CVE-2026-21367

Name: CVE-2026-21367
Creator: NVD / NIST
Published: 2026-04-06T16:16:29.203+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 7.5/10EPSS 0.20%

Last modified Jun 17, 2026

CVE-2026-21367 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.. EPSS estimates a 0.20% chance of exploitation in the next 30 days.

Description

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

Metrics

CVSS 3.1

7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.20%

10.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-126

Affected Software

Vendor	Product	Versions
Qualcomm	Ar8035 Firmware	All versions
Qualcomm	Cologne Firmware	All versions
Qualcomm	Csr8811 Firmware	All versions
Qualcomm	Fastconnect 6200 Firmware	All versions
Qualcomm	Fastconnect 6700 Firmware	All versions
Qualcomm	Fastconnect 6900 Firmware	All versions
Qualcomm	Fastconnect 7800 Firmware	All versions
Qualcomm	Fwa Gen 3 Ultra Firmware	All versions
Qualcomm	G2 Gen 1 Firmware	All versions
Qualcomm	Immersive Home 214 Platform Firmware	All versions
Qualcomm	Immersive Home 216 Platform Firmware	All versions
Qualcomm	Immersive Home 316 Platform Firmware	All versions
Qualcomm	Immersive Home 318 Platform Firmware	All versions
Qualcomm	Ipq5010 Firmware	All versions
Qualcomm	Ipq5028 Firmware	All versions
Qualcomm	Ipq6000 Firmware	All versions
Qualcomm	Ipq6010 Firmware	All versions
Qualcomm	Ipq6018 Firmware	All versions
Qualcomm	Ipq8076 Firmware	All versions
Qualcomm	Ipq8078 Firmware	All versions
Qualcomm	Ipq9574 Firmware	All versions
Qualcomm	Milos Firmware	All versions
Qualcomm	Netrani Firmware	All versions
Qualcomm	Networking Pro 1200 Platform Firmware	All versions
Qualcomm	Networking Pro 1210 Platform Firmware	All versions
Qualcomm	Networking Pro 1610 Platform Firmware	All versions
Qualcomm	Networking Pro 400 Platform Firmware	All versions
Qualcomm	Networking Pro 600 Platform Firmware	All versions
Qualcomm	Networking Pro 610 Platform Firmware	All versions
Qualcomm	Networking Pro 800 Platform Firmware	All versions
Qualcomm	Networking Pro 810 Platform Firmware	All versions
Qualcomm	Orne Firmware	All versions
Qualcomm	Palawan25 Firmware	All versions
Qualcomm	Pandeiro Firmware	All versions
Qualcomm	Qca4024 Firmware	All versions
Qualcomm	Qca6391 Firmware	All versions
Qualcomm	Qca6698au Firmware	All versions
Qualcomm	Qca6777aq Firmware	All versions
Qualcomm	Qca6787aq Firmware	All versions
Qualcomm	Qca6797aq Firmware	All versions
Qualcomm	Qca8075 Firmware	All versions
Qualcomm	Qca8081 Firmware	All versions
Qualcomm	Qca8082 Firmware	All versions
Qualcomm	Qca8084 Firmware	All versions
Qualcomm	Qca8085 Firmware	All versions
Qualcomm	Qca8337 Firmware	All versions
Qualcomm	Qca8386 Firmware	All versions
Qualcomm	Qca9888 Firmware	All versions
Qualcomm	Qca9889 Firmware	All versions
Qualcomm	Qcc2073 Firmware	All versions

Showing 50 of 150 affected configurations. See NVD for the full list.

References

https://docs.qualcomm.com/product/publicresources/securitybulletin/april-2026-bulletin.htmlVendor Advisory

Timeline

Published: Apr 6, 2026
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2026-21367?

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

How severe is CVE-2026-21367?

CVE-2026-21367 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.20% probability of exploitation in the next 30 days.

How do I fix CVE-2026-21367?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2026-21367?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST