What is CVE-2026-24085?

CVE-2026-24085 is a high-severity vulnerability in Qualcomm 5g_fixed_wireless_access_platform, classified under Stack-based Buffer Overflow. CVSS score: 7.2/10. Published 2026-06-01.

How severe is CVE-2026-24085?

High severity. CVSS v3 base score is 7.2 out of 10.

Buffer overflow in Qualcomm 5g_fixed_wireless_access_platform

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable.

Vulnerability class: Buffer Overflow

EPSS: 0.000 (2.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Qualcomm 5g_fixed_wireless_access_platform
Qualcomm 5g_fixed_wireless_access_platform_firmware
Qualcomm Apq8098
Qualcomm Apq8098_firmware
Qualcomm Ar8031
Qualcomm Ar8031_firmware
Qualcomm Ar8035
Qualcomm Ar8035_firmware
Qualcomm Cologne
Qualcomm Cologne_firmware

Weakness classification (CWE)

CWE-121 — Stack-based Buffer Overflow

References

product-security@qualcomm.com (Patch, Vendor Advisory)

Frequently asked questions

What is CVE-2026-24085?: CVE-2026-24085 is a high-severity vulnerability in Qualcomm 5g_fixed_wireless_access_platform, classified under Stack-based Buffer Overflow. CVSS score: 7.2/10. Published 2026-06-01.
How severe is CVE-2026-24085?: High severity. CVSS v3 base score is 7.2 out of 10.