CVE-2026-21385 - Vulnerability Analysis

ZEN SecDB

@secdb

Mar 4, 2026

🚨 [CISA-2026:0303] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0303) CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. ⚠️ CVE-2026-21385 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21385) - Name: Qualcomm Multiple Chipsets Memory Corruption Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Qualcomm - Product: Multiple Chipsets - Notes: https://source.android.com/docs/security/bulletin/2026/2026-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21385 ⚠️ CVE-2026-22719 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22719) - Name: Broadcom VMware Aria Operations Command Injection Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Broadcom - Product: VMware Aria Operations - Notes: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ; https://knowledge.broadcom.com/external/article/430349 ; https://nvd.nist.gov/vuln/detail/CVE-2026-22719 #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260303 #cisa20260303 #cve_2026_21385 #cve_2026_22719 #cve202621385 #cve202622719

Undercode News

@undercodenews

Mar 3, 2026

Qualcomm Zero-Day CVE-2026-21385 Exploited in Targeted Android Attacks as Spyware Suspicions Rise A High-Severity Android Vulnerability Sparks Quiet Alarm Across the Security Industry A newly disclosed zero-day vulnerability in Qualcomm chipsets is drawing serious attention after evidence emerged that it has already been exploited in limited and targeted attacks. The flaw, tracked as CVE-2026-21385, affects Android devices powered by a broad range of Qualcomm… https://undercodenews.com/qualcomm-zero-day-cve-2026-21385-exploited-in-targeted-android-attacks-as-spyware-suspicions-rise/

CISA KEV Tracker

@cisakevtracker

Mar 3, 2026

CVE ID: CVE-2026-21385 Vendor: Qualcomm Product: Multiple Chipsets Date Added: 2026-03-03 Notes: https://source.android.com/docs/security/bulletin/2026/2026-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21385 CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-21385

OverSecurity

@oversecurity

Mar 3, 2026

Aggiornamenti Android marzo 2026, corretta una zero-day già sfruttata: cosa fare subito Google ha rilasciato l’Android Security Bulletin di marzo 2026, il più corposo dell’anno: 129 vulnerabilità corrette di cui una, la CVE-2026-21385... 🔗️ [Cybersecurity360] https://link.is.it/AC1JZ9

The Threat Codex

@threatcodex

Mar 3, 2026

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. #CVE_2026_21385 https://securityaffairs.com/188823/security/android-devices-hit-by-exploited-qualcomm-flaw-cve-2026-21385.html

BeyondMachines :verified:

@beyondmachines1

Mar 3, 2026

Google Android March 2026 Security Bulletin Patches 129 Vulnerabilities, One Actively Exploited Qualcomm Flaw Google's March 2026 Android Security Bulletin patches 129 vulnerabilities, including a critical RCE flaw (CVE-2026-0006) requiring no user interaction and multiple CVSS 9.0 privilege escalation bugs in the kernel virtualization layer. A Qualcomm Display component vulnerability (CVE-2026-21385) is already being actively exploited in targeted attacks in the wild. **An critical update for Android, with actively exploited flaw patched. Most users can't rush the patch because their vendors may not have released an updated version of Android for their devices. Do not delay the update to your Android when the you see the alert that an update is available. Your device may be targeted via the Qualcomm flaw.** #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/march-2026-android-security-bulletin-patches-129-vulnerabilities-one-actively-exploited-qualcomm-flaw-s-u-0-2-i/gD2P6Ple2L

Yazoul Alerts

@Matchbook3469

Mar 3, 2026

⚠️ THREAT INTELLIGENCE New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel Vulnerability | HIGH CVEs: CVE-2026-0628, CVE-2026-21385 Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm... Full analysis: https://yazoul.net/news/news/new-chrome-vulnerability-let-malicious-extensions-escalate-privileges-via-gemini #CyberSecurity #CVE #SecurityOps

