Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild.
The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component.
„Memory corruption when adding user-supplied data without checking available buffer space,“ Qualcomm said in an advisory,
https://thehackernews.com/2026/03/google-confirms-cve-2026-21385-in.html