CVE-2026-21368
Out-of-bounds Write in Camera Driver
CVSS Score
5.3
EPSS Score
0.1%
EPSS Percentile
1th
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.
| CWE | CWE-787 |
| Vendor | qualcomm, inc. |
| Product | snapdragon |
| Published | Jul 6, 2026 |
| Last Updated | Jul 7, 2026 |
Stay Ahead of the Next One
Get instant alerts for qualcomm, inc. snapdragon
Be the first to know when new medium vulnerabilities affecting qualcomm, inc. snapdragon are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
Low
Affected Versions
Qualcomm, Inc. / Snapdragon
FastConnect 6700 FastConnect 6900 FastConnect 7800 G3x Gen 2 IQ9 Series Platform LeMans_AU_LGIT LeMansAU Netrani Pandeiro QAM8255P QAMSRV1H QAMSRV1M QCA6595 QCA6595AU QCA6678AQ QCA6698AQ QCA6698AU QCA6797AQ QCM4490 QCM8838 QCS4490 QCS8550 QLN1083BD QLN1086BD QPA1083BD QPA1086BD QXM1093 QXM1094 QXM1095 QXM1096 SA7255P SA7775P SA8255P SA8620P SA8770P SA9000P SAR2130P SC8380XP SD 8 Gen1 5G SD865 5G SDR753 SM7435 SM7525 SM7550 SM7550P SM8550P Snapdragon 4 Gen 2 Mobile Platform Snapdragon 460 Mobile Platform Snapdragon 6 Gen 1 Mobile Platform Snapdragon 6 Gen 3 Mobile Platform Snapdragon 662 Mobile Platform Snapdragon 7 Gen 1 Mobile Platform Snapdragon 8 Elite Snapdragon 8 Gen 1 Mobile Platform Snapdragon 8 Gen 2 Mobile Platform Snapdragon 8+ Gen 2 Mobile Platform Snapdragon AR1 Gen 1 Platform Snapdragon XR2 5G Platform Snapdragon XR2+ Gen 1 Platform SRV1H SRV1M SXR2230P SXR2330P SXR2350P WCD9370 WCD9371 WCD9375 WCD9378 WCD9380 WCD9385 WCD9390 WCD9395 WCN3950 WCN3988 WCN6450 WCN6650 WCN6755 WCN7860 WCN7861 WCN7881 WSA8810 WSA8815 WSA8830 WSA8832 WSA8835 WSA8840 WSA8845 WSA8845H X1E80100 XRV7209 XRV9209