CVE-2026-25260
high
CVSS v3
7.8
CVSS v4 NEW
โ
VIR risk
7.8
Description
Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications.
Predictions
Exploit likelihood
75%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| qualcomm | cologne | - | |
| qualcomm | fastconnect_6700 | - | |
| qualcomm | fastconnect_6900 | - | |
| qualcomm | fastconnect_7800 | - | |
| qualcomm | qcm5430 | - | |
| qualcomm | qcm6490 | - | |
| qualcomm | video_collaboration_vc3_platform | - | |
| qualcomm | sc8380xp | - | |
| qualcomm | sd865_5g | - | |
| qualcomm | snapdragon_ar1_gen_1_platform | - | |
| qualcomm | snapdragon_xr2_5g_platform | - | |
| qualcomm | snapdragon_xr2\+_gen_1_platform | - | |
| qualcomm | sxr2230p | - | |
| qualcomm | sxr2250p | - | |
| qualcomm | wcd9370 | - | |
| qualcomm | wcd9375 | - | |
| qualcomm | wcd9378c | - | |
| qualcomm | wcd9380 | - | |
| qualcomm | wcd9385 | - | |
| qualcomm | wsa8810 | - | |
| qualcomm | wsa8815 | - | |
| qualcomm | wsa8830 | - | |
| qualcomm | wsa8832 | - | |
| qualcomm | wsa8835 | - | |
| qualcomm | wsa8840 | - | |
| qualcomm | wsa8845 | - | |
| qualcomm | wsa8845h | - | |
| qualcomm | x2000077 | - | |
| qualcomm | x2000086 | - | |
| qualcomm | x2000090 | - | |
| qualcomm | x2000092 | - | |
| qualcomm | x2000094 | - | |
| qualcomm | xg101002 | - | |
| qualcomm | xg101032 | - | |
| qualcomm | xg101039 | - | |
References
CWEs
CWE-367
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.