Jeff Hall - PCIGuru :verified:

@jbhall56

Mar 3, 2026

The exploited flaw, tracked as CVE-2026-21385 (CVSS score of 7.8) and impacting the graphics component of over 200 Qualcomm chipsets, is described as an integer overflow or wraparound issue leading to memory corruption while using alignments for memory allocation. https://www.securityweek.com/android-update-patches-exploited-qualcomm-zero-day/

ZEN SecDB

@secdb

Mar 4, 2026

🚨 [CISA-2026:0303] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0303) CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. ⚠️ CVE-2026-21385 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21385) - Name: Qualcomm Multiple Chipsets Memory Corruption Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Qualcomm - Product: Multiple Chipsets - Notes: https://source.android.com/docs/security/bulletin/2026/2026-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21385 ⚠️ CVE-2026-22719 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-22719) - Name: Broadcom VMware Aria Operations Command Injection Vulnerability - Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. - Known To Be Used in Ransomware Campaigns? Unknown - Vendor: Broadcom - Product: VMware Aria Operations - Notes: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ; https://knowledge.broadcom.com/external/article/430349 ; https://nvd.nist.gov/vuln/detail/CVE-2026-22719 #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260303 #cisa20260303 #cve_2026_21385 #cve_2026_22719 #cve202621385 #cve202622719

CISA KEV Tracker

@cisakevtracker

Mar 3, 2026

CVE ID: CVE-2026-21385 Vendor: Qualcomm Product: Multiple Chipsets Date Added: 2026-03-03 Notes: https://source.android.com/docs/security/bulletin/2026/2026-03-01 ; https://nvd.nist.gov/vuln/detail/CVE-2026-21385 CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-21385

OverSecurity

@oversecurity

Mar 3, 2026

Aggiornamenti Android marzo 2026, corretta una zero-day già sfruttata: cosa fare subito Google ha rilasciato l’Android Security Bulletin di marzo 2026, il più corposo dell’anno: 129 vulnerabilità corrette di cui una, la CVE-2026-21385... 🔗️ [Cybersecurity360] https://link.is.it/AC1JZ9

The Threat Codex

@threatcodex

Mar 3, 2026

Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. #CVE_2026_21385 https://securityaffairs.com/188823/security/android-devices-hit-by-exploited-qualcomm-flaw-cve-2026-21385.html

BeyondMachines :verified:

@beyondmachines1

Mar 3, 2026

Google Android March 2026 Security Bulletin Patches 129 Vulnerabilities, One Actively Exploited Qualcomm Flaw Google's March 2026 Android Security Bulletin patches 129 vulnerabilities, including a critical RCE flaw (CVE-2026-0006) requiring no user interaction and multiple CVSS 9.0 privilege escalation bugs in the kernel virtualization layer. A Qualcomm Display component vulnerability (CVE-2026-21385) is already being actively exploited in targeted attacks in the wild. **An critical update for Android, with actively exploited flaw patched. Most users can't rush the patch because their vendors may not have released an updated version of Android for their devices. Do not delay the update to your Android when the you see the alert that an update is available. Your device may be targeted via the Qualcomm flaw.** #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/march-2026-android-security-bulletin-patches-129-vulnerabilities-one-actively-exploited-qualcomm-flaw-s-u-0-2-i/gD2P6Ple2L

Jeff Hall - PCIGuru :verified:

@jbhall56

Mar 3, 2026

The exploited flaw, tracked as CVE-2026-21385 (CVSS score of 7.8) and impacting the graphics component of over 200 Qualcomm chipsets, is described as an integer overflow or wraparound issue leading to memory corruption while using alignments for memory allocation. https://www.securityweek.com/android-update-patches-exploited-qualcomm-zero-day/

TheHackerWire

@thehackerwire

Mar 2, 2026

🟠 CVE-2026-21385 - High (7.8) Memory corruption while using alignments for memory allocation. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21385/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack