CVEs from 2026
Total
14,726
critical
critical 1,327
high
high 4,986
medium
medium 4,775
low
low 502
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46122 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43_rx() The firmware-controlled key index in b43_rx() can exceed the de… | |||
| CVE-2026-46121 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcg_path kfree() with damon_sysfs_lock Patch series "mm/damon/sysfs-schemes: fix use-after-free… | |||
| CVE-2026-46118 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle() commit 6d3789d347a7 ("papr-hvpipe: convert papr_hvpipe… | |||
| CVE-2026-46109 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpi_register() error paths Commit 01af542392b5 ("usb: ulpi: fix double free in ulpi_register_inter… | |||
| CVE-2026-46108 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message alloca… | |||
| CVE-2026-46106 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfs_mutex and SRCU when remount walks events Commit 340f0c7067a9 ("eventfs: Update all the eventfs_inodes from … | |||
| CVE-2026-46104 | unknown | — | — | 9d ago | In the Linux kernel, the following vulnerability has been resolved: selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sock_has… | |||
| CVE-2026-9806 | unknown | — | — | 9d ago | A stored cross-site scripting (XSS) vulnerability exists in the notification panel of CTI Transmute in versions prior to the patched release. Notification messages containing user-controlled convert … | |||
| CVE-2026-32998 | unknown | — | — | 9d ago | This vulnerability in Veeam Service Provider Console allows for remote code execution. | |||
| CVE-2026-32997 | unknown | — | — | 9d ago | A vulnerability allowing an authenticated user with the Backup Administrator role to write arbitrary files on Linux-based Veeam Backup & Replication server. | |||
| CVE-2026-32996 | unknown | — | — | 9d ago | This vulnerability in Veeam Agent for Microsoft Windows allows for Local Privilege Escalation. | |||
| CVE-2026-9789 | unknown | — | — | 9d ago | A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe wi… | |||
| CVE-2026-9739 | unknown | — | — | 9d ago | Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `allowed-hosts` flags to align with MCP security guidelines. Howev… | |||
| CVE-2026-44886 | unknown | — | — | 9d ago | Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devi… | |||
| CVE-2026-47161 | unknown | — | — | 9d ago | RELATE is a web-based courseware package. Prior to commit d66ba5659b459bf1ba56b7109b5f9ecf197cbefb, RELATE LMS configures its Celery workers to accept and deserialize untrusted 'pickle' data. An atta… | |||
| CVE-2026-48808 | unknown | — | — | 10d ago | Sandbox property allowlist bypass via the `column` filter under `SourcePolicyInterface` | |||
| CVE-2026-46636 | unknown | — | — | 10d ago | Sandbox filter, tag and function allow-list bypass when sandbox state changes between renders | |||
| CVE-2026-48806 | unknown | — | — | 10d ago | Sandbox `__toString()` policy bypass via dynamic mapping keys | |||
| CVE-2026-48805 | unknown | — | — | 10d ago | Sandbox state regression in deprecated internal wrappers in `src/Resources/core.php` | |||
| CVE-2026-48807 | unknown | — | — | 10d ago | Sandbox `__toString()` policy bypass via `Traversable` in `join`/`replace` and `in`/`not in` operators | |||
| CVE-2026-9712 | unknown | — | — | 10d ago | When creating an export through the pretix API, API clients are returned an UUID value for their export job (a long, random string like 35742818-c375-4d15-839f-d49aecce94d6). Using this UUID, the A… | |||
| CVE-2026-44830 | unknown | — | — | 10d ago | Nocturne Memory is a lightweight, rollbackable, and visual Long-Term Memory Server for MCP Agents. Prior to 2.4.1, when API_TOKEN is unset or empty, the BearerTokenAuthMiddleware bypasses authenticat… | |||
| CVE-2026-46103 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tie… | |||
| CVE-2026-46101 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nft_bitwise Reject zero shift operands for nft_bitwise left and right shift expressions during in… | |||
| CVE-2026-46098 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown `caif_connect()` can tear down an existing client after remote shutdown by ca… | |||
| CVE-2026-46097 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e ("Input: edt-ft5x06 - use per-client debugfs d… | |||
| CVE-2026-46096 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() tpm2_read_public() calls tpm_buf_init() but fails to call tpm_… | |||
| CVE-2026-46095 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmap_state_mach… | |||
| CVE-2026-46094 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access The bounds check for the next xattr entry in check_xattr… | |||
| CVE-2026-46092 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: check for PCI upstream bridge existence pci_upstream_bridge() returns NULL if the device is on a root bus. If 8821C… | |||
| CVE-2026-46091 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. H… | |||
| CVE-2026-46089 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAG… | |||
| CVE-2026-46088 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() snd_ctl_elem_init_enum_names() advances pointe… | |||
