Memory Corruption Vulnerability in Qualcomm Products
CVE-2026-21368

5.3MEDIUM

Key Information:

Vendor

Qualcomm

Vendor
CVE Published:
6 July 2026

What is CVE-2026-21368?

This vulnerability is characterized by memory corruption that occurs when parsing JPEG commands. Specifically, it arises from unaccounted extra writes to the buffer during the validation checks. This can potentially lead to unexpected system behavior, including crashes or arbitrary code execution. Proper validation and memory management practices are crucial to mitigate the associated risks.

Affected Version(s)

Snapdragon Snapdragon Auto FastConnect 6700

Snapdragon Snapdragon Auto FastConnect 6900

Snapdragon Snapdragon Auto FastConnect 7800

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.