Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Qualcomm Android Graphics buffer over-read actively exploited memory corruption flaw (CVE-2026-21385)

Vulnerability
First reported
Last updated
Happening score
H score 29
1 unique sources, 1 articles

Summary

Hide ▲

A Qualcomm Graphics buffer over-read flaw, CVE-2026-21385, is being exploited in the wild in Android devices, creating high-severity risk for affected systems. Qualcomm described the bug as a memory corruption issue caused by adding user-supplied data without checking available buffer space, and Google said there are signs of limited, targeted exploitation. The issue was reported through Google's Android Security team on December 18, 2025, and March 2026 Android fixes are available for affected devices.

Related Happenings

Google expands Binary Transparency for Android for production app verification

Security Tool/Service
First: 06.05.2026 12:13 Last: 06.05.2026 12:13 Sources 1

About this happening: Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...

Open Happening

Google overhauls Android and Chrome bug bounty programs

Commercial Activity
First: 05.05.2026 14:24 Last: 05.05.2026 14:24 Sources 1

About this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...

Open Happening

Perseus Android note-stealing and remote-control malware activity

Malware Activity
First: 19.03.2026 12:13 Last: 19.03.2026 12:13 Sources 1

About this happening: The **Perseus** Android malware is now being used to inspect user notes for secrets, creating theft risk for **passwords**, **recovery phrases**, and **financial data**. It is als...

Open Happening

Google Looker Studio cross-tenant SQL injection flaws SQL injection flaw

Vulnerability
First: 10.03.2026 15:20 Last: 10.03.2026 15:20 Sources 1

About this happening: Researchers disclosed **nine cross-tenant vulnerabilities** in **Google Looker Studio** that could let attackers run **arbitrary SQL queries** on victims' databases and exfiltrate...

Open Happening

Google Play Protect and Play Integrity API expand Android anti-abuse controls in 2025

Security Tool/Service
First: 19.02.2026 19:00 Last: 19.02.2026 19:00 Sources 1

About this happening: Google expanded **Play Protect** and **Play Integrity API** anti-abuse controls for Android apps in **2025**, strengthening protection across the app ecosystem. The update matters...

Open Happening

Timeline

  1. 03.03.2026 09:08 1 articles · 2mo ago

    Google Android Security team reports CVE-2026-21385 to Qualcomm

    Technical Analysis Update

    Google's Android Security team reports CVE-2026-21385 to Qualcomm on December 18, 2025, and Qualcomm characterizes the open-source Qualcomm Android Graphics component flaw as a buffer over-read / integer overflow that can cause memory corruption.

    Show sources
    Open in new tab
  3. 03.03.2026 09:08 2 articles · 2mo ago

    Google discloses in-the-wild exploitation of CVE-2026-21385

    Initial Disclosure

    Google publicly discloses on March 3, 2026 that CVE-2026-21385 in an open-source Qualcomm component used in Android devices has been exploited in the wild, with indications that the flaw may be under limited, targeted exploitation; Google's March 2026 Android security bulletin also includes 129 vulnerability fixes and patch levels 2026-03-01 and 2026-03-05.

    Show sources
    Open in new tab