Find notable cyber news and cases, enriched with sources, timelines, and signals.

Qualcomm Android Graphics buffer over-read actively exploited memory corruption flaw (CVE-2026-21385)

Vulnerability
First reported
Last updated
Happening score
H score 21
1 unique sources, 1 articles

Summary

Hide ▲

A Qualcomm Graphics buffer over-read flaw, CVE-2026-21385, is being exploited in the wild in Android devices, creating high-severity risk for affected systems. Qualcomm described the bug as a memory corruption issue caused by adding user-supplied data without checking available buffer space, and Google said there are signs of limited, targeted exploitation. The issue was reported through Google's Android Security team on December 18, 2025, and March 2026 Android fixes are available for affected devices.

Related Happenings

Google Dialogflow CX Code Blocks shared-runtime isolation security flaw

Vulnerability
H score32 First: 07.07.2026 19:37 Last: 07.07.2026 19:37 Sources 1

About this happening: **Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...

Android Framework code execution and privilege escalation flaw (CVE-2025-48595)

Vulnerability
H score40 First: 02.06.2026 14:10 Last: 02.06.2026 14:10 Sources 1

About this happening: Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...

Google expands Binary Transparency for Android for production app verification

Security Tool/Service
H score11 First: 06.05.2026 12:13 Last: 06.05.2026 12:13 Sources 1

About this happening: Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...

Google overhauls Android and Chrome bug bounty programs

Commercial Activity
H score0 First: 05.05.2026 14:24 Last: 05.05.2026 14:24 Sources 1

About this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...

Perseus Android note-stealing and remote-control malware activity

Malware Activity
H score21 First: 19.03.2026 12:13 Last: 19.03.2026 12:13 Sources 1

About this happening: The **Perseus** Android malware is now being used to inspect user notes for secrets, creating theft risk for **passwords**, **recovery phrases**, and **financial data**. It is als...

Timeline

  1. 03.03.2026 09:08 1 articles · 4mo ago

    Google Android Security team reports CVE-2026-21385 to Qualcomm

    Technical Analysis Update

    Google's Android Security team reports CVE-2026-21385 to Qualcomm on December 18, 2025, and Qualcomm characterizes the open-source Qualcomm Android Graphics component flaw as a buffer over-read / integer overflow that can cause memory corruption.

    Show sources
  2. 03.03.2026 09:08 2 articles · 4mo ago

    Google discloses in-the-wild exploitation of CVE-2026-21385

    Initial Disclosure

    Google publicly discloses on March 3, 2026 that CVE-2026-21385 in an open-source Qualcomm component used in Android devices has been exploited in the wild, with indications that the flaw may be under limited, targeted exploitation; Google's March 2026 Android security bulletin also includes 129 vulnerability fixes and patch levels 2026-03-01 and 2026-03-05.

    Show sources