Memory Corruption when adding user-supplied data without checking available buffer space.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable no

Technical Impact total

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Qualcomm, Inc. Snapdragon unaffected
Version Status Constraints
AR8031 affected
AR8035 affected
CSRA6620 affected
CSRA6640 affected
FastConnect 6200 affected
FastConnect 6700 affected
FastConnect 6900 affected
FastConnect 7800 affected
G1 Gen 1 affected
G2 Gen 1 affected
IQ6 Series Platform affected
IQ8 Series Platform affected
IQ9 Series Platform affected
LeMans_AU_LGIT affected
LeMansAU affected
MDM9628 affected
Milos affected
Monaco_IOT affected
Netrani affected
Orne affected
Palawan25 affected
Pandeiro affected
QAM8255P affected
QAMSRV1H affected
QAMSRV1M affected
QCA2066 affected
QCA6174A affected
QCA6391 affected
QCA6564A affected
QCA6564AU affected
QCA6574 affected
QCA6574A affected
QCA6574AU affected
QCA6595 affected
QCA6595AU affected
QCA6688AQ affected
QCA6696 affected
QCA6698AQ affected
QCA8081 affected
QCA8337 affected
QCM2290 affected
QCM4325 affected
QCM4490 affected
QCM5430 affected
QCM6125 affected
QCM6490 affected
QCN6024 affected
QCN9011 affected
QCN9012 affected
QCN9024 affected
QCS2290 affected
QCS4290 affected
QCS4490 affected
QCS8550 affected
QLN1083BD affected
QLN1086BD affected
QMP1000 affected
QPA1083BD affected
QPA1086BD affected
Qualcomm Video Collaboration VC1 Platform affected
Qualcomm Video Collaboration VC3 Platform affected
Qualcomm Video Collaboration VC5 Platform affected
QXM1083 affected
QXM1086 affected
QXM1093 affected
QXM1094 affected
QXM1095 affected
QXM1096 affected
SA4150P affected
SA4155P affected
SA6145P affected
SA6150P affected
SA6155P affected
SA7255P affected
SA7775P affected
SA8145P affected
SA8150P affected
SA8155P affected
SA8195P affected
SA8255P affected
SA8620P affected
SA8770P affected
SA9000P affected
SAR1165P affected
SAR1250P affected
SAR2130P affected
SAR2230P affected
SC8380XP affected
SD662 affected
SD865 5G affected
SDX61 affected
SM6225P affected
SM6650P affected
SM7435 affected
SM7635P affected
SM7675 affected
SM7675P affected
SM8635 affected
SM8635P affected
SM8650Q affected
SM8750P affected
Smart Audio 400 Platform affected
Snapdragon 4 Gen 1 Mobile Platform affected
Snapdragon 4 Gen 2 Mobile Platform affected
Snapdragon 460 Mobile Platform affected
Snapdragon 480 5G Mobile Platform affected
Snapdragon 480+ 5G Mobile Platform affected
Snapdragon 6 Gen 1 Mobile Platform affected
Snapdragon 6 Gen 3 Mobile Platform affected
Snapdragon 6 Gen 4 Mobile Platform affected
Snapdragon 662 Mobile Platform affected
Snapdragon 680 4G Mobile Platform affected
Snapdragon 685 4G Mobile Platform affected
Snapdragon 695 5G Mobile Platform affected
Snapdragon 7s Gen 3 Mobile Platform affected
Snapdragon 8 Elite affected
Snapdragon 8 Elite Gen 5 affected
Snapdragon 8 Gen 3 Mobile Platform affected
Snapdragon AR1 Gen 1 Platform affected
Snapdragon AR1+ Gen 1 Platform affected
Snapdragon W5+ Gen 1 Wearable Platform affected
Snapdragon X65 5G Modem-RF System affected
Snapdragon XR2 5G Platform affected
Snapdragon XR2+ Gen 1 Platform affected
SRV1H affected
SRV1M affected
SW5100 affected
SW5100P affected
SW6100 affected
SW6100P affected
SXR2230P affected
SXR2250P affected
SXR2330P affected
SXR2350P affected
Themisto affected
WCD9335 affected
WCD9370 affected
WCD9375 affected
WCD9378 affected
WCD9380 affected
WCD9385 affected
WCD9390 affected
WCD9395 affected
WCN3910 affected
WCN3950 affected
WCN3980 affected
WCN3988 affected
WCN6450 affected
WCN6650 affected
WCN6755 affected
WCN7860 affected
WCN7861 affected
WCN7880 affected
WCN7881 affected
WSA8810 affected
WSA8815 affected
WSA8830 affected
WSA8832 affected
WSA8835 affected
WSA8840 affected
WSA8845 affected
WSA8845H affected

No data.

No data.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/march-2026-bulletin.html cve-icon cve-icon
History

Mon, 02 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 02 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Description Memory Corruption when adding user-supplied data without checking available buffer space.
Title Buffer Over-read in Graphics
Weaknesses CWE-126
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2026-03-02T19:48:57.685Z

Reserved: 2025-09-18T03:19:23.200Z

Link: CVE-2025-59600

cve-icon Vulnrichment

Updated: 2026-03-02T19:48:52.800Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-02T17:16:28.020

Modified: 2026-03-02T20:29:29.330

Link: CVE-2025-59600

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses