CVEs from 2026
Total
14,777
critical
critical 1,334
high
high 5,000
medium
medium 4,821
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-8235 | medium | 5.5 | 5.5 | 27d ago | A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulatio… | |||
| CVE-2026-8213 | medium | 5.5 | 5.5 | 28d ago | A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c of the component Grid File Handler. The manip… | |||
| CVE-2026-8212 | medium | 5.5 | 5.5 | 28d ago | A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-bas… | |||
| CVE-2026-42333 | medium | — | 5.5 | 28d ago | quarkus-openapi-generator has overly broad path-parameter matching that sends authentication headers to unintended operations | |||
| CVE-2026-42310 | medium | 5.5 | 5.5 | 28d ago | Pillow has a PDF Parsing Trailer Infinite Loop (DoS) | |||
| CVE-2026-42308 | medium | 5.5 | 5.5 | 28d ago | Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer… | |||
| CVE-2026-45130 | medium | 5.5 | 5.5 | 29d ago | Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when loading a crafted spell file (.spl) with UTF-8 enc… | |||
| CVE-2026-42185 | medium | 5.5 | 5.5 | 29d ago | People is an application to handle users and teams, and distribute permissions across La Suite. Prior to version 1.25.0, a user holding the Administrator role on a mail domain could send a crafted in… | |||
| CVE-2026-44737 | medium | — | 5.5 | 29d ago | Grav: Stored XSS via page title (data[header][title]) in admin panel | |||
| CVE-2026-41511 | medium | 5.5 | 5.5 | 29d ago | OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory … | |||
| CVE-2026-43475 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT This resolves the follow splat and lock-up when running with PREEMPT_RT … | |||
| CVE-2026-43474 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: fs: init flags_valid before calling vfs_fileattr_get syzbot reported a uninit-value bug in [1]. Similar to the "*get" context wh… | |||
| CVE-2026-43473 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when… | |||
| CVE-2026-43472 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: unshare: fix unshare_fs() handling There's an unpleasant corner case in unshare(2), when we have a CLONE_NEWNS in flags and curre… | |||
| CVE-2026-43471 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace() The kernel log indicates a crash in ufshcd_a… | |||
| CVE-2026-43470 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir If we found an alias through nfs3_do_create/nfs_add_or_obtain /d_splic… | |||
| CVE-2026-43468 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw->wq esw->work_queue executes esw_functions_changed_event_handler -> esw_vfs_c… | |||
| CVE-2026-43467 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the device doesn't support IPsec, we try to … | |||
| CVE-2026-43463 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer() rxrpc_kernel_lookup_peer() can also return error poi… | |||
| CVE-2026-43457 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev->allow_rx' is false, the newly allocated skb isn't consumed by netif_r… | |||
| CVE-2026-43455 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key->lock in mctp_flow_prepare_output() mctp_flow_prepare_output() checks key->dev and may call mctp_dev_set_ke… | |||
| CVE-2026-43451 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: fix entry leak in bridge verdict error path nfqnl_recv_verdict() calls find_dequeue_entry() to remove… | |||
| CVE-2026-43446 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix runtime suspend deadlock when there is pending job The runtime suspend callback drains the running job workque… | |||
| CVE-2026-43445 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: e1000/e1000e: Fix leak in DMA error cleanup If an error is encountered while mapping TX buffers, the driver should unmap any buff… | |||
| CVE-2026-43444 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Unreserve bo if queue update failed Error handling path should unreserve bo then return failed. (cherry picked from … | |||
| CVE-2026-43443 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acp_card_rt5682_init() and acp_card_rt5682s_init() … | |||
| CVE-2026-43436 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may h… | |||
| CVE-2026-43435 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: rust_binder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted… | |||
| CVE-2026-43432 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix memory leak in xhci_disable_slot() xhci_alloc_command() allocates a command structure and, when the second argumen… | |||
| CVE-2026-43431 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug i… | |||
| CVE-2026-43429 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts The usbtmc driver accepts timeout values specified by the u… | |||
| CVE-2026-43428 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: USB: core: Limit the length of unkillable synchronous timeouts The usb_control_msg(), usb_bulk_msg(), and usb_interrupt_msg() API… | |||
| CVE-2026-43425 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: image: mdc800: kill download URB on timeout mdc800_device_read() submits download_urb and waits for completion. If the timeo… | |||
| CVE-2026-43424 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_tcm: Fix NULL pointer dereferences in nexus handling The `tpg->tpg_nexus` pointer in the USB Target driver is dyna… | |||
