{"api_version":"1","generated_at":"2026-04-14T22:23:46+00:00","cve":"CVE-2026-21382","urls":{"html":"https://cve.report/CVE-2026-21382","api":"https://cve.report/api/cve/CVE-2026-21382.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-21382","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-21382"},"summary":{"title":"Buffer Copy Without Checking Size of Input in Power Management IC","description":"Memory Corruption when handling power management requests with improperly sized input/output buffers.","state":"PUBLISHED","assigner":"qualcomm","published_at":"2026-04-06 16:16:31","updated_at":"2026-04-08 20:59:06"},"problem_types":["CWE-120","CWE-120 CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":[{"version":"3.1","source":"product-security@qualcomm.com","type":"Primary","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"7.8","severity":"HIGH","vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"}}],"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html","name":"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html","refsource":"product-security@qualcomm.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-21382","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-21382","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected Cologne","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected FastConnect 6900","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected FastConnect 7800","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected QCA0000","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected SC8380XP","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WCD9378C","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WCD9380","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WCD9385","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WSA8840","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WSA8845","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected WSA8845H","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected X2000077","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected X2000086","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected X2000090","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected X2000092","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected X2000094","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected XG101002","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected XG101032","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]},{"source":"CNA","vendor":"Qualcomm, Inc.","product":"Snapdragon","version":"affected XG101039","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"cologne","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"cologne_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"fastconnect_6900","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"fastconnect_6900_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"fastconnect_7800","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"fastconnect_7800_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"qca0000","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"qca0000_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"sc8380xp","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"sc8380xp_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wcd9378c","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wcd9378c_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wcd9380","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wcd9380_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wcd9385","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wcd9385_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wsa8840","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wsa8840_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wsa8845","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"wsa8845h","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wsa8845h_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"wsa8845_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"x2000077","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"x2000077_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"x2000086","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"x2000086_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"x2000090","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"x2000090_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"x2000092","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"x2000092_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"x2000094","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"x2000094_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"xg101002","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"xg101002_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"xg101032","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"xg101032_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"qualcomm","cpe5":"xg101039","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2026","cve_id":"21382","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"xg101039_firmware","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2026","cve_id":"21382","cve":"CVE-2026-21382","epss":"0.000130000","percentile":"0.019790000","score_date":"2026-04-13","updated_at":"2026-04-14 00:12:05"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-21382","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2026-04-06T00:00:00+00:00","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-07T03:55:57.569Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Snapdragon Compute","Snapdragon Industrial IOT"],"product":"Snapdragon","vendor":"Qualcomm, Inc.","versions":[{"status":"affected","version":"Cologne"},{"status":"affected","version":"FastConnect 6900"},{"status":"affected","version":"FastConnect 7800"},{"status":"affected","version":"QCA0000"},{"status":"affected","version":"SC8380XP"},{"status":"affected","version":"WCD9378C"},{"status":"affected","version":"WCD9380"},{"status":"affected","version":"WCD9385"},{"status":"affected","version":"WSA8840"},{"status":"affected","version":"WSA8845"},{"status":"affected","version":"WSA8845H"},{"status":"affected","version":"X2000077"},{"status":"affected","version":"X2000086"},{"status":"affected","version":"X2000090"},{"status":"affected","version":"X2000092"},{"status":"affected","version":"X2000094"},{"status":"affected","version":"XG101002"},{"status":"affected","version":"XG101032"},{"status":"affected","version":"XG101039"}]}],"descriptions":[{"lang":"en","value":"Memory Corruption when handling power management requests with improperly sized input/output buffers."