CVE-2025-59606
published 2026-06-01CVE-2025-59606: Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
PriorityP343high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.07%
0.1th percentile
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Affected
102 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Qualcomm Snapdragon Auto up to XG101039 null pointer dereference (WID-SEC-2026-1772)
vuldb·2026-06-03·CVSS 7.8
CVE-2025-59606 [HIGH] Qualcomm Snapdragon Auto up to XG101039 null pointer dereference (WID-SEC-2026-1772)
A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile. This affects an unknown function. The manipulation results in null pointer dereference.
This vulnerability is reported as CVE-2025-59606. The attack requires a local approach. No exploit exists.
You should upgrade the affected component.
GHSA
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
ghsa_unreviewed·2026-06-02
CVE-2025-59606 [HIGH] CWE-476 Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-06-01
Published