Main Vulnerability Database SB2026020406

SB2026020406 - Multiple vulnerabilities in Qualcomm chipsets (February 2026)

Published: February 4, 2026

Security Bulletin ID SB2026020406

Severity

Medium

Patch available

YES

Number of vulnerabilities 9

Exploitation vector Adjecent network

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Use After Free (CVE-ID: CVE-2025-47358)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Secure Processor. A local application can execute arbitrary code.

2) Use After Free (CVE-ID: CVE-2025-47359)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Secure Processor. A local application can execute arbitrary code.

3) Integer overflow (CVE-ID: CVE-2025-47363)

The vulnerability allows a local attacker to execute arbitrary code.

The vulnerability exists due to improper input validation in Automotive. A local attacker can execute arbitrary code.

4) Integer overflow (CVE-ID: CVE-2025-47364)

The vulnerability allows a local attacker to execute arbitrary code.

The vulnerability exists due to improper input validation in Automotive. A local attacker can execute arbitrary code.

5) Exposed Dangerous Method or Function (CVE-ID: CVE-2025-47366)

The vulnerability allows a local application to read and manipulate data.

The vulnerability exists due to improper input validation in HLOS. A local application can read and manipulate data.

6) Buffer overflow (CVE-ID: CVE-2025-47399)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.

7) Buffer over-read (CVE-ID: CVE-2025-47402)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation in WLAN Firmware. A remote attacker can perform a denial of service (DoS) attack.

8) Missing release of memory after effective lifetime (CVE-ID: CVE-2025-47397)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.

9) Use After Free (CVE-ID: CVE-2025-47398)

The vulnerability allows a local application to execute arbitrary code.

The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.

Remediation

Install update from vendor's website.

