Information disclosure due to buffer overread in Core
Conclusion & alert: CVE-2022-40519 is rated Low Risk (27.9/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.11%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-06-15 | 0.05% | 0.11% | +0.07% |
| 2 | 2026-06-12 | 0.05% | 0.05% | -0.01% |
| 3 | 2026-01-14 | — | 0.05% | — |
Full EPSS history (11 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 6.8 | 3.1 | MEDIUM |
|
2.5 | 4.2 | [email protected] |
| 5.5 | 3.1 | MEDIUM |
|
1.8 | 3.6 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | aqt1000_firmware | — | cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8031_firmware | — | cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ar8035_firmware | — | cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csr8811_firmware | — | cpe:2.3:o:qualcomm:csr8811_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6620_firmware | — | cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csra6640_firmware | — | cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:* |
| qualcomm | csrb31024_firmware | — | cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fsm10056_firmware | — | cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq6000_firmware | — | cpe:2.3:o:qualcomm:ipq6000_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq6005_firmware | — | cpe:2.3:o:qualcomm:ipq6005_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq6010_firmware | — | cpe:2.3:o:qualcomm:ipq6010_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq6018_firmware | — | cpe:2.3:o:qualcomm:ipq6018_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq6028_firmware | — | cpe:2.3:o:qualcomm:ipq6028_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq9008_firmware | — | cpe:2.3:o:qualcomm:ipq9008_firmware:-:*:*:*:*:*:*:* |
| qualcomm | ipq9574_firmware | — | cpe:2.3:o:qualcomm:ipq9574_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9150_firmware | — | cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:* |
| qualcomm | mdm9205_firmware | — | cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qam8295p_firmware | — | cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca4004_firmware | — | cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca4024_firmware | — | cpe:2.3:o:qualcomm:qca4024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6174a_firmware | — | cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6310_firmware | — | cpe:2.3:o:qualcomm:qca6310_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6320_firmware | — | cpe:2.3:o:qualcomm:qca6320_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6335_firmware | — | cpe:2.3:o:qualcomm:qca6335_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6390_firmware | — | cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6391_firmware | — | cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6420_firmware | — | cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6421_firmware | — | cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6426_firmware | — | cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6430_firmware | — | cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6431_firmware | — | cpe:2.3:o:qualcomm:qca6431_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6436_firmware | — | cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564_firmware | — | cpe:2.3:o:qualcomm:qca6564_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564a_firmware | — | cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6564au_firmware | — | cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574_firmware | — | cpe:2.3:o:qualcomm:qca6574_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574a_firmware | — | cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6574au_firmware | — | cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595_firmware | — | cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595au_firmware | — | cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6696_firmware | — | cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8072_firmware | — | cpe:2.3:o:qualcomm:qca8072_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8075_firmware | — | cpe:2.3:o:qualcomm:qca8075_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8081_firmware | — | cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8082_firmware | — | cpe:2.3:o:qualcomm:qca8082_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8084_firmware | — | cpe:2.3:o:qualcomm:qca8084_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8085_firmware | — | cpe:2.3:o:qualcomm:qca8085_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8337_firmware | — | cpe:2.3:o:qualcomm:qca8337_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca8386_firmware | — | cpe:2.3:o:qualcomm:qca8386_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9377_firmware | — | cpe:2.3:o:qualcomm:qca9377_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca9984_firmware | — | cpe:2.3:o:qualcomm:qca9984_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcc5100_firmware | — | cpe:2.3:o:qualcomm:qcc5100_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm2290_firmware | — | cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm4290_firmware | — | cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm6125_firmware | — | cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm6490_firmware | — | cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5021_firmware | — | cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5022_firmware | — | cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5052_firmware | — | cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5121_firmware | — | cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5122_firmware | — | cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn5152_firmware | — | cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn6023_firmware | — | cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn6024_firmware | — | cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn7606_firmware | — | cpe:2.3:o:qualcomm:qcn7606_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9000_firmware | — | cpe:2.3:o:qualcomm:qcn9000_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9011_firmware | — | cpe:2.3:o:qualcomm:qcn9011_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9012_firmware | — | cpe:2.3:o:qualcomm:qcn9012_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9022_firmware | — | cpe:2.3:o:qualcomm:qcn9022_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9024_firmware | — | cpe:2.3:o:qualcomm:qcn9024_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9070_firmware | — | cpe:2.3:o:qualcomm:qcn9070_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9072_firmware | — | cpe:2.3:o:qualcomm:qcn9072_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9074_firmware | — | cpe:2.3:o:qualcomm:qcn9074_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcn9274_firmware | — | cpe:2.3:o:qualcomm:qcn9274_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs2290_firmware | — | cpe:2.3:o:qualcomm:qcs2290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs405_firmware | — | cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs410_firmware | — | cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs4290_firmware | — | cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs603_firmware | — | cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs605_firmware | — | cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://www.qualcomm.com/company/product-security/bulletins/january-2023-bulletin | Vendor Advisory |