CVEs from 2026
Total
14,798
critical
critical 1,335
high
high 5,011
medium
medium 4,834
low
low 504
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-0885 | high | — | 8.0 | 5mo ago | Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0877 | high | — | 8.0 | 5mo ago | Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0878 | high | — | 8.0 | 5mo ago | Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0883 | high | — | 8.0 | 5mo ago | Information disclosure in the Networking component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0879 | high | — | 8.0 | 5mo ago | Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140… | |||
| CVE-2026-0880 | high | — | 8.0 | 5mo ago | Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0884 | high | — | 8.0 | 5mo ago | Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0882 | high | — | 8.0 | 5mo ago | Use-after-free in the IPC component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0887 | high | — | 8.0 | 5mo ago | Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0891 | high | — | 8.0 | 5mo ago | Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort… | |||
| CVE-2026-0886 | high | — | 8.0 | 5mo ago | Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-0890 | high | — | 8.0 | 5mo ago | Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7. | |||
| CVE-2026-20931 | high | 8.0 | 8.0 | 5mo ago | External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-22029 | high | 8.0 | 8.0 | 5mo ago | React Router is a router for React. In @remix-run/router version prior to 1.23.2 and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from l… | |||
| CVE-2026-21441 | high | — | 8.0 | 5mo ago | Important: fence-agents security update | |||
| CVE-2026-35266 | high | 7.9 | 7.9 | 10d ago | Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network a… | |||
| CVE-2026-44711 | high | 7.9 | 7.9 | 11d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption… | |||
| CVE-2026-46076 | high | 7.9 | 7.9 | 11d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a #UD for VMMCALL if L2 is active, L1 doe… | |||
| CVE-2026-41217 | high | 7.9 | 7.9 | 25d ago | A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system comman… | |||
| CVE-2026-43133 | high | 7.9 | 7.9 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation Commit cc3ed80ae69f ("KVM: nSVM: always use vmcb01 to for vmsave/vmload o… | |||
| CVE-2026-50264 | high | 7.8 | 7.8 | 2d ago | An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFro… | |||
| CVE-2026-50261 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via … | |||
| CVE-2026-50260 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroy… | |||
| CVE-2026-50259 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function Ch… | |||
| CVE-2026-50258 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify o… | |||
| CVE-2026-50257 | high | 7.8 | 7.8 | 2d ago | A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attack… | |||
| CVE-2026-50256 | high | 7.8 | 7.8 | 2d ago | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow… | |||
| CVE-2026-21031 | high | 7.8 | 7.8 | 2d ago | Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability. | |||
| CVE-2026-21030 | high | 7.8 | 7.8 | 2d ago | Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions. | |||
| CVE-2026-21029 | high | 7.8 | 7.8 | 2d ago | Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations. | |||
| CVE-2026-11332 | high | 7.8 | 7.8 | 2d ago | A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument deli… | |||
| CVE-2026-20245 | high | 7.8 | 7.8 | 3d ago | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to… | |||
| CVE-2026-11103 | high | 7.8 | 7.8 | 3d ago | Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security… | |||
| CVE-2026-11072 | high | 7.8 | 7.8 | 3d ago | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium) | |||
| CVE-2026-10942 | high | 7.8 | 7.8 | 3d ago | Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) | |||
| CVE-2026-25551 | high | 7.8 | 7.8 | 3d ago | Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remot… | |||
| CVE-2026-50209 | high | 7.8 | 7.8 | 3d ago | Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. | |||
| CVE-2026-50207 | high | 7.8 | 7.8 | 3d ago | The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity. | |||
| CVE-2026-49189 | high | 7.8 | 7.8 | 3d ago | Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. | |||
| CVE-2026-41859 | high | 7.8 | 7.8 | 3d ago | A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials (Basic auth header or UAA client secret) and can tamper with the VM list that is written into th… | |||
| CVE-2026-40290 | high | 7.8 | 7.8 | 4d ago | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior … | |||
| CVE-2026-46271 | high | 7.8 | 7.8 | 4d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link In case of multi-link connection, WCN7850 firmware crashes due to WoW offloads… | |||
| CVE-2026-46263 | high | 7.8 | 7.8 | 4d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 eng_id can be negative and that stream_enc_regs[] can be indexed out o… | |||
| CVE-2026-46260 | high | 7.8 | 7.8 | 4d ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node(). syzbot reported out-of-bound read in fib6_add_rt2node(). [0] When IPv6 rout… | |||
| CVE-2026-46259 | high | 7.8 | 7.8 | 4d ago | In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in do_task_stat() When reading /proc/[pid]/stat, do_task_stat() acces… | |||
| CVE-2026-46253 | high | 7.8 | 7.8 | 4d ago | In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistent_ram_save_old() persistent_ram_save_old() can be called multiple times for the same … | |||
| CVE-2026-8036 | high | 7.8 | 7.8 | 5d ago | Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This vulnerability affects NI-PAL 26.3.0 and p… | |||
