CVE-2026-25266
published 2026-05-04CVE-2026-25266: Memory corruption while processing IOCTL command when device is in power-save state.
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.07%
0.1th percentile
Memory corruption while processing IOCTL command when device is in power-save state.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
| qualcomm_inc | snapdragon | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x7h5-vhw2-pmff: Memory corruption while processing IOCTL command when device is in power-save state
ghsa_unreviewed·2026-05-04
CVE-2026-25266 [MEDIUM] CWE-749 GHSA-x7h5-vhw2-pmff: Memory corruption while processing IOCTL command when device is in power-save state
Memory corruption while processing IOCTL command when device is in power-save state.
VulDB
Qualcomm Snapdragon CCW up to XG101039 ioctl Command routine
vuldb·2026-05-04·CVSS 5.5
CVE-2026-25266 [MEDIUM] Qualcomm Snapdragon CCW up to XG101039 ioctl Command routine
A vulnerability was found in Qualcomm Snapdragon CCW, Snapdragon Compute, Snapdragon Connectivity and Snapdragon MC and classified as critical. Affected by this vulnerability is an unknown functionality of the component ioctl Command Handler. Such manipulation leads to exposed dangerous routine.
This vulnerability is traded as CVE-2026-25266. An attack has to be approached locally. There is no exploit available.
It is suggested to upgrade the affected component.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-05-04
Published