Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
Qualcomm, Inc. Snapdragon unaffected
Version Status Constraints
Cologne affected
FastConnect 6200 affected
FastConnect 6700 affected
FastConnect 6900 affected
FastConnect 7800 affected
G2 Gen 1 affected
IQ6 Series Platform affected
IQ8 Series Platform affected
IQ9 Series Platform affected
LeMans_AU_LGIT affected
LeMansAU affected
Monaco_IOT affected
Netrani affected
Orne affected
Palawan25 affected
Pandeiro affected
QAM8255P affected
QAM8295P affected
QAM8620P affected
QAMSRV1H affected
QAMSRV1M affected
QCA6574 affected
QCA6574A affected
QCA6574AU affected
QCA6595 affected
QCA6595AU affected
QCA6678AQ affected
QCA6688AQ affected
QCA6696 affected
QCA6698AQ affected
QCA6797AQ affected
QCA8695AU affected
QCM5430 affected
QCM6490 affected
QLN1083BD affected
QLN1086BD affected
QMP1000 affected
QPA1083BD affected
QPA1086BD affected
Qualcomm Video Collaboration VC3 Platform affected
QXM1093 affected
QXM1094 affected
QXM1095 affected
QXM1096 affected
SA6145P affected
SA6150P affected
SA6155P affected
SA7255P affected
SA7775P affected
SA8145P affected
SA8150P affected
SA8155P affected
SA8195P affected
SA8255P affected
SA8295P affected
SA8540P affected
SA8620P affected
SA8770P affected
SA9000P affected
SAR1250P affected
SAR2230P affected
SM7435 affected
SM8750P affected
Snapdragon 4 Gen 2 Mobile Platform affected
Snapdragon 6 Gen 1 Mobile Platform affected
Snapdragon 6 Gen 3 Mobile Platform affected
Snapdragon 8 Elite affected
SRV1H affected
SRV1L affected
SRV1M affected
SXR2330P affected
SXR2350P affected
WCD9370 affected
WCD9375 affected
WCD9378 affected
WCD9378C affected
WCD9380 affected
WCD9385 affected
WCD9395 affected
WCN3950 affected
WCN3988 affected
WCN6755 affected
WCN7860 affected
WCN7861 affected
WCN7880 affected
WCN7881 affected
WSA8810 affected
WSA8815 affected
WSA8830 affected
WSA8832 affected
WSA8835 affected
WSA8840 affected
WSA8845 affected
WSA8845H affected
X2000077 affected
X2000086 affected
X2000090 affected
X2000092 affected
X2000094 affected
XG101002 affected
XG101032 affected
XG101039 affected

No data.

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2026-bulletin.html cve-icon cve-icon
History

Mon, 01 Jun 2026 22:30:00 +0000

Type Values Removed Values Added
Description Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Title NULL Pointer Dereference in HLOS
Weaknesses CWE-476
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: qualcomm

Published:

Updated: 2026-06-01T22:05:26.836Z

Reserved: 2025-09-18T03:19:23.201Z

Link: CVE-2025-59606

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-06-01T23:16:15.970

Modified: 2026-06-01T23:16:15.970

Link: CVE-2025-59606

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-02T02:00:14Z

Weaknesses