Memory Corruption Vulnerability in Qualcomm Networking Products
CVE-2026-21384

5.3MEDIUM

Key Information:

Vendor

Qualcomm

Vendor
CVE Published:
6 July 2026

What is CVE-2026-21384?

A memory corruption vulnerability exists in Qualcomm networking products when handling updates to prepared commands. Specifically, if user-space inputs lead to the use of invalid port indices, it may exceed the supported read client limits, potentially allowing attackers to exploit the system's memory management features. This issue poses significant risks for device integrity and network performance, necessitating immediate attention and mitigation strategies to safeguard against potential exploits.

Affected Version(s)

Snapdragon Snapdragon Auto FastConnect 6700

Snapdragon Snapdragon Auto FastConnect 6900

Snapdragon Snapdragon Auto FastConnect 7800

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.