CVE-2026-21385

high-risk

Published 2026-03-02

Memory corruption while using alignments for memory allocation.

Do I need to act?

0.24% chance of exploitation

EPSS score — low exploit probability

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.8/10 High

LOCAL / LOW complexity

Sm7675P Firmware

Sm8475P Firmware

Sm8550P Firmware

Sm8635 Firmware

Sm8635P Firmware

Sm8650Q Firmware

Sm8750P Firmware

Smart Audio 400 Platform Firmware

Smart Display 200 Platform Firmware

Snapdragon 4 Gen 1 Mobile Platform Firmware

Snapdragon 4 Gen 2 Mobile Platform Firmware

Snapdragon 429 Mobile Platform Firmware

Snapdragon 460 Mobile Platform Firmware

Snapdragon 480\+ 5G Mobile Platform Firmware

Snapdragon 480 5G Mobile Platform Firmware

Snapdragon 6 Gen 1 Mobile Platform Firmware

Snapdragon 6 Gen 3 Mobile Platform Firmware

Snapdragon 6 Gen 4 Mobile Platform Firmware

Snapdragon 625 Mobile Platform Firmware

Snapdragon 626 Mobile Platform Firmware

Qualcomm

Patch https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bu...

Vendor Advisory https://source.android.com/docs/security/bulletin/2026/2026-03-01

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-...

/ 100

high-risk

Severity 24/34 · High

Exploitability 8/34 · Low

Exposure 33/34 · Critical