| CVE-2026-46087 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start() Destroy the DAMON context and reset the global poin… | |||
| CVE-2026-46086 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by `fdb_delete_local()`, wh… | |||
| CVE-2026-46084 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/mana_ib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed (e.g. DPDK exit), mana_ib_destroy_qp_rss() destro… | |||
| CVE-2026-46083 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup() if spi_setup() fails while registering a d… | |||
| CVE-2026-46082 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a #UD when EFER.SVME is not set. Add a check to properly inj… | |||
| CVE-2026-46080 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: split transactions in dio completion to avoid credit exhaustion During ocfs2 dio operations, JBD2 may report warnings via … | |||
| CVE-2026-46079 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when device_add_disk() fails do_rbd_add() publishes the device with device_add() before calling device_ad… | |||
| CVE-2026-46077 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, ->dma_addr_out must be synced with dma_sync… | |||
| CVE-2026-46075 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path Unregister the hwrng to prevent new ->read() calls and f… | |||
| CVE-2026-46074 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB… | |||
| CVE-2026-46073 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt wait_for_completion_interruptible_timeout() returns -ERESTARTSYS w… | |||
| CVE-2026-46072 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to run_unpack() run_unpack() checks `run_buf < run_last` at the top of the while loop but then … | |||
| CVE-2026-46071 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12 svm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB. However, nested… | |||
| CVE-2026-46069 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup() The mwifiex_adapter_cleanup() function uses timer_delete() (non-sy… | |||
| CVE-2026-46068 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx The bounce buffers are allocated with __get_free_pages() us… | |||
| CVE-2026-46067 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp Users can set damos_quota_goal->nid with arbitrary va… | |||
| CVE-2026-46066 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ceph: fix num_ops off-by-one when crypto allocation fails move_dirty_folio_in_page_array() may fail if the file is encrypted, the… | |||
| CVE-2026-46064 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasm_send_i2o_message() The ibmasm_send_i2o_message() function uses get_dot_command_size() to com… | |||
| CVE-2026-46063 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this… | |||
| CVE-2026-46061 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: jbd2: fix deadlock in jbd2_journal_cancel_revoke() Commit f76d4c28a46a ("fs/jbd2: use sleeping version of __find_get_block()") ch… | |||
| CVE-2026-46060 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix IRQ cleanup on 6xxx probe failure When adf_dev_up() partially completes and then fails, the IRQ handlers regist… | |||
| CVE-2026-46059 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRI… | |||
| CVE-2026-46057 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork() hook_cred_transfer() only copies the Landlock security blob when the s… | |||
| CVE-2026-46051 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retry_aligned_read() When retry_aligned_read() encounters an overlapped stripe, it releases the stri… | |||
| CVE-2026-46050 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix deadlock with check operation and nowait requests When an array check is running it will raise the barrier at whic… | |||
| CVE-2026-46049 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdif_passthru_playback_get_resources() uses atc->pll_rate as the RSR for the… | |||
| CVE-2026-46048 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix usb_dev refcount leak on probe failure create_card() takes a reference on the USB device with usb_get_dev() and … | |||
| CVE-2026-46047 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Fix use-after-free in driver remove() In the remove callback, if a packet arrives after destroy_workqueue() is cal… | |||
| CVE-2026-46046 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() The commit c8e008b60492 ("ext4: ignore xattrs past end") introduced … | |||
| CVE-2026-46045 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: skip reading rdevs that are not in_sync When reading bitmap pages from member disks, the code iterates through al… | |||
| CVE-2026-46044 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts … | |||
| CVE-2026-46042 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leaks in weighted_interleave_auto_store() weighted_interleave_auto_store() fetches old_wi_state inside t… | |||
| CVE-2026-46041 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames() hdlc_append() calls usleep_range() to wait for circular b… | |||
