These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2026-21385 is a Qualcomm memory corruption vulnerability affecting multiple chipsets and was added to CISA’s Known Exploited Vulnerabilities catalog on 2026-03-03. In practical terms, this is a high-priority issue for organizations that use affected Qualcomm-based devices, especially where patching depends on downstream OEM release timing.
CVE-2025-27038 is a Qualcomm multiple-chipset use-after-free vulnerability that CISA added to its Known Exploited Vulnerabilities (KEV) catalog on 2025-06-03. The supplied public sources do not name the affected chipsets or provide deeper technical impact details, but the KEV listing means CISA considers it known exploited and has set a remediation due date of 2025-06-24 for covered federal systems.
CVE-2025-21480 is a Qualcomm incorrect authorization vulnerability affecting multiple chipsets. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-06-03, which makes this a high-priority remediation item for organizations that rely on Qualcomm-based devices or platforms. Because the supplied record does not include a CVSS score, use the KEV listing, vendor guidance, and OEM patch status [truncated]
CVE-2025-21479 is a Qualcomm incorrect authorization vulnerability affecting multiple chipsets. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2025-06-03, so organizations that rely on Qualcomm-based hardware should treat it as urgent and follow vendor mitigation guidance as soon as possible.
CVE-2024-43047 is a Qualcomm multiple-chipsets use-after-free vulnerability that CISA added to the Known Exploited Vulnerabilities (KEV) catalog on 2024-10-08. Public detail in the supplied corpus is limited, but the KEV listing indicates active exploitation concern and directs organizations to apply vendor remediations or mitigations, or discontinue use if remediation is unavailable.
CVE-2023-33107 is a Qualcomm Multiple Chipsets integer overflow vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2023-12-05. The available official material confirms known exploitation status and directs defenders to apply vendor remediations or mitigations, or discontinue use of the product if those are unavailable. The supplied corpus does not enumerate specific chipset mo [truncated]
CVE-2023-33106 is a Qualcomm Multiple Chipsets issue described as a use of out-of-range pointer offset vulnerability. CISA has added it to the Known Exploited Vulnerabilities catalog, so defenders should treat it as a live risk rather than a purely theoretical bug. Because CISA notes that the issue may affect a common open-source component, third-party library, or protocol used by different products, reme [truncated]
CVE-2023-33063 is a Qualcomm use-after-free vulnerability affecting multiple chipsets and listed by CISA in the Known Exploited Vulnerabilities catalog on 2023-12-05. Because it is in KEV, defenders should treat it as a priority issue for affected Qualcomm-based products and the vendors that incorporate those components. CISA’s guidance is to apply vendor remediations or mitigations, or discontinue use if [truncated]
CVE-2022-22071 is a Qualcomm multiple-chipset use-after-free vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2023-12-05. Because it is in the KEV catalog, defenders should treat it as a high-priority issue and verify whether any Qualcomm-based devices, embedded systems, or downstream products in their environment rely on the affected component or protocol. CISA’s guidance i [truncated]
CVE-2020-11261 is a Qualcomm improper input validation vulnerability affecting multiple Snapdragon product families, including Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music, and Wearables. CISA added it to the Known Exploited Vulnerabilities catalog, so defenders should treat it as a high-priority patching item and follow vendor remediation guidance.
CVE-2021-1906 is a Qualcomm vulnerability affecting multiple chipsets and identified by CISA as a known exploited vulnerability. Publicly available source material is limited, but the KEV listing makes this a patch-priority issue for any environment using Qualcomm-based devices or components. Organizations should identify exposed assets, follow vendor remediation guidance, and apply updates as soon as practical.
CVE-2021-1905 is a Qualcomm multiple-chipsets use-after-free vulnerability that CISA listed in the Known Exploited Vulnerabilities catalog on 2021-11-03. Because it is on the KEV list, organizations should treat it as a high-priority patching item and follow Qualcomm’s update guidance as soon as possible.