CVE-2026-21385: Google Patches Qualcomm Zero-Day Exploited in Targeted Android Attacks

The report details CVE-2026-21385, a high-severity integer overflow in a Qualcomm display/graphics component affecting 235 chipsets with signals of limited real-world exploitation; it reviews Google and Qualcomm advisories, notes the vulnerability's addition to CISA's Known Exploited Vulnerabilities catalog, and advises updating devices to the 2026-03-05 security patch level or later to mitigate risk.