| CVE-2026-43423 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix atomic context locking issue The ncm_set_alt function was holding a mutex to protect against races with c… | |||
| CVE-2026-43422 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: legacy: ncm: Fix NPE in gncm_bind Commit 56a512a9b410 ("usb: gadget: f_ncm: align net_device lifecycle with bind/unbind") de… | |||
| CVE-2026-43421 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix net_device lifecycle with device_move The network device outlived its parent gadget device during disconn… | |||
| CVE-2026-43419 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leaks in ceph_mdsc_build_path() Add __putname() calls to error code paths that did not free the "path" pointer o… | |||
| CVE-2026-43418 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible… | |||
| CVE-2026-43417 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Handle vfork()/CLONE_VM correctly Matthieu and Jiri reported stalls where a task endlessly loops in mm_get_cid() whe… | |||
| CVE-2026-43416 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: powerpc, perf: Check that current->mm is alive before getting user callchain It may happen that mm is already released, which lea… | |||
| CVE-2026-43413 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix NULL pointer exception during user_scan() user_scan() invokes updated sas_user_scan() for channel 0, and if s… | |||
| CVE-2026-43412 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: Fix q6apm remove ordering during ADSP stop and start During ADSP stop and start, the kernel crashes due to the… | |||
| CVE-2026-43411 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix divide-by-zero in tipc_sk_filter_connect() A user can set conn_timeout to any value via setsockopt(TIPC_CONN_TIMEOUT), … | |||
| CVE-2026-43410 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update (RSU) isn't enabled in t… | |||
| CVE-2026-43409 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: kprobes: avoid crash when rmmod/insmod after ftrace killed After we hit ftrace is killed by some errors, the kernel crash if we r… | |||
| CVE-2026-43404 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mm: Fix a hmm_range_fault() livelock / starvation problem If hmm_range_fault() fails a folio_trylock() in do_swap_page, trying to… | |||
| CVE-2026-43401 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request() The update_cpu_qos_request() function attempts to… | |||
| CVE-2026-43400 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in signal ioctl Huge input values in amdgpu_userq_signal_ioctl can lead to a OOM… | |||
| CVE-2026-43399 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpu_userq_wait_ioctl Drop reference to syncobj and timeline fence when aborting the io… | |||
| CVE-2026-43398 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: add upper bound check on user inputs in wait ioctl Huge input values in amdgpu_userq_wait_ioctl can lead to a OOM and… | |||
| CVE-2026-43397 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: samsung-dsim: Fix memory leak in error path In samsung_dsim_host_attach(), drm_bridge_add() is called to add the brid… | |||
| CVE-2026-43396 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Fix user fence leak on alloc failure When dma_fence_chain_alloc() fails, properly release the user fence reference t… | |||
| CVE-2026-43395 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe/sync: Cleanup partially initialized sync on parse failure xe_sync_entry_parse() can allocate references (syncobj, fence, c… | |||
| CVE-2026-43394 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix cred ref leak in nfsd_nl_listener_set_doit(). nfsd_nl_listener_set_doit() uses get_current_cred() without put_cred(). … | |||
| CVE-2026-43393 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix chunk map leak in btrfs_map_block() after btrfs_chunk_map_num_copies() Fix a chunk map leak in btrfs_map_block(): if w… | |||
| CVE-2026-43392 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix starvation of scx_enable() under fair-class saturation During scx_enable(), the READY -> ENABLED task switching lo… | |||
| CVE-2026-43390 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: nstree: tighten permission checks for listing Even privileged services should not necessarily be able to see other privileged ser… | |||
| CVE-2026-43389 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mm: memfd_luo: always dirty all folios A dirty folio is one which has been written to. A clean folio is its opposite. Since a c… | |||
| CVE-2026-43387 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: properly validate the data in rtw_get_ie_ex() Just like in commit 154828bf9559 ("staging: rtl8723bs: fix out-… | |||
| CVE-2026-43382 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnl_lock ELP metric worker batadv_v_elp_get_throughput() might be called when the RTNL lock is already … | |||
| CVE-2026-43381 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: nouveau/dpcd: return EBUSY for aux xfer if the device is asleep If we have runtime suspended, and userspace wants to use /dev/drm… | |||
| CVE-2026-43375 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: net: mctp: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while th… | |||
| CVE-2026-43372 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If request_threaded_irq() fails during the PTP message IRQ setup, the newly … | |||