| CVE-2026-46040 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails When fsnotify_add_inode_mark_locked() fails in inotify_… | |||
| CVE-2026-46038 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Free the node during ctrl_cmd_bye() A node sends the BYE packet when it is about to go down. So the nameserver sho… | |||
| CVE-2026-46035 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP On UP kernels (!CONFIG_SMP), spin_trylock() is a n… | |||
| CVE-2026-46034 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdx_… | |||
| CVE-2026-46033 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject short ahash digests during instance creation authencesn requires either a zero authsize or an authsiz… | |||
| CVE-2026-46032 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT If loading L1's CR3 fails on a nested #VMEXIT, nested_svm_vme… | |||
| CVE-2026-46030 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device_node leak in mc_probe() of_parse_phandle() returns a device_node reference that must be released with … | |||
| CVE-2026-46028 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - snapshot IV for async AEAD requests AF_ALG AEAD AIO requests currently use the socket-wide IV buffer during … | |||
| CVE-2026-46026 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perf… | |||
| CVE-2026-46025 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damon_call() vs kdamond_fn() exit race Patch series "mm/damon/core: fix damon_call()/damos_walk() vs kdmond ex… | |||
| CVE-2026-46023 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in create_dirty_log() The argument count calculation in create_dirty_log() performs `*args_used =… | |||
| CVE-2026-46022 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt() ibmasm_handle_mouse_interrupt() performs an out-of-bounds MMIO… | |||
| CVE-2026-46021 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermal_zone_device_register_with_trips() fails after adding a thermal… | |||
| CVE-2026-46020 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp Patch series "mm/damon/core: validate damos_quota_goal-… | |||
| CVE-2026-46019 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup atmel_aes_buff_init() allocates 4 pages using __get_free_pag… | |||
| CVE-2026-46018 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES parse_uac2_sample_rate_range() caps the number of enumerated rates at MA… | |||
| CVE-2026-46017 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm: fix deferred split queue races during migration migrate_folio_move() records the deferred split queue state from src and repl… | |||
| CVE-2026-46016 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent p… | |||
| CVE-2026-46014 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSR_IA32_DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVM_GET… | |||
| CVE-2026-46013 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/memfd_luo: fix physical address conversion in put_folios cleanup In memfd_luo_retrieve_folios()'s put_folios cleanup path: 1.… | |||
| CVE-2026-46012 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix memory leaks in rxkad_verify_response() Fix rxkad_verify_response() to free the ticket and the server key under all ci… | |||
| CVE-2026-46009 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epf_ntb_epc_destroy() duplicates the teardown that the caller is s… | |||
| CVE-2026-46008 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damos_walk() vs kdamond_fn() exit race When kdamond_fn() main loop is finished, the function cancels remaining… | |||
| CVE-2026-46007 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Avoid cacheline sharing for DMA buffer Depending on the architecture the transfer buffer may share a cacheline wi… | |||
| CVE-2026-46005 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: xfs: fix a resource leak in xfs_alloc_buftarg() In the error path, call fs_put_dax() to drop the DAX device reference. | |||
| CVE-2026-46004 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setup_card() in caiaq driver doesn't treat the error cases grace… | |||
| CVE-2026-46003 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can b… | |||
| CVE-2026-46002 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: ext2: reject inodes with zero i_nlink and valid mode in ext2_iget() ext2_iget() already rejects inodes with i_nlink == 0 when i_m… | |||
| CVE-2026-46001 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data() Fix two bugs in pt5161l_read_block_data(): 1. Buffer overrun: The local b… | |||
| CVE-2026-46000 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decryp… | |||
| CVE-2026-45998 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skb_unshare() failure If skb_unshare() fails to unshare a packet due to allocation failure in rxrp… | |||
| CVE-2026-45997 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails If device_add(&sdkp->disk_dev) fails, put_device() runs scsi_di… | |||
| CVE-2026-45996 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of … | |||
| CVE-2026-45995 | unknown | — | — | 10d ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_struct uaf io_free_rbuf_ring() usees a struct user_struct, which io_zcrx_ifq_free() puts it down before d… |