GHSA-v9qv-qmj7-ghvr · Severity: medium — Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during...
Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during validation checks.
Conclusion & alert: CVE-2026-21368 is rated Low Risk (21.4/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.09%). Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-07-07 | — | 0.09% | — |
Full EPSS history (1 record total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 5.3 | 3.1 | MEDIUM |
|
1.1 | 3.7 | [email protected] |
GHSA-v9qv-qmj7-ghvr · Severity: medium — Memory Corruption when parsing jpeg commands due to unaccounted extra writes to the buffer during...
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| qualcomm | fastconnect_6700_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_6900_firmware | — | cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:* |
| qualcomm | fastconnect_7800_firmware | — | cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:* |
| qualcomm | g3x_gen_2_firmware | — | cpe:2.3:o:qualcomm:g3x_gen_2_firmware:-:*:*:*:*:*:*:* |
| qualcomm | iq-9075_firmware | — | cpe:2.3:o:qualcomm:iq-9075_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sm8550p_firmware | — | cpe:2.3:o:qualcomm:sm8550p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_4_gen_2_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_4_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_460_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_460_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_6_gen_1_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_6_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_6_gen_3_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_6_gen_3_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_662_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_662_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_7_gen_1_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_7_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_8_elite_firmware | — | cpe:2.3:o:qualcomm:snapdragon_8_elite_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_8_gen_1_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_8_gen_2_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_8_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_8\+_gen_2_mobile_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_8\+_gen_2_mobile_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_ar1_gen_1_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_ar1_gen_1_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_xr2_5g_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | snapdragon_xr2\+_gen_1_platform_firmware | — | cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_platform_firmware:-:*:*:*:*:*:*:* |
| qualcomm | srv1h_firmware | — | cpe:2.3:o:qualcomm:srv1h_firmware:-:*:*:*:*:*:*:* |
| qualcomm | srv1m_firmware | — | cpe:2.3:o:qualcomm:srv1m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sxr2230p_firmware | — | cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sxr2330p_firmware | — | cpe:2.3:o:qualcomm:sxr2330p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sxr2350p_firmware | — | cpe:2.3:o:qualcomm:sxr2350p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9370_firmware | — | cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9371_firmware | — | cpe:2.3:o:qualcomm:wcd9371_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9375_firmware | — | cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9378_firmware | — | cpe:2.3:o:qualcomm:wcd9378_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9380_firmware | — | cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9385_firmware | — | cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9390_firmware | — | cpe:2.3:o:qualcomm:wcd9390_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcd9395_firmware | — | cpe:2.3:o:qualcomm:wcd9395_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3950_firmware | — | cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn3988_firmware | — | cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn6450_firmware | — | cpe:2.3:o:qualcomm:wcn6450_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn6650_firmware | — | cpe:2.3:o:qualcomm:wcn6650_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn6755_firmware | — | cpe:2.3:o:qualcomm:wcn6755_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7860_firmware | — | cpe:2.3:o:qualcomm:wcn7860_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7861_firmware | — | cpe:2.3:o:qualcomm:wcn7861_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wcn7881_firmware | — | cpe:2.3:o:qualcomm:wcn7881_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8810_firmware | — | cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8815_firmware | — | cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8830_firmware | — | cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8832_firmware | — | cpe:2.3:o:qualcomm:wsa8832_firmware:-:*:*:*:*:*:*:* |
| qualcomm | wsa8835_firmware | — | cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:* |
| qualcomm | lemans_au_lgit_firmware | — | cpe:2.3:o:qualcomm:lemans_au_lgit_firmware:-:*:*:*:*:*:*:* |
| qualcomm | lemansau_firmware | — | cpe:2.3:o:qualcomm:lemansau_firmware:-:*:*:*:*:*:*:* |
| qualcomm | netrani_firmware | — | cpe:2.3:o:qualcomm:netrani_firmware:-:*:*:*:*:*:*:* |
| qualcomm | pandeiro_firmware | — | cpe:2.3:o:qualcomm:pandeiro_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qam8255p_firmware | — | cpe:2.3:o:qualcomm:qam8255p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qamsrv1h_firmware | — | cpe:2.3:o:qualcomm:qamsrv1h_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qamsrv1m_firmware | — | cpe:2.3:o:qualcomm:qamsrv1m_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595_firmware | — | cpe:2.3:o:qualcomm:qca6595_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6595au_firmware | — | cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6678aq_firmware | — | cpe:2.3:o:qualcomm:qca6678aq_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6698aq_firmware | — | cpe:2.3:o:qualcomm:qca6698aq_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6698au_firmware | — | cpe:2.3:o:qualcomm:qca6698au_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qca6797aq_firmware | — | cpe:2.3:o:qualcomm:qca6797aq_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm4490_firmware | — | cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcm8838_firmware | — | cpe:2.3:o:qualcomm:qcm8838_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs4490_firmware | — | cpe:2.3:o:qualcomm:qcs4490_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qcs8550_firmware | — | cpe:2.3:o:qualcomm:qcs8550_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qln1083bd_firmware | — | cpe:2.3:o:qualcomm:qln1083bd_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qln1086bd_firmware | — | cpe:2.3:o:qualcomm:qln1086bd_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qpa1083bd_firmware | — | cpe:2.3:o:qualcomm:qpa1083bd_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qpa1086bd_firmware | — | cpe:2.3:o:qualcomm:qpa1086bd_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qxm1093_firmware | — | cpe:2.3:o:qualcomm:qxm1093_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qxm1094_firmware | — | cpe:2.3:o:qualcomm:qxm1094_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qxm1095_firmware | — | cpe:2.3:o:qualcomm:qxm1095_firmware:-:*:*:*:*:*:*:* |
| qualcomm | qxm1096_firmware | — | cpe:2.3:o:qualcomm:qxm1096_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa7255p_firmware | — | cpe:2.3:o:qualcomm:sa7255p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa7775p_firmware | — | cpe:2.3:o:qualcomm:sa7775p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8255p_firmware | — | cpe:2.3:o:qualcomm:sa8255p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8620p_firmware | — | cpe:2.3:o:qualcomm:sa8620p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa8770p_firmware | — | cpe:2.3:o:qualcomm:sa8770p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sa9000p_firmware | — | cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sar2130p_firmware | — | cpe:2.3:o:qualcomm:sar2130p_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sc8380xp_firmware | — | cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd_8_gen1_5g_firmware | — | cpe:2.3:o:qualcomm:sd_8_gen1_5g_firmware:-:*:*:*:*:*:*:* |
| qualcomm | sd865_5g_firmware | — | cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://docs.qualcomm.com/product/publicresources/securitybulletin/july-2026-bulletin.html | Patch Vendor Advisory |