Qualcomm Snapdragon
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Qualcomm Snapdragon.
By the Year
In 2026 there have been 73 vulnerabilities in Qualcomm Snapdragon with an average score of 7.4 out of ten. Last year, in 2025 Snapdragon had 103 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Snapdragon in 2026 could surpass last years number. Last year, the average CVE base score was greater by 0.23
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 73 | 7.39 |
| 2025 | 103 | 7.61 |
| 2024 | 1 | 7.80 |
| 2023 | 6 | 8.23 |
| 2022 | 52 | 7.58 |
| 2021 | 227 | 7.67 |
| 2020 | 167 | 0.00 |
| 2019 | 147 | 0.00 |
| 2018 | 183 | 0.00 |
It may take a day or so for new Snapdragon vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Qualcomm Snapdragon Security Vulnerabilities
PLC FW Assigner Buffer Overflow due to Wrong Auth (Qualcomm)
CVE-2026-25293
9.6 - Critical
- May 04, 2026
Buffer overflow due to incorrect authorization in PLC FW
AuthZ
Qualcomm IOCTL Memory Corruption in Power-Save Mode
CVE-2026-25266
5.5 - Medium
- May 04, 2026
Memory corruption while processing IOCTL command when device is in power-save state.
Exposed Dangerous Method or Function
Memory Corruption in Qualcomm Snapdragon Perf Counter Driver During Deselect
CVE-2026-24082
7.8 - High
- May 04, 2026
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
Dangling pointer
Qualcomm Driver IOCTL Buffer Corruption Vulnerability
CVE-2025-47408
7.8 - High
- May 04, 2026
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
Untrusted Pointer Dereference
Memory Corruption in Qualcomm DSP Process Creation due to Allocation Failure
CVE-2025-47407
7.8 - High
- May 04, 2026
Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.
TOCTTOU
CVE-2025-47406: Qualcomm IOCTL Buffer Size OOB Disclosure
CVE-2025-47406
6.1 - Medium
- May 04, 2026
Information Disclosure while processing IOCTL handler callbacks without verifying buffer size.
Buffer Over-read
Qualcomm Camera Driver Buffer Overflow via Invalid Output Buffers
CVE-2025-47405
7.8 - High
- May 04, 2026
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
Untrusted Pointer Dereference
Qualcomm Snapdragon Driver Buffer Resize Memory Corruption
CVE-2025-47404
6.5 - Medium
- May 04, 2026
Memory corruption when dynamically changing the size of a previously allocated buffer while its contents are being modified.
Classic Buffer Overflow
Qualcomm Wireless Driver DOS via Malformed FT Frame
CVE-2025-47403
6.5 - Medium
- May 04, 2026
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming.
Buffer Over-read
Qualcomm Target Power Rate Table Channel Config DoS
CVE-2025-47401
6.5 - Medium
- May 04, 2026
Transient DOS when processing target power rate tables during channel configuration.
Buffer Over-read
Memory Corruption via Improper Buffer Sizing in Qualcomm PM
CVE-2026-21382
7.8 - High
- April 06, 2026
Memory Corruption when handling power management requests with improperly sized input/output buffers.
Classic Buffer Overflow
Qualcomm QCA WiFi NAN DoS via Excessive Service Data Frame Length
CVE-2026-21381
7.6 - High
- April 06, 2026
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
Buffer Over-read
Qualcomm DMABUF IOCTL Memory Corruption
CVE-2026-21380
7.8 - High
- April 06, 2026
Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.
Dangling pointer
Qualcomm Camera Driver Output Buffer Size Validation Bypass
CVE-2026-21378
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Buffer Over-read
Qualcomm Camera Sensor Driver IOCTL Buffer Validation Flaw
CVE-2026-21376
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
Buffer Over-read
Qualcomm IOCTL Output Buffer Size Bypass Causing Mem Corruption
CVE-2026-21375
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Buffer Over-read
Memory Corruption in Qualcomm Sensor Driver Aux IO Ctl CMD Buffer Overflow
CVE-2026-21374
7.8 - High
- April 06, 2026
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Buffer Over-read
Qualcomm Kernel Driver Output Buffer Size Validation Flaw
CVE-2026-21373
7.8 - High
- April 06, 2026
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
Buffer Over-read
Qualcomm IOCTL Buffer Overrun via memcpy (CVE-2026-21372)
CVE-2026-21372
7.8 - High
- April 06, 2026
Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations.
Heap-based Buffer Overflow
Qualcomm Android Kernel: Buffer Size Validation Causes Memory Corruption
CVE-2026-21371
7.8 - High
- April 06, 2026
Memory Corruption when retrieving output buffer with insufficient size validation.
Buffer Over-read
Qualcomm WiFi 6 FW DOS via out-of-range FILS Discovery Frames
CVE-2026-21367
7.6 - High
- April 06, 2026
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
Buffer Over-read
Qualcomm Crypto Lib Buffer Overflow During Data Copy CVE-2025-47400
CVE-2025-47400
7.1 - High
- April 06, 2026
Cryptographic issue while copying data to a destination buffer without validating its size.
Buffer Over-read
Qualcomm Satellite Decoder MemCorrupt on Invalid Sign Offsets
CVE-2025-47392
8.8 - High
- April 06, 2026
Memory corruption when decoding corrupted satellite data files with invalid signature offsets.
Integer Overflow or Wraparound
Qualcomm Snapdragon: Mem Corruption in Frame Request Handling
CVE-2025-47391
7.8 - High
- April 06, 2026
Memory corruption while processing a frame request from user.
Stack Overflow
Qualcomm JPEG Driver IOCTL Memory Corruption
CVE-2025-47390
7.8 - High
- April 06, 2026
Memory corruption while preprocessing IOCTL request in JPEG driver.
Buffer Over-read
Qualcomm QSEE Buffer Overflow in Attestation Report Generation
CVE-2025-47389
7.8 - High
- April 06, 2026
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
Classic Buffer Overflow
Qualcomm Adreno GPU Memory Fault via Fence Dereg & Signal
CVE-2025-47374
6.5 - Medium
- April 06, 2026
Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling.
Dangling pointer
Qualcomm Memory Corruption via Alignment Allocation
CVE-2026-21385
7.8 - High
- March 02, 2026
Memory corruption while using alignments for memory allocation.
Integer Overflow or Wraparound
Qualcomm Memory Corruption via Nonstandard Buffer Address
CVE-2025-59603
7.8 - High
- March 02, 2026
Memory Corruption when processing invalid user address with nonstandard buffer address.
Memory Corruption
Memory Corruption via unchecked buffer overflow in Qualcomm component
CVE-2025-59600
7.8 - High
- March 02, 2026
Memory Corruption when adding user-supplied data without checking available buffer space.
Buffer Over-read
Memory Corruption via IOCTL in Qualcomm driver under concurrent access
CVE-2025-47386
7.8 - High
- March 02, 2026
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
Dangling pointer
Qualcomm TEE Memory Corruption via Privilege Escalation
CVE-2025-47385
7.8 - High
- March 02, 2026
Memory Corruption when accessing trusted execution environment without proper privilege check.
Register Interface Allows Software Access to Sensitive Data or Security Settings
Transient DoS via MAC Config ID overflow (Qualcomm)
CVE-2025-47384
6.5 - Medium
- March 02, 2026
Transient DOS when MAC configures config id greater than supported maximum value.
assertion failure
Qualcomm VoWiFi Weak Config Causing Crypto Issue (CVE-2025-47383)
CVE-2025-47383
7.2 - High
- March 02, 2026
Weak configuration may lead to cryptographic issue when a VoWiFi call is triggered from UE.
Missing Cryptographic Step
Qualcomm IOCTL Shared Buffer Concurrency Memory Corruption
CVE-2025-47381
7.8 - High
- March 02, 2026
Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.
Dangling pointer
Qualcomm Snapdragon Shared Buffer Memory Corruption
CVE-2025-47379
7.8 - High
- March 02, 2026
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
Dangling pointer
Qualcomm HLOS Boot Loader Crypto Issue via Shared VM Ref
CVE-2025-47378
7.1 - High
- March 02, 2026
Cryptographic Issue when a shared VM reference allows HLOS to boot loader and access cert chain.
Exposure of Sensitive System Information to an Unauthorized Control Sphere
Qualcomm Driver IOCTL Buffer Use-After-Free (CVE-2025-47377)
CVE-2025-47377
7.8 - High
- March 02, 2026
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
Dangling pointer
Qualcomm Driver Concurrent IOCTL Shared Buffer Mem Corruption
CVE-2025-47376
7.8 - High
- March 02, 2026
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
Dangling pointer
Qualcomm Kernel Driver: Concurrent IOCTLs Lead to Memory Corruption
CVE-2025-47375
7.8 - High
- March 02, 2026
Memory corruption while handling different IOCTL calls from the user-space simultaneously.
Dangling pointer
Qualcomm TEE memory corruption via TA length bypass
CVE-2025-47373
7.8 - High
- March 02, 2026
Memory Corruption when accessing buffers with invalid length during TA invocation.
Memory Corruption
Transient DoS via invalid LTE RLC packet on Qualcomm UE
CVE-2025-47371
6.5 - Medium
- March 02, 2026
Transient DOS when an LTE RLC packet with invalid TB is received by UE.
assertion failure
Transient DoS via Oversize Auth IE in 802.11 Frame
CVE-2025-47402
6.5 - Medium
- February 02, 2026
Transient DOS when processing a received frame with an excessively large authentication information element.
Buffer Over-read
Memory Corruption in sensor driver IOCTL (invalid params)
CVE-2025-47399
7.8 - High
- February 02, 2026
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
Classic Buffer Overflow
GPU Mem Buffer Dealloc Memory Corruption Vulnerability
CVE-2025-47398
7.8 - High
- February 02, 2026
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
Dangling pointer
GPU DMA Memory Corruption via Unchecked IOMMU Mapping Errors
CVE-2025-47397
7.8 - High
- February 02, 2026
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
Memory Leak
Android TEE Crypto Flaw via HLOS Input
CVE-2025-47366
7.1 - High
- February 02, 2026
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
Exposed Dangerous Method or Function
Memory Corruption in Partition Offset Calculation
CVE-2025-47364
6.8 - Medium
- February 02, 2026
Memory corruption while calculating offset from partition start point.
Integer Overflow or Wraparound
Memory Corruption in Partition Size Calc (Oversized)
CVE-2025-47363
6.8 - Medium
- February 02, 2026
Memory corruption when calculating oversized partition sizes without proper checks.
Integer Overflow or Wraparound
Memory Corruption via Concurrent Free API misuse
CVE-2025-47359
7.8 - High
- February 02, 2026
Memory Corruption when multiple threads simultaneously access a memory free API.
Dangling pointer
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Qualcomm Snapdragon or by Qualcomm? Click the Watch button to subscribe.
