PULSE
LIVE18signals / 24h
FEED
ransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomthegentlemen reclama a Military Sealift Command · US · Transportation/Logisticsransomthegentlemen reclama a Advantage Home Health Care · US · Healthcareransomthegentlemen reclama a Sunway Scientific · TW · Manufacturingransomqilin reclama a Cafar · AR · Agriculture and Food Productionransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Services
← All CVEs
CVE Watch

CVE-2025-27038

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

CVSS

No CVSS

EPSS

0.8%

p53

KEV

YES

Jun 3, 2025

Exploit Today

66

0-100

Published: · Last modified:

EPSS · 30d
0.8%EPSS · 30 days0.8%
2026-06-302026-07-17
KEV catalog record

Product

Qualcomm / Multiple Chipsets

Vulnerability

Qualcomm Multiple Chipsets Use-After-Free Vulnerability

Added to KEV

Jun 3, 2025

Remediate by

Jun 24, 2025

Known ransomware use

No

Summary description

Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome.

Required action

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Notes

Please check with specific vendors (OEMs,) for information on patching status. For more information, please see: https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2025-bulletin.html ; https://nvd.nist.gov/vuln/detail/CVE-2025-27038

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-1905
63.3%
KEV69Qualcomm Multiple Chipsets Use-After-Free Vulnerability
CVE-2026-21385
61.0%
KEV68Qualcomm Multiple Chipsets Memory Corruption Vulnerability
CVE-2023-33107
55.4%
KEV67Qualcomm Multiple Chipsets Integer Overflow Vulnerability
CVE-2023-33106
54.2%
KEV66Qualcomm Multiple Chipsets Use of Out-of-Range Pointer Offset Vulnerability
CVE-2025-21479
51.7%
KEV66Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
CVE-2023-33063
49.0%
KEV65Qualcomm Multiple Chipsets Use-After-Free Vulnerability