CVE-2026-21385

Integer Overflow or Wraparound in Graphics

CVSS 7.8 HIGHEPSS 1.1%● KEVCWE-190

In short

A flaw in how graphics memory is allocated can cause it to overflow, corrupting data in memory. This can lead to crashes or allow attackers to execute malicious code.

Technical detail

Integer overflow in memory alignment calculations during graphics buffer allocation allows heap corruption. Attack vector requires processing specially crafted graphical input; impact includes code execution or denial of service depending on memory layout and application context.

Summary generated and translated by AI from the official description.

Memory corruption while using alignments for memory allocation.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Qualcomm, Inc. · Snapdragon

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html https://source.android.com/docs/security/bulletin/2026/2026-03-01 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21385