CVEs from 2026
Total
14,775
critical
critical 1,334
high
high 4,999
medium
medium 4,821
low
low 502
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43313 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev … | |||
| CVE-2026-43312 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647_init_controls() we call v4l2_get_subdevdata, but it is initialize… | |||
| CVE-2026-43311 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generic_handle_irq() call Currently, when resuming from system suspend on Tegra platforms, the followi… | |||
| CVE-2026-43310 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: th… | |||
| CVE-2026-43309 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID a… | |||
| CVE-2026-43308 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() There is no need to BUG(), we can just return an error… | |||
| CVE-2026-43306 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function c… | |||
| CVE-2026-43305 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path [Why] The evaluation for whether we need to use the DMU… | |||
| CVE-2026-43302 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIG_DMA_API_DEBUG enabled, the kernel occa… | |||
| CVE-2026-43301 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pm_runtime_put_sync() with pm_runtime_dont_use_autosuspen… | |||
| CVE-2026-43300 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() In jdi_panel_dsi_remove(), jdi is explicitly checked… | |||
| CVE-2026-43299 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure() [BUG] There is a bug report that when btrfs hits ENO… | |||
| CVE-2026-43298 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace… | |||
| CVE-2026-43297 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init() rga_get_frame() can return ERR_PTR(-EINVAL) when buffer … | |||
| CVE-2026-43295 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() When idtab allocation fails, net is not registered with rio_… | |||
| CVE-2026-43294 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels Since commit 56de5e305d4b ("clk: renesas: r9a07g04… | |||
| CVE-2026-43293 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode (irq < 0) to prev… | |||
| CVE-2026-43292 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node When CONFIG_PAGE_OWNER is enabled, freeing KASAN shadow pages during… | |||
| CVE-2026-43289 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: kexec: derive purgatory entry from symbol kexec_load_purgatory() derives image->start by locating e_entry inside an SHF_EXECINSTR… | |||
| CVE-2026-43288 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4_percpu_param_init() before ext4_mb_init() When running `kvm-xfstests -c ext4/1k -C 1 generic/383` with the `DOUBL… | |||
| CVE-2026-43287 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRM_IOCTL_MODE_CREATEPROPBLOB allows userspace to allocate arbitrary-sized proper… | |||
| CVE-2026-43286 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 ("mm: hugetlb: fix incorrect fallback for subpool")… | |||
| CVE-2026-43285 | medium | 5.5 | 5.5 | 29d ago | In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current->mems_allowed_seq if !allow_spin Lockdep complains when get_from_any_partial() is called in an NMI… | |||
| CVE-2026-8149 | medium | — | 5.5 | 29d ago | Bouncy Castle has a vulnerability in program files gcm128w, gcm512w | |||
| CVE-2026-43942 | medium | 5.5 | 5.5 | 29d ago | Electerm's full process.env exposed to renderer via window.pre.env | |||
| CVE-2026-41646 | medium | 5.5 | 5.5 | 29d ago | Nuclei: Local File Read via require() Module Loader Bypass | |||
| CVE-2026-8124 | medium | 5.5 | 5.5 | 1mo ago | A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. … | |||
| CVE-2026-8119 | medium | 5.5 | 5.5 | 1mo ago | A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_by_id in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation resul… | |||
| CVE-2026-8088 | medium | 5.5 | 5.5 | 1mo ago | A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bo… | |||
| CVE-2026-42259 | medium | — | 5.5 | 1mo ago | Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass) | |||
| CVE-2026-8084 | medium | 5.5 | 5.5 | 1mo ago | A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This… | |||
| CVE-2026-32686 | medium | — | 5.5 | 1mo ago | Decimal: Unbounded exponent in `Decimal.new` enables unauthenticated DoS | |||
| CVE-2026-3291 | medium | 5.5 | 5.5 | 1mo ago | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate … | |||
| CVE-2026-42458 | medium | — | 5.5 | 1mo ago | Magento LTS: Reflected XSS - Import -> Data Flow (profiles) | |||
| CVE-2026-43282 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port The function ionic_query_port() calls ib_device_get_netdev… | |||
| CVE-2026-43277 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghes_new() prevents allocating too large records, by chec… | |||
| CVE-2026-43273 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot con… | |||
| CVE-2026-43272 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is… | |||
| CVE-2026-43271 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences t… | |||
| CVE-2026-43270 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference co… | |||
| CVE-2026-43269 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some dr… | |||
| CVE-2026-43268 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires an… | |||
| CVE-2026-43267 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_i… | |||
| CVE-2026-43266 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is … | |||
| CVE-2026-43265 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a b… | |||
| CVE-2026-43264 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount i… | |||
| CVE-2026-43262 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recu… | |||
| CVE-2026-43261 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer… | |||
| CVE-2026-43259 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove(). | |||
| CVE-2026-43257 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by c… | |||
| CVE-2026-43255 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usb_tx_block The function usb_tx_block() submits cardp->tx_urb without ensuring that any previous … | |||
| CVE-2026-43252 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating … | |||
