Qualcomm Android Graphics buffer over-read actively exploited memory corruption flaw (CVE-2026-21385)
Vulnerability
Summary
Hide ▲
Show ▼
A Qualcomm Graphics buffer over-read flaw, CVE-2026-21385, is being exploited in the wild in Android devices, creating high-severity risk for affected systems. Qualcomm described the bug as a memory corruption issue caused by adding user-supplied data without checking available buffer space, and Google said there are signs of limited, targeted exploitation. The issue was reported through Google's Android Security team on December 18, 2025, and March 2026 Android fixes are available for affected devices.
Related Happenings
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
Vulnerability
H score32
First: 07.07.2026 19:37
Last: 07.07.2026 19:37
Sources 1
About this happening:
**Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...
Google Dialogflow CX Code Blocks shared-runtime isolation security flaw
VulnerabilityAbout this happening: **Google Dialogflow CX Code Blocks** had a shared-runtime isolation flaw that could let one editable agent affect other **Code Block-enabled agents** in the same **Google Cloud pr...
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
Vulnerability
H score40
First: 02.06.2026 14:10
Last: 02.06.2026 14:10
Sources 1
About this happening:
Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Android Framework code execution and privilege escalation flaw (CVE-2025-48595)
VulnerabilityAbout this happening: Google's **June 2026 Android security patches** now cover **CVE-2025-48595**, an **actively exploited Android Framework** flaw that can lead to **code execution** and **privilege...
Google expands Binary Transparency for Android for production app verification
Security Tool/Service
H score11
First: 06.05.2026 12:13
Last: 06.05.2026 12:13
Sources 1
About this happening:
Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...
Google expands Binary Transparency for Android for production app verification
Security Tool/ServiceAbout this happening: Google expanded **Binary Transparency for Android**, adding a public verification system that helps detect unauthorized or modified Google app binaries. The rollout covers product...
Google overhauls Android and Chrome bug bounty programs
Commercial Activity
H score0
First: 05.05.2026 14:24
Last: 05.05.2026 14:24
Sources 1
About this happening:
**Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
Google overhauls Android and Chrome bug bounty programs
Commercial ActivityAbout this happening: **Google** overhauls its **Android and Chrome** vulnerability rewards programs, reshaping payout tiers for **exploit research** and raising top rewards to **$1.5 million**. The ch...
Perseus Android note-stealing and remote-control malware activity
Malware Activity
H score21
First: 19.03.2026 12:13
Last: 19.03.2026 12:13
Sources 1
About this happening:
The **Perseus** Android malware is now being used to inspect user notes for secrets, creating theft risk for **passwords**, **recovery phrases**, and **financial data**. It is als...
Perseus Android note-stealing and remote-control malware activity
Malware ActivityAbout this happening: The **Perseus** Android malware is now being used to inspect user notes for secrets, creating theft risk for **passwords**, **recovery phrases**, and **financial data**. It is als...
Timeline
-
03.03.2026 09:08 1 articles · 4mo ago
Google Android Security team reports CVE-2026-21385 to Qualcomm
Technical Analysis UpdateGoogle's Android Security team reports CVE-2026-21385 to Qualcomm on December 18, 2025, and Qualcomm characterizes the open-source Qualcomm Android Graphics component flaw as a buffer over-read / integer overflow that can cause memory corruption.
Show sources
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited — thehackernews.com — 03.03.2026 09:08
-
03.03.2026 09:08 1 articles · 4mo ago
Qualcomm notifies customers of the security defect
Initial DisclosureQualcomm notifies customers of the security defect on February 2, 2026 after the report through Google's Android Security team.
Show sources
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited — thehackernews.com — 03.03.2026 09:08
-
03.03.2026 09:08 2 articles · 4mo ago
Google discloses in-the-wild exploitation of CVE-2026-21385
Initial DisclosureGoogle publicly discloses on March 3, 2026 that CVE-2026-21385 in an open-source Qualcomm component used in Android devices has been exploited in the wild, with indications that the flaw may be under limited, targeted exploitation; Google's March 2026 Android security bulletin also includes 129 vulnerability fixes and patch levels 2026-03-01 and 2026-03-05.
Show sources
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited — thehackernews.com — 03.03.2026 09:08
- Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited — thehackernews.com — 03.03.2026 09:08