| CVE-2026-43371 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the roo… | |||
| CVE-2026-43369 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix NULL pointer dereference in device cleanup When GPU initialization fails due to an unsupported HW block IP blocks ma… | |||
| CVE-2026-43367 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths that cleanup fails due to a NULL vers… | |||
| CVE-2026-43364 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ublk: fix NULL pointer dereference in ublk_ctrl_set_size() ublk_ctrl_set_size() unconditionally dereferences ub->ub_disk via set_… | |||
| CVE-2026-43363 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: x86/apic: Disable x2apic on resume if the kernel expects so When resuming from s2ram, firmware may re-enable x2apic mode, which m… | |||
| CVE-2026-43361 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotti… | |||
| CVE-2026-43360 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on file creation due to name hash collision If we attempt to create several files with names that re… | |||
| CVE-2026-43359 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow w… | |||
| CVE-2026-43358 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: add missing RCU unlock in error path in try_release_subpage_extent_buffer() Call rcu_read_lock() before exiting the loop i… | |||
| CVE-2026-43357 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pm_runtime error handling The return value of pm_runtime_get_sync() is not checked, allowing the dri… | |||
| CVE-2026-43356 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis: Fix NULL pointer dereference in adis_init The adis_init() function dereferences adis->ops to check if the individ… | |||
| CVE-2026-43355 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: iio: light: bh1780: fix PM runtime leak on error path Move pm_runtime_put_autosuspend() before the error check to ensure the PM r… | |||
| CVE-2026-43354 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in set_samp_freq Avoid division by zero when sampling frequency is unsp… | |||
| CVE-2026-43351 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Eagerly init vgic dist/redist on vgic creation If vgic_allocate_private_irqs_locked() fails for any odd reason, we ex… | |||
| CVE-2026-43349 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-… | |||
| CVE-2026-43348 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER When registering VTL0 memory via MSHV_ADD_VTL0_MEMORY, the kernel computes … | |||
| CVE-2026-43346 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF whic… | |||
| CVE-2026-43344 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbep_pci2phy_map_init(), in the nr_node_ids > 8 path, uncore_device_t… | |||
| CVE-2026-43343 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free geth_alloc() increments the reference count, but geth_free() fails to d… | |||
| CVE-2026-43340 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev->spinlock between attachments to low-level drivers `struct comedi_device` is the main controlling structure fo… | |||
| CVE-2026-43338 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a tra… | |||
| CVE-2026-43337 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401_init_hw() dcn401_init_hw() assumes that update_bw_bounding_box() is valid… | |||
| CVE-2026-43335 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes() The change to dynamic IDs for SM8450 platform interc… | |||
| CVE-2026-43333 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTR_TO_BUF pointers check_mem_access() matches PTR_TO_BUF via base_type() which strips PTR_… | |||
| CVE-2026-43331 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after load_segments() The load_segments() function changes segment registers, invalidatin… | |||
| CVE-2026-43327 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usb… | |||
| CVE-2026-43326 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix SCX_KICK_WAIT deadlock by deferring wait to balance callback SCX_KICK_WAIT busy-waits in kick_cpus_irq_workfn() us… | |||
| CVE-2026-43325 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not s… | |||
| CVE-2026-43323 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zero_vruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisec… | |||
| CVE-2026-43320 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue [why] Need to add function hook check before use | |||
| CVE-2026-43319 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spi_lock and buf_lock The spidev driver previously used two mutexes, spi_lock and buf_loc… | |||
| CVE-2026-43318 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify Invalidating a dmabuf will impact other users of the shared BO. In th… | |||
| CVE-2026-43317 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on early registration failure A recent commit fixed a resource leak on early registration failures but for s… | |||
| CVE-2026-43316 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: Check for out of bounds chip_id Clang with CONFIG_UBSAN_SHIFT=y noticed a condition where a signed type (literal… | |||
| CVE-2026-43315 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding Drop the WARN in svm_set_nested_state() on nested_s… | |||
| CVE-2026-43314 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 ("blk-mq: move failure injection out of blk_mq_complete_r… |