VIR Vulnerability Intelligence Relay

Search

Found 33,080 results in 1652ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-7970 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7968 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafte…
CVE-2026-7967 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es…
CVE-2026-7966 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
CVE-2026-7965 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…
CVE-2026-7963 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …
CVE-2026-7959 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…
CVE-2026-7957 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…
CVE-2026-7956 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…
CVE-2026-7954 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…
CVE-2026-7951 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7949 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…
CVE-2026-7948 high 7.5 7.5 FIX debian debianwindows windows google 1mo ago Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
CVE-2026-7945 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT…
CVE-2026-7944 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via …
CVE-2026-7940 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome …
CVE-2026-7938 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7937 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c…
CVE-2026-7930 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security sev…
CVE-2026-7929 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML …
CVE-2026-7928 high 8.8 8.8 FIX debian debianwindows windows google 1mo ago Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: …
CVE-2026-7927 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7926 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7925 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Hi…
CVE-2026-7923 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7922 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7921 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7920 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7919 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7918 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-7917 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte…
CVE-2026-7916 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-7914 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cra…
CVE-2026-7913 high 7.8 7.8 FIX debian debianwindows windows google 1mo ago Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severi…
CVE-2026-7911 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML…
CVE-2026-7909 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa…
CVE-2026-7907 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7906 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7905 high 8.3 8.3 FIX debian debianwindows windows google 1mo ago Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
CVE-2026-7903 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:…
CVE-2026-7902 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7901 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 1mo ago Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7900 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-7899 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-7898 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 1mo ago Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-7897 high 7.5 7.5 FIX debian debianmacos macoswindows windows google 1mo ago Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML p…
CVE-2026-7896 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-41938 high 8.8 8.8 1mo ago Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restricti…
CVE-2026-41936 high 8.1 8.1 1mo ago Vvveb before version 1.0.8.2 contains an XML external entity (XXE) injection vulnerability in the admin Tools/Import feature that allows authenticated site_admin users to read arbitrary files and mod…
CVE-2026-41934 high 8.8 8.8 1mo ago Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through ins…
CVE-2026-34474 high 7.5 8.5 EXP 1mo ago Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. I…
CVE-2026-34473 high 7.5 8.5 EXP 1mo ago Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered a…
CVE-2025-31974 high 7.2 7.2 hcltech 1mo ago HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only. An improperly configured root file system may allow unintended modifications to critical system comp…
CVE-2024-30151 high 8.3 8.3 hcltech 1mo ago HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation. This could allow unauthorized users to gain elevated privileges, bypassing in…
CVE-2026-33079 high 8.0 FIX slesdebian debianwindows windows 1mo ago Mistune has a ReDoS in LINK_TITLE_RE that allows denial of service via crafted Markdown input
CVE-2024-27354 high 8.0 FIX debian debian 1mo ago phpseclib: guardrails needed on isPrime and randomPrime
CVE-2026-44012 high 8.0 1mo ago Craft CMS's Missing Volume Permission Check in AssetsController::actionShowInFolder Allows Information Disclosure
CVE-2026-44011 high 8.0 1mo ago Craft CMS has Potential Authenticated Remote Code Execution via Malicious Attached Behavior
CVE-2026-44010 high 8.0 1mo ago Craft CMS's Missing Authorization in GraphQL Address Resolver Allows Cross-Scope PII Disclosure
CVE-2026-7875 high 8.8 8.8 nanoco 1mo ago NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container …
CVE-2026-42503 high 8.8 8.8 debian debian 1mo ago gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopl…
CVE-2026-29080 high 8.8 8.8 cern 1mo ago Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API
CVE-2026-23870 high 7.5 7.5 1mo ago Facebook React has a Denial of Service Vulnerability in React Server Components
CVE-2026-20185 high 7.7 7.7 1mo ago A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches (SG350X) firmware co…
CVE-2026-20167 high 7.7 7.7 1mo ago A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely mana…
CVE-2026-20035 high 7.2 7.2 1mo ago A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to i…
CVE-2026-20034 high 8.8 8.8 1mo ago A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is…
CVE-2026-29090 high 8.8 8.8 cern 1mo ago Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API
CVE-2026-6788 high 7.8 7.8 watchguard 1mo ago Uncontrolled Search Path Element vulnerability in WatchGuard Agent on Windows allows Using Malicious Files.This issue affects WatchGuard Agent before 1.25.03.0000.
CVE-2026-6787 high 7.8 7.8 watchguard 1mo ago Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000.
CVE-2026-6691 high 7.8 7.8 FIX debian debian 1mo ago The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or network traffic. This may b…
CVE-2026-41288 high 7.8 7.8 watchguard 1mo ago Incorrect permission assignment for a resource in the patch management component of the WatchGuard Agent on Windows allows an authenticated local user to elevate their privileges to NT AUTHORITY\\SYS…
CVE-2026-8028 low 3.7 3.7 flowiseai 1mo ago A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Perf…
CVE-2025-52613 high 8.8 8.8 hcltech 1mo ago HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses…
CVE-2025-31976 high 7.5 7.5 hcltech 1mo ago HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which could allow an attacker to…
CVE-2025-31959 low 3.5 3.5 hcltech 1mo ago HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to confidentiality and privacy risks if sensitive location information is unintentio…
CVE-2026-40562 high 7.5 7.5 kazeburo 1mo ago Gazelle versions through 0.49 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Gazelle incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head…
CVE-2026-43283 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle dma_free_coherent() in error path takes priv->rx_buf.alloc_len as the d…
CVE-2026-43281 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there…
CVE-2026-43280 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise When user provides a bogus pat_index value through th…
CVE-2026-43279 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode befor…
CVE-2026-43278 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq->bio values have been observed to cause double-initia…
CVE-2026-43276 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago Linux kernel (Azure) vulnerabilities
CVE-2026-43274 high 8.4 8.4 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() The cluster_cfg array is dynamically allocated…
CVE-2026-43263 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts h…
CVE-2026-43260 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is delete…
CVE-2026-43258 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruptio…
CVE-2026-43256 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() vfe_isr() iterates using MSM_VFE_IMAGE_MASTERS_NUM(7) a…
CVE-2026-43254 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn_tcp_recv, we receive large cloned skbs from…
CVE-2026-43253 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move wait_on_sem() out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under…
CVE-2026-43250 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke() The ChipIdea UDC driver can encounter "not page aligned sg buffer" error…
CVE-2026-43249 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen_9pfs_front_free against concurrent calls The xenwatch thread can race with other back-end change notification…
CVE-2026-43248 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: vhost: move vdpa group bound check to vhost_vdpa Remove duplication by consolidating these here. This reduces the posibility of …
CVE-2026-43245 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ntfs: ->d_compare() must not block ... so don't use __getname() there. Switch it (and ntfs_d_hash(), while we are at it) to kmal…
CVE-2026-43241 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAX_…
CVE-2026-43239 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in ->query_interfaces() It was possible for two query interface works to be concurrently trying to upd…
CVE-2026-43237 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amd…
CVE-2026-43236 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release The atmel_hlcdc_plane_atomic_duplicate_state() callback was …
CVE-2026-43233 high 8.2 8.2 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_choice() In decode_choice(), the boundary check before get_len() uses the va…
CVE-2026-43232 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fs…