| CVE-2026-43251 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm->input_ep82 Fake USB devices can send their own report descriptors for which the input_mappi… | |||
| CVE-2026-43247 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. T… | |||
| CVE-2026-43246 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated … | |||
| CVE-2026-43244 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in frag_list on partial sendmsg error Syzkaller reported a warning in kcm_write_msgs() when processing a m… | |||
| CVE-2026-43243 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src Trying to access link enc on a dpia link will cause a crash o… | |||
| CVE-2026-43242 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the… | |||
| CVE-2026-43240 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limit… | |||
| CVE-2026-43238 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash() Commit 38a6f0865796 ("net: sched: support hash selecting tx queu… | |||
| CVE-2026-43235 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - get_vpu_buffer_si… | |||
| CVE-2026-43234 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU event when unregistering slave syzbot is reporting unregister_netdevice: waiting for netdevsim0 t… | |||
| CVE-2026-43231 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usb_keene_probe(). The v4l2 control handler is initialized… | |||
| CVE-2026-43229 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of … | |||
| CVE-2026-43228 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUG_ON with error handling for CNID count checks In a06ec283e125 next_id, folder_count, and file_count in the super … | |||
| CVE-2026-43227 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/sh_tmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clocke… | |||
| CVE-2026-43225 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix memory leak on failure path cfg80211_inform_bss_frame() may return NULL on failure. In that case, the all… | |||
| CVE-2026-43224 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix sgtable leak on mapping failures In an unlikely case when io_populate_area_dma() fails, which could only happe… | |||
| CVE-2026-43223 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to su… | |||
| CVE-2026-43221 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2… | |||
| CVE-2026-43220 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait ra… | |||
| CVE-2026-43219 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: cpsw_new: Fix potential unregister of netdev that has not been registered yet If an error occurs during register_netdev() fo… | |||
| CVE-2026-43218 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903_probe() In one of the error paths in tw9903_probe(), the memory allocated … | |||
| CVE-2026-43217 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_clos… | |||
| CVE-2026-43216 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skb_may_tx_timestamp() skb_may_tx_timestamp() may acquire sock::sk_callback_lock. The lock must not be take… | |||
| CVE-2026-43210 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in … | |||
| CVE-2026-43209 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minix_check_superblock() The fs/minix implementation of the minix filesystem does not curr… | |||
| CVE-2026-43204 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce ("ASoC: qcom: q6asm: handle the responses afte… | |||
| CVE-2026-43202 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: vt8500lcdfb: fix missing dma_free_coherent() fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed… | |||
| CVE-2026-43201 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an inco… | |||
| CVE-2026-43200 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions struct configfs_item_operations callb… | |||
| CVE-2026-43195 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size mus… | |||
| CVE-2026-43193 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg() Claude pointed out that there is a nfs4_file refcount leak in nfsd_get_… | |||
| CVE-2026-43192 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dm_put_device when failing to get scsi dh name When commit fd81bc5cca8f ("scsi: device_handler: Return erro… | |||
| CVE-2026-43191 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 th… | |||
| CVE-2026-43189 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwn… | |||
| CVE-2026-43188 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, move_dirty_folio_in_page_array() ma… | |||
| CVE-2026-43183 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix a resource leak in cx25821_dev_setup() Add release_mem_region() if ioremap() fails to release the memory regi… | |||
| CVE-2026-43182 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: ccs: Avoid possible division by zero Calculating maximum M for scaler configuration involves dividing by MIN_X_OUTPUT_SIZE… | |||
| CVE-2026-43181 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO … | |||
| CVE-2026-43179 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits for invalid metabox-enabled images Crafted EROFS images with metadata compression enabled can tr… | |||
| CVE-2026-43177 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6_pci_probe() were jumping directly to out_ipu… | |||
| CVE-2026-43175 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clk_hw, make sure ther… | |||
| CVE-2026-43174 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right… | |||
| CVE-2026-43173 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: xscale: Check for PTP support properly In ixp4xx_get_ts_info() ixp46x_ptp_find() is called unconditionally despite… | |||
| CVE-2026-43171 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cper_print_fw_err() doesn't check if the error record length i… | |||
| CVE-2026-43170 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3_gadget_vbus_draw() can be called from atomic context, which… | |||
| CVE-2026-43169 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUG_ON by validating rounded allocation When DRM_BUDDY_CONTIGUOUS_ALLOCATION is set, the requested size is rou… | |||
| CVE-2026-43168 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec ("ocfs2: fix xattr array entry __counted_by error") doesn't handle … | |||
| CVE-2026-43167 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEV_UNREGISTER event syzbot is reporting that "struct xfrm_state" refcount is leaking… |