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-120","description":"CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-06T15:33:56.950Z","orgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","shortName":"qualcomm"},"references":[{"url":"https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.html"}],"title":"Buffer Copy Without Checking Size of Input in Power Management IC"}},"cveMetadata":{"assignerOrgId":"2cfc7d3e-20d3-47ac-8db7-1b7285aff15f","assignerShortName":"qualcomm","cveId":"CVE-2026-21382","datePublished":"2026-04-06T15:33:56.950Z","dateReserved":"2025-12-17T04:35:45.743Z","dateUpdated":"2026-04-07T03:55:57.569Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-06 16:16:31","lastModifiedDate":"2026-04-08 20:59:06","problem_types":["CWE-120","CWE-120 CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')"],"metrics":{"cvssMetricV31":[{"source":"product-security@qualcomm.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:cologne_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8FF959C0-5AAB-4DC5-AE8F-4EFA21A00B5E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:cologne:-:*:*:*:*:*:*:*","matchCriteriaId":"E31E0C48-FB61-47C8-B28B-3A701E85E126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E670F500-9B71-4BBE-B5DA-221D35803C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*","matchCriteriaId":"9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*","matchCriteriaId":"638DBC7F-456F-487D-BED2-2214DFF8BEE2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC941093-1A7C-47B2-AB3B-05AE4AE2FBE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*","matchCriteriaId":"7A2AA834-C17C-4E0E-A510-795818041E47"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*","matchCriteriaId":"FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9378c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"95D79E3A-1978-4B23-B60B-2BD47FEDF5C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9378c:-:*:*:*:*:*:*:*","matchCriteriaId":"91B32C89-3238-4FDF-BB3F-F6BAE829769B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"70292B01-617F-44AD-AF77-1AFC1450523D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*","matchCriteriaId":"FA94C6D6-85DB-4031-AAF4-C399019AE16D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"92B17201-8185-47F1-9720-5AB4ECD11B22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FA2EB9-416F-4D69-8786-386CC73978AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CA33DE15-C177-43B3-AD50-FF797753D12E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*","matchCriteriaId":"AE1A5841-5BCB-4033-ACB9-23F3FCA65309"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B47BF35-3AA0-4667-842E-19B0FE30BF3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*","matchCriteriaId":"8A071672-9405-4418-9141-35CEADBB65AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BB7CF473-8B25-4851-91F2-1BD693CCDC85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*","matchCriteriaId":"91E591F2-8F72-4A5A-9264-2742EB2DABDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000077_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A91D253E-0E24-474F-B016-0AC783812EBF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000077:-:*:*:*:*:*:*:*","matchCriteriaId":"DF588C55-E61D-46C6-98C3-647748AB0192"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000086_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E763DC2C-2D41-483D-8763-8518AAFC8B09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000086:-:*:*:*:*:*:*:*","matchCriteriaId":"2DD6A8C6-F716-42F3-A16A-70CDD2F72BCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000090_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"21436FFF-DC3A-4279-85BB-1D2F9D270FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000090:-:*:*:*:*:*:*:*","matchCriteriaId":"991A3700-C97D-4495-8281-A11E0472930C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000092_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E23F8167-8C43-4CCC-B95B-1BF8462E1E90"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000092:-:*:*:*:*:*:*:*","matchCriteriaId":"65E7DF1E-5CDE-4DF0-A952-A01BF059EB96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:x2000094_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"789E6127-504B-4B50-B5C7-C7F7933378A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:x2000094:-:*:*:*:*:*:*:*","matchCriteriaId":"5A029C9E-9F11-4D07-BD80-B9D00A379AAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101002_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B7EAE86E-AC65-4C37-A23E-E4C9DBFDEE48"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101002:-:*:*:*:*:*:*:*","matchCriteriaId":"71E5EA1A-F5AE-42B6-804B-59FE6016A691"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101032_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45E15ACE-6573-43FC-8B38-A3B760C8B60D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101032:-:*:*:*:*:*:*:*","matchCriteriaId":"96CF3B92-6AA8-4494-A047-C0DAB82C01D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:qualcomm:xg101039_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"4C8F081D-479F-492A-9580-8EBE8011DA4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:qualcomm:xg101039:-:*:*:*:*:*:*:*","matchCriteriaId":"9A96C6B0-5B33-45DA-B3B1-AD304B7AE313"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"21382","Ordinal":"1","Title":"Buffer Copy Without Checking Size of Input in Power Management I","CVE":"CVE-2026-21382","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"21382","Ordinal":"1","NoteData":"Memory Corruption when handling power management requests with improperly sized input/output buffers.","Type":"Description","Title":"Buffer Copy Without Checking Size of Input in Power Management I"}]}}}