| CVE-2026-40715 | high | 7.8 | 7.8 | 5d ago | Dell ThinOS 10, versions prior to ThinOS10 2602_10.0765, contain an Improper Access Control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, le… | |||
| CVE-2026-24237 | high | 7.8 | 7.8 | 5d ago | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampe… | |||
| CVE-2026-24221 | high | 7.8 | 7.8 | 5d ago | NVIDIA NVTabular contains a vulnerability where an attacker could cause improper deserialization of untrusted data. A successful exploit of this vulnerability might lead to code execution, data tampe… | |||
| CVE-2026-40619 | high | 7.8 | 7.8 | 5d ago | A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admi… | |||
| CVE-2026-25260 | high | 7.8 | 7.8 | 6d ago | Memory Corruption when accessing shared buffers without validation of concurrent user-mode input modifications. | |||
| CVE-2026-25259 | high | 7.8 | 7.8 | 6d ago | Memory corruption while processing multiple IOCTL command for escape operations. | |||
| CVE-2026-25258 | high | 7.8 | 7.8 | 6d ago | Memory corruption while processing IOCTL calls for escape operations. | |||
| CVE-2026-28580 | high | 7.8 | 7.8 | 6d ago | In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use… | |||
| CVE-2026-28577 | high | 7.8 | 7.8 | 6d ago | In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privi… | |||
| CVE-2026-0100 | high | 7.8 | 7.8 | 6d ago | In Load of LoadedArsc.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User… | |||
| CVE-2026-0099 | high | 7.8 | 7.8 | 6d ago | In onNullBinding of HostEmulationManager.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation of privilege wit… | |||
| CVE-2026-0098 | high | 7.8 | 7.8 | 6d ago | In getCallingPackageName of Shared.java, there is a possible way to bypass activity start restrictions due to a confused deputy. This could lead to local escalation of privilege with no additional ex… | |||
| CVE-2026-0096 | high | 7.8 | 7.8 | 6d ago | In getAppLabel of ForgetDeviceDialogFragment.java, there is a possible trick the user into forgetting a device due to misleading or insufficient UI. This could lead to local escalation of privilege w… | |||
| CVE-2026-0094 | high | 7.8 | 7.8 | 6d ago | In getApplicationLabel of KeyChainActivity.java, there is a possible way to trick the user into approving access to certificates due to misleading or insufficient UI. This could lead to local escalat… | |||
| CVE-2026-0093 | high | 7.8 | 7.8 | 6d ago | In multiple locations, there is a possible misleading UI due to obfuscation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n… | |||
| CVE-2026-0091 | high | 7.8 | 7.8 | 6d ago | In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execut… | |||
| CVE-2026-0089 | high | 7.8 | 7.8 | 6d ago | In multiple functions of PackageInstallerService.java, there is a possible way to install unverified apps due to a missing permission check. This could lead to local escalation of privilege with no a… | |||
| CVE-2026-0088 | high | 7.8 | 7.8 | 6d ago | In getCallingAppLabel of CertInstaller.java, there is a possible way to hide a sensitive security dialogue due to misleading or insufficient UI. This could lead to local escalation of privilege with … | |||
| CVE-2026-0087 | high | 7.8 | 7.8 | 6d ago | In approvalLevelForDomainInternal of DomainVerificationService.java, there is a possible way to hijack an arbitrary app link due to a logic error in the code. This could lead to local escalation of p… | |||
| CVE-2026-0078 | high | 7.8 | 7.8 | 6d ago | In setGlobalProxy of DevicePolicyManagerService.java, there is a possible desync in persistence due to improper input validation. This could lead to local escalation of privilege with no additional e… | |||
| CVE-2026-0077 | high | 7.8 | 7.8 | 6d ago | In resumeConfigurationDispatch of ActivityRecord.java, there is a possible background application launch (bal) due to a logic error in the code. This could lead to local escalation of privilege with … | |||
| CVE-2026-0076 | high | 7.8 | 7.8 | 6d ago | In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges… | |||
| CVE-2026-0045 | high | 7.8 | 7.8 | 6d ago | In bta_jv_rfcomm_connect of bta_jv_act.cc, there is a possible bypass of bonding for a secure connection due to a logic error in the code. This could lead to local escalation of privilege with no add… | |||
| CVE-2026-0036 | high | 7.8 | 7.8 | 6d ago | In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution priv… | |||
| CVE-2026-0009 | high | 7.8 | 7.8 | 6d ago | In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti… | |||
| CVE-2026-43958 | high | 7.8 | 7.8 | 6d ago | A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulner… | |||
| CVE-2026-0072 | high | 7.8 | 7.8 | 6d ago | In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional executi… | |||
| CVE-2026-8501 | high | 7.8 | 7.8 | 6d ago | Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IO… | |||
| CVE-2026-38950 | high | 7.8 | 7.8 | 6d ago | An issue in ESA AnomalyMatch before 1.3.1 allow attackers to execute arbitrary code via crafted model checkpoint files. The affected components load model files from session directories using torch.l… | |||
| CVE-2026-10118 | high | 7.8 | 7.8 | 6d ago | A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatte… | |||
| CVE-2026-32325 | high | 7.8 | 7.8 | 6d ago | Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affec… | |||
| CVE-2026-27788 | high | 7.8 | 7.8 | 6d ago | Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can l… | |||
| CVE-2026-20455 | high | 7.8 | 7.8 | 6d ago | In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. U… | |||
| CVE-2026-46242 | high | 7.8 | 7.8 | 8d ago | In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file UAF ep_remove() (via ep_remove_