CVE-2026-21385 – Qualcomm Graphics Component Memory Corruption

A security update for Android addresses CVE-2026-21385, a memory corruption vulnerability affecting memory allocation alignment handling within the Android platform. Improper memory management can allow a locally authenticated attacker to trigger corruption conditions that compromise the integrity of the system’s memory structures.

Successful exploitation could allow an attacker to escalate privileges and execute arbitrary code on the device. This could expose sensitive data, alter system operations, or cause system instability. The CVSS score is 7.8, which is High severity.

This vulnerability has been observed in real-world exploitation and is listed in the Known Exploited Vulnerabilities catalog. Android security updates correct the memory handling logic to prevent corruption during aligned memory allocation operations.