Memory Corruption Vulnerability in Qualcomm Fastboot Commands
CVE-2026-24089

7.2HIGH

Key Information:

Vendor: Qualcomm
Status: Snapdragon
Vendor: CVE Published:; 1 June 2026

What is CVE-2026-24089?

This vulnerability allows for memory corruption when processing fastboot commands with invalid or malformed input, potentially leading to unauthorized access or system instability. Appropriate input validation and error handling practices are crucial to mitigate risks associated with this issue.

Affected Version(s)

Snapdragon XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Jan 21, 2026

CVE-2026-24089 Data

JSON