcomm JPEG Driver IOCTL Memory Corruption
CVE-2025-47390
7.8 - High
- April 06, 2026
Memory corruption while preprocessing IOCTL request in JPEG driver.
Buffer Over-read
Qualcomm QSEE Buffer Overflow in Attestation Report Generation
CVE-2025-47389
7.8 - High
- April 06, 2026
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Classic Buffer Overflow
Qualcomm Adreno GPU Memory Fault via Fence Dereg & Signal
CVE-2025-47374
6.5 - Medium
- April 06, 2026
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
Dangling pointer
Qualcomm Memory Corruption via Alignment Allocation
CVE-2026-21385
7.8 - High
- March 02, 2026
Memory corruption while using alignments for memory allocation.
Integer Overflow or Wraparound
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Qualcomm Snapdragon or by Qualcomm? Click the Watch button to subscribe.