References

https://docs.qualcomm.com/securitybulletin/february-2026-bulletin.html

Vulnerable Software

FastConnect 6900: All versions
FastConnect 7800: All versions
QCC2072: All versions
SC8380XP: All versions
Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB: All versions
WCD9378C: All versions
WCD9380: All versions
WCD9385: All versions
WSA8830: All versions
WSA8835: All versions
WSA8840: All versions
WSA8845: All versions
WSA8845H: All versions
X2000077: All versions
X2000086: All versions
X2000090: All versions
X2000092: All versions
X2000094: All versions
XG101002: All versions
XG101032: All versions
XG101039: All versions
Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-BB): All versions
AQT1000: All versions
FastConnect 6200: All versions
FastConnect 6800: All versions
QCA6391: All versions
QCA6420: All versions
QCA6430: All versions
Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite": All versions
Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite": All versions
Snapdragon 8cx Compute Platform (SC8180X-AA: All versions
Snapdragon 8cx Compute Platform (SC8180XP-AC: All versions
Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC: All versions
Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA: All versions
WCD9340: All versions
WCD9341: All versions
WSA8810: All versions
WSA8815: All versions
Snapdragon 8cx Compute Platform (SC8180X-AB): All versions
Snapdragon 8cx Compute Platform (SC8180XP-AF): All versions
Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AF): All versions
Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AB): All versions
QAM8255P: All versions
QAM8295P: All versions
QAM8620P: All versions
QAM8650P: All versions
QAM8775P: All versions
QAMSRV1H: All versions
QAMSRV1M: All versions
QCA6574AU: All versions
QCA6595: All versions
QCA6595AU: All versions
QCA6688AQ: All versions
QCA6696: All versions
QCA6698AQ: All versions
QCA6797AQ: All versions
QCA8695AU: All versions
SA6145P: All versions
SA6150P: All versions
SA6155P: All versions
SA7255P: All versions
SA7775P: All versions
SA8145P: All versions
SA8150P: All versions
SA8155P: All versions
SA8195P: All versions
SA8255P: All versions
SA8295P: All versions
SA8540P: All versions
SA8620P: All versions
SA8650P: All versions
SA8770P: All versions
SA8775P: All versions
SA9000P: All versions
SRV1H: All versions
SRV1L: All versions
SRV1M: All versions
AR8035: All versions
FastConnect 6700: All versions
Flight RB5 5G Platform: All versions
QCA6174A: All versions
QCA6574: All versions
QCA6574A: All versions
QCA6584AU: All versions
QCA6678AQ: All versions
QCA8081: All versions
QCA8337: All versions
QCC710: All versions
QCM4490: All versions
QCM5430: All versions
QCM6490: All versions
QCN6224: All versions
QCN6274: All versions
QCN9011: All versions
QCN9012: All versions
QCS4490: All versions
QCS5430: All versions
QCS615: All versions
QCS6490: All versions
QCS7230: All versions
QCS9100: All versions
QDU1010: All versions
QDX1010: All versions
QDX1011: All versions
QEP8111: All versions
QFW7114: All versions
QFW7124: All versions
QMP1000: All versions
QRB5165M: All versions
QRB5165N: All versions
QRU1032: All versions
QRU1052: All versions
QRU1062: All versions
Qualcomm Video Collaboration VC3 Platform: All versions
Qualcomm Video Collaboration VC5 Platform: All versions
Robotics RB5 Platform: All versions
SA4150P: All versions
SA4155P: All versions
SD 8 Gen1 5G: All versions
SG4150P: All versions
SM4635: All versions
SM6225P: All versions
SM6475: All versions
SM6650: All versions
SM6650P: All versions
SM7435: All versions
SM7635: All versions
SM7635P: All versions
SM7675: All versions
SM7675P: All versions
SM8475P: All versions
SM8635: All versions
SM8635P: All versions
SM8650Q: All versions
SM8735: All versions
SM8750: All versions
SM8750P: All versions
Snapdragon 4 Gen 1 Mobile Platform: All versions
Snapdragon 4 Gen 2 Mobile Platform: All versions
Snapdragon 460 Mobile Platform: All versions
Snapdragon 480 5G Mobile Platform: All versions
Snapdragon 480+ 5G Mobile Platform (SM4350-AC): All versions
Snapdragon 6 Gen 1 Mobile Platform: All versions
Snapdragon 662 Mobile Platform: All versions
Snapdragon 680 4G Mobile Platform: All versions
Snapdragon 685 4G Mobile Platform (SM6225-AD): All versions
Snapdragon 695 5G Mobile Platform: All versions
Snapdragon 7 Gen 1 Mobile Platform: All versions
Snapdragon 7+ Gen 2 Mobile Platform: All versions
Snapdragon 8 Gen 1 Mobile Platform: All versions
Snapdragon 8 Gen 3 Mobile Platform: All versions
Snapdragon 8+ Gen 1 Mobile Platform: All versions
Snapdragon AR1 Gen 1 Platform: All versions
Snapdragon AR1 Gen 1 Platform "Luna1": All versions
Snapdragon AR2 Gen 1 Platform: All versions
Snapdragon Auto 5G Modem-RF Gen 2: All versions
Snapdragon W5+ Gen 1 Wearable Platform: All versions
Snapdragon X32 5G Modem-RF System: All versions
Snapdragon X35 5G Modem-RF System: All versions
Snapdragon X72 5G Modem-RF System: All versions
Snapdragon X75 5G Modem-RF System: All versions
SSG2115P: All versions
SSG2125P: All versions
SW5100: All versions
SW5100P: All versions
SXR1230P: All versions
SXR2230P: All versions
SXR2250P: All versions
SXR2330P: All versions
SXR2350P: All versions
WCD9370: All versions
WCD9375: All versions
WCD9378: All versions
WCD9390: All versions
WCD9395: All versions
WCN3910: All versions
WCN3950: All versions
WCN3988: All versions
WCN6650: All versions
WCN6740: All versions
WCN6755: All versions
WCN7750: All versions
WCN7860: All versions
WCN7861: All versions
WCN7880: All versions
WCN7881: All versions
WSA8832: All versions
Cologne: All versions
FWA Gen 3 Ultra Platform: All versions
LeMans_AU_LGIT: All versions
LeMansAU: All versions
Orne: All versions
Palawan25: All versions
QCA6554A: All versions
QCA6564AU: All versions
QCA6698AU: All versions
QCA6777AQ: All versions
QCA6787AQ: All versions
QCC2073: All versions
QCC2076: All versions
QCS8550: All versions
SAR2130P: All versions
Snapdragon 8 Elite: All versions
AR8031: All versions
CSRA6620: All versions
CSRA6640: All versions
G1 Gen 1: All versions
G2 Gen 1: All versions
IQ6 Series Platform: All versions
IQ8 Series Platform: All versions
IQ9 Series Platform: All versions
Milos: All versions
Monaco_IOT: All versions
Netrani: All versions
QCA2066: All versions
QCM2290: All versions
QCM4325: All versions
QCM6125: All versions
QCS2290: All versions
QCS4290: All versions
Qualcomm Video Collaboration VC1 Platform: All versions
SD662: All versions
SM7550: All versions
SM7550P: All versions
SM8550P: All versions
Smart Audio 400 Platform: All versions
Snapdragon 480+ 5G Mobile Platform: All versions
Snapdragon 6 Gen 3 Mobile Platform: All versions
Snapdragon 6 Gen 4 Mobile Platform: All versions
Snapdragon 685 4G Mobile Platform: All versions
Snapdragon 7s Gen 3 Mobile Platform: All versions
Snapdragon 8 Gen 2 Mobile Platform: All versions
Snapdragon 8+ Gen 2 Mobile Platform: All versions
WCD9335: All versions
WCD9371: All versions
WCN3980: All versions
QCS410: All versions
Robotics RB2 Platform: All versions
SDA660: All versions
Snapdragon 660 Mobile Platform: All versions
WCN3990: All versions

SB2026020406 - Multiple vulnerabilities in Qualcomm chipsets (February 2026)

Breakdown by Severity

Description

Remediation

References

Please verify you're human