VIR Vulnerability Intelligence Relay

Search

Found 45,574 results in 2711ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-6667 medium 4.3 4.3 FIX debian debianwindows windows pgbouncer 29d ago PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILL_CLIENT admin command. All users with access to the administration console (which itself requires authorization)…
CVE-2026-45130 medium 5.5 5.5 FIX slesdebian debianwindows windows vim 29d ago Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc…
CVE-2026-44987 low 3.8 3.8 29d ago SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If th…
CVE-2026-44656 medium 5.3 5.3 FIX slesdebian debianwindows windows vim 29d ago Vim is an open source, command line text editor. Prior to version 9.2.0435, an OS command injection vulnerability exists in Vim's :find command-line completion. When the path option contains backtick…
CVE-2026-44284 medium 6.3 6.3 29d ago FastGPT is an AI Agent building platform. Prior to version 4.14.17, FastGPT had an inconsistent SSRF protection gap in MCP tool URL handling. The direct MCP preview/run endpoints already rejected int…
CVE-2026-42456 medium 4.3 4.3 mintplexlabs 29d ago AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLL…
CVE-2026-42451 medium 6.3 6.3 29d ago Grimmory is a self-hosted digital library. Prior to version 2.3.1, a stored cross-site scripting (XSS) vulnerability in Grimmory's browser-based EPUB reader allows an attacker to embed arbitrary Java…
CVE-2026-42346 medium 6.5 6.5 29d ago Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added in v2.21.4–v2.21.6 share a fundamental TOCTOU (Time-of-Check-Time-of-Use) vulner…
CVE-2026-42344 medium 6.3 6.3 29d ago FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress() function in packages/service/common/system/utils.ts is vulnerable to DNS rebinding (TOCTOU — Tim…
CVE-2026-42307 medium 4.4 4.4 FIX debian debian vim 29d ago Vim is an open source, command line text editor. Prior to version 9.2.0383, an OS command injection vulnerability exists in the netrw standard plugin bundled with Vim. By inducing a user to open a cr…
CVE-2026-42291 medium 6.8 6.8 29d ago SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links for personal notes is not properly au…
CVE-2026-41520 medium 4.4 4.4 cilium 29d ago Cillium exposes sensitive information included in the cilium-bugtool debug archive
CVE-2026-44831 medium 5.4 5.4 snipeitapp 29d ago Snipe-IT has Stored XSS via Component Checkout Notes (v8.4.0)
CVE-2026-44298 medium 4.9 4.9 kimai 29d ago Kimai has an arbitrary file read in its invoice PDF renderer (admin)
CVE-2026-42209 medium 6.5 6.5 29d ago FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both set_retained_mes…
CVE-2026-42199 medium 6.2 6.2 29d ago Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior
CVE-2026-42195 low 3.4 3.4 29d ago draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.9, the draw.io client accepts a ?gitlab= URL parameter that overrides the GitLab server URL used during OAut…
CVE-2026-42192 medium 5.4 5.4 29d ago Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, a stored cross-site scripting (XSS) vulnerability exists in the campaign management feature, where the email bo…
CVE-2026-44200 medium 6.5 6.5 torchbox 29d ago Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access to pages could copy a page they don't have access to to an area of …
CVE-2026-42282 medium 4.3 4.3 n8n-mcp 29d ago n8n-MCP: Sensitive MCP tool-call arguments logged on authenticated requests in HTTP mode
CVE-2026-42190 medium 5.3 5.3 redwoodjs 29d ago RedwoodSDK has Same-site CSRF through lack of origin validation in its server actions
CVE-2026-42185 medium 5.5 5.5 29d ago People is an application to handle users and teams, and distribute permissions across La Suite. Prior to version 1.25.0, a user holding the Administrator role on a mail domain could send a crafted in…
CVE-2026-42181 medium 6.5 6.5 29d ago Lemmy has SSRF and internal image disclosure in post link metadata via unvalidated og:image
CVE-2026-42180 medium 6.3 6.3 29d ago Lemmy has SSRF in /api/v3/post via Webmention dispatch
CVE-2026-42176 medium 6.7 6.7 29d ago Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.67.0, Scoold allows the admins configuration value to be modified through /api/config/set/admins with a forged Bearer to…
CVE-2026-41495 medium 5.3 5.3 n8n-mcp 29d ago n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Requests
CVE-2026-44557 medium 4.3 4.3 openwebui 29d ago Open WebUI vulnerable to Global Knowledge Base Enumeration via knowledge-bases Meta-Collection
CVE-2026-44737 medium 5.5 29d ago Grav: Stored XSS via page title (data[header][title]) in admin panel
CVE-2026-41511 medium 5.5 5.5 openmcdf_projectopenmcdf 29d ago OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory …
CVE-2026-42030 medium 6.1 6.1 FIX debian debian osgeo 29d ago MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS server allows an unauthenticated attacker t…
CVE-2026-42028 medium 5.3 5.3 29d ago novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users to read image files outside the intend…
CVE-2026-42794 medium 6.1 6.1 absinthe-graphql 29d ago absinthe_plug Has a Cross-site Scripting vulnerability
CVE-2026-41885 medium 6.5 6.5 29d ago i18next-locize-backend has URL Injection via Unsanitized Path Parameters
CVE-2026-41591 medium 6.4 6.4 29d ago Marko: XSS via case-insensitive script/style closing tag bypass in runtime HTML escaping
CVE-2026-44500 medium 5.3 5.3 zfnd 29d ago Zebra Vulnerable to Allocation Amplification in Inbound Network Deserializers
CVE-2026-43475 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT This resolves the follow splat and lock-up when running with PREEMPT_RT …
CVE-2026-43474 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: fs: init flags_valid before calling vfs_fileattr_get syzbot reported a uninit-value bug in [1]. Similar to the "*get" context wh…
CVE-2026-43473 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when…
CVE-2026-43472 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: unshare: fix unshare_fs() handling There's an unpleasant corner case in unshare(2), when we have a CLONE_NEWNS in flags and curre…
CVE-2026-43471 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace() The kernel log indicates a crash in ufshcd_a…
CVE-2026-43470 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir If we found an alias through nfs3_do_create/nfs_add_or_obtain /d_splic…
CVE-2026-43468 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw->wq esw->work_queue executes esw_functions_changed_event_handler -> esw_vfs_c…
CVE-2026-43467 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the device doesn't support IPsec, we try to …
CVE-2026-43463 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer() rxrpc_kernel_lookup_peer() can also return error poi…
CVE-2026-43457 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev->allow_rx' is false, the newly allocated skb isn't consumed by netif_r…
CVE-2026-43455 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key->lock in mctp_flow_prepare_output() mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_ke…
CVE-2026-43451 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path nfqnl_recv_verdict() calls find_dequeue_entry() to remove…
CVE-2026-43448 medium 4.7 4.7 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: nvme-pci: Fix race bug in nvme_poll_irqdisable() In the following scenario, pdev can be disabled between (1) and (3) by (2). This…
CVE-2026-43446 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workque…
CVE-2026-43445 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buff…
CVE-2026-43444 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. (cherry picked from …
CVE-2026-43443 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acp_card_rt5682_init() and acp_card_rt5682s_init() …
CVE-2026-43439 medium 4.7 4.7 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a css_set, cgroup_migrate_add_task() first m…
CVE-2026-43436 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may h…
CVE-2026-43435 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted…
CVE-2026-43432 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhci_disable_slot() xhci_alloc_command() allocates a command structure and, when the second argumen…
CVE-2026-43431 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug i…
CVE-2026-43430 medium 4.7 4.7 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: yurex: fix race in probe The bbu member of the descriptor must be set to the value standing for uninitialized values before …
CVE-2026-43429 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the u…
CVE-2026-43428 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() API…
CVE-2026-43425 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800_device_read() submits download_urb and waits for completion. If the timeo…
CVE-2026-43424 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling The `tpg->tpg_nexus` pointer in the USB Target driver is dyna…
CVE-2026-43423 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix atomic context locking issue The ncm_set_alt function was holding a mutex to protect against races with c…
CVE-2026-43422 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncm_bind Commit 56a512a9b410 ("usb: gadget: f_ncm: align net_device lifecycle with bind/unbind") de…
CVE-2026-43421 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix net_device lifecycle with device_move The network device outlived its parent gadget device during disconn…
CVE-2026-43420 medium 4.7 4.7 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix i_nlink underrun during async unlink During async unlink, we drop the `i_nlink` counter before we receive the completio…
CVE-2026-43419 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in ceph_mdsc_build_path() Add __putname() calls to error code paths that did not free the "path" pointer o…
CVE-2026-43418 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible…
CVE-2026-43417 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork()/CLONE_VM correctly Matthieu and Jiri reported stalls where a task endlessly loops in mm_get_cid() whe…
CVE-2026-43416 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current->mm is alive before getting user callchain It may happen that mm is already released, which lea…
CVE-2026-43415 medium 4.7 4.7 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix SError in ufshcd_rtc_work() during UFS suspend In __ufshcd_wl_suspend(), cancel_delayed_work_sync() is calle…
CVE-2026-43413 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix NULL pointer exception during user_scan() user_scan() invokes updated sas_user_scan() for channel 0, and if s…
CVE-2026-43412 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the…
CVE-2026-43411 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipc_sk_filter_connect() A user can set conn_timeout to any value via setsockopt(TIPC_CONN_TIMEOUT), …
CVE-2026-43410 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update (RSU) isn't enabled in t…
CVE-2026-43409 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: kprobes: avoid crash when rmmod/insmod after ftrace killed After we hit ftrace is killed by some errors, the kernel crash if we r…
CVE-2026-43404 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmm_range_fault() livelock / starvation problem If hmm_range_fault() fails a folio_trylock() in do_swap_page, trying to…
CVE-2026-43401 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request() The update_cpu_qos_request() function attempts to…
CVE-2026-43400 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM…
CVE-2026-43399 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl Drop reference to syncobj and timeline fence when aborting the io…
CVE-2026-43398 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpu_userq_wait_ioctl can lead to a OOM and…
CVE-2026-43397 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the brid…
CVE-2026-43396 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dma_fence_chain_alloc() fails, properly release the user fence reference t…
CVE-2026-43395 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xe_sync_entry_parse() can allocate references (syncobj, fence, c…
CVE-2026-43394 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit(). nfsd_nl_listener_set_doit() uses get_current_cred() without put_cred(). …
CVE-2026-43393 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies() Fix a chunk map leak in btrfs_map_block(): if w…
CVE-2026-43392 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix starvation of scx_enable() under fair-class saturation During scx_enable(), the READY -> ENABLED task switching lo…
CVE-2026-43390 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged ser…
CVE-2026-43389 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: mm: memfd_luo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a c…
CVE-2026-43387 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-…
CVE-2026-43382 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already …
CVE-2026-43381 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drm…
CVE-2026-43375 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while th…
CVE-2026-43372 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If request_threaded_irq() fails during the PTP message IRQ setup, the newly …
CVE-2026-43371 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the roo…
CVE-2026-43369 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks ma…
CVE-2026-43367 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths that cleanup fails due to a NULL vers…
CVE-2026-43364 medium 5.5 5.5 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublk_ctrl_set_size() ublk_ctrl_set_size() unconditionally dereferences ub->ub_disk via set_…
CVE-2026-43363 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which m…
CVE-2026-43361 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotti…