A newly disclosed zero-day vulnerability (CVE-2026-21385, CVSS 7.8 HIGH) in Qualcomm graphics components allows memory corruption via improperly handled user data, enabling code execution and bypassing app-level defenses. The flaw affects specific Qualcomm chipset firmware versions, including sm7675p_firmware, sm8475p_firmware, sm8550p_firmware, sm8635_firmware, and sm8635p_firmware. The article emphasizes the critical need for timely Android security updates and enhanced mobile endpoint monitoring due to active exploitation.
A newly disclosed zero-day vulnerability affecting Qualcomm graphics components has been actively exploited in targeted attacks against Android devices. The flaw, tracked as CVE-2026-21385, can trigger memory corruption through improperly handled user data, potentially enabling attackers to execute malicious code or gain unauthorized access to the device. The issue affects hundreds of Qualcomm chipsets used across a wide range of Android smartphones and tablets. Because the vulnerability resides in low-level hardware components, exploitation can bypass many traditional app-level defenses. The incident highlights the importance of timely Android security updates and stronger monitoring of mobile endpoint behavior.