CVE-2026-21383
Reusing a Nonce, Key Pair in Encryption in HLOS
CVSS Score
7.1
EPSS Score
0.1%
EPSS Percentile
1th
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
| CWE | CWE-323 |
| Vendor | qualcomm, inc. |
| Product | snapdragon |
| Published | Jul 6, 2026 |
| Last Updated | Jul 8, 2026 |
Stay Ahead of the Next One
Get instant alerts for qualcomm, inc. snapdragon
Be the first to know when new high vulnerabilities affecting qualcomm, inc. snapdragon are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None
Affected Versions
Qualcomm, Inc. / Snapdragon
FastConnect 6900 FastConnect 7800 LeMans_AU_LGIT LeMansAU Pandeiro QAM8255P QAM8397P QAM8797P QAMSRV1H QAMSRV1M QCA6595AU QCA6696 QCA6698AQ QCA6797AQ QCA8695AU QDU1000 QDU1110 QDU1210 QDX1010 QDX1011 QLN1083BD QLN1086BD QPA1083BD QPA1086BD Qualcomm Dragonwing X100 Accelerator Card QXM1093 QXM1094 QXM1095 QXM1096 SA7255P SA7775P SA8255P SA8620P SA8770P SA9000P SAR1165P SAR2130P Snapdragon AR1 Gen 1 Platform Snapdragon AR1+ Gen 1 Platform SRV1H SRV1M SXR2230P SXR2250P WCD9380 WCD9385 WCN3950 WCN7860 WCN7861 WSA8830 WSA8832 WSA8835 XRV7209 XRV9209