CVE-2025-59609
5.5 MEDIUMInformation Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length
Published: 2026-06-01 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 5.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
- CWE
- CWE-126
Affected products
| Vendor | Product |
|---|---|
| qualcomm | 5g_fixed_wireless_access_platform_firmware, ar8035_firmware, csr8811_firmware |
Description
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-25277 — Memory corruption while using Strongbox due to buffer overflow (8.8 HIGH)
- CVE-2026-25276 — Memory corruption while using Strongbox due to missing bounds check (8.8 HIGH)
- CVE-2026-25260 — Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications (7.8 HIGH)
- CVE-2026-25259 — Memory corruption while processing multiple IOCTL command for escape operations (7.8 HIGH)
- CVE-2026-25258 — Memory corruption while processing IOCTL calls for escape operations (7.8 HIGH)
Same CWE
- CVE-2026-45460 — Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally (4.7 MEDIUM)
- CVE-2026-42828 — Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally (7.8 HIGH)
- CVE-2026-11787 — A flaw was found in 389 Directory Server (5.0 MEDIUM)
- CVE-2026-44185 — Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects... (7.3 HIGH)
- CVE-2026-45684 — OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard (4.9 MEDIUM)