CVE-2026-25266

Published May 4, 2026
Last updated 5 days ago
CVSS medium 5.5
Overview

Description: Memory corruption while processing IOCTL command when device is in power-save state.
Source: product-security@qualcomm.com
NVD status: Analyzed
Products: cologne_firmware, fastconnect_6900_firmware, fastconnect_7800_firmware, sc8380xp_firmware, snapdragon_ar1_gen_1_firmware, wcd9378c_firmware, wcd9380_firmware, wcd9385_firmware, wcn7861_firmware, wcn7880_firmware, wsa8830_firmware, wsa8832_firmware, wsa8835_firmware, wsa8840_firmware, wsa8845_firmware, wsa8845h_firmware, x2000077_firmware, x2000086_firmware, x2000090_firmware, x2000092_firmware, x2000094_firmware, xg101002_firmware, xg101032_firmware, xg101039_firmware
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH
Weaknesses

product-security@qualcomm.com: CWE-749
nvd@nist.gov: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:cologne_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8FF959C0-5AAB-4DC5-AE8F-4EFA21A00B5E",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:cologne:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E31E0C48-FB61-47C8-B28B-3A701E85E126",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "14E3FE58-7F1C-4F5C-B62D-0CF124E14AB2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FFCB0BBA-3F81-4FCA-B3DE-190C46DA50DB",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A69D9315-2233-4C4E-8651-8E32C4BA5866",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:snapdragon_ar1_gen_1:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "27DFA1D7-0459-401A-9E00-A5E700AC9C9F",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wcd9378c_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "95D79E3A-1978-4B23-B60B-2BD47FEDF5C2",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wcd9378c:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "91B32C89-3238-4FDF-BB3F-F6BAE829769B",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "92B17201-8185-47F1-9720-5AB4ECD11B22",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E1FA2EB9-416F-4D69-8786-386CC73978AE",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "57608D47-894C-4895-B4B3-4733D55D57DB",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wcn7861:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2FFD2C38-1A61-4BED-ABFA-DAE0C4B78620",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wcn7880_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "63735D33-9F09-4841-9FE0-0D9AB604BECF",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wcn7880:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E826F765-4C2E-4319-BBC4-DEB02AAD783F",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "7ACAD26E-B79E-4659-91A5-D301281F7D36",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8832:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F0E46DA6-9494-4D92-A4AE-A272AF6ACCCC",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "CA33DE15-C177-43B3-AD50-FF797753D12E",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "AE1A5841-5BCB-4033-ACB9-23F3FCA65309",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5B47BF35-3AA0-4667-842E-19B0FE30BF3C",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "8A071672-9405-4418-9141-35CEADBB65AF",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "BB7CF473-8B25-4851-91F2-1BD693CCDC85",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "91E591F2-8F72-4A5A-9264-2742EB2DABDA",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:x2000077_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "A91D253E-0E24-474F-B016-0AC783812EBF",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:x2000077:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "DF588C55-E61D-46C6-98C3-647748AB0192",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:x2000086_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E763DC2C-2D41-483D-8763-8518AAFC8B09",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:x2000086:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "2DD6A8C6-F716-42F3-A16A-70CDD2F72BCD",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:x2000090_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "21436FFF-DC3A-4279-85BB-1D2F9D270FFC",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:x2000090:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "991A3700-C97D-4495-8281-A11E0472930C",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:x2000092_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "E23F8167-8C43-4CCC-B95B-1BF8462E1E90",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:x2000092:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "65E7DF1E-5CDE-4DF0-A952-A01BF059EB96",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:x2000094_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "789E6127-504B-4B50-B5C7-C7F7933378A1",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:x2000094:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "5A029C9E-9F11-4D07-BD80-B9D00A379AAD",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:xg101002_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "B7EAE86E-AC65-4C37-A23E-E4C9DBFDEE48",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:xg101002:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "71E5EA1A-F5AE-42B6-804B-59FE6016A691",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:xg101032_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "45E15ACE-6573-43FC-8B38-A3B760C8B60D",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:xg101032:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "96CF3B92-6AA8-4494-A047-C0DAB82C01D9",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:qualcomm:xg101039_firmware:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "4C8F081D-479F-492A-9580-8EBE8011DA4E",
            "vulnerable": true
          }
        ],
        "negate": false,
        "operator": "OR"
      },
      {
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:qualcomm:xg101039:-:*:*:*:*:*:*:*",
            "matchCriteriaId": "9A96C6B0-5B33-45DA-B3B1-AD304B7AE313",
            "vulnerable": false
          }
        ],
        "negate": false,
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

Related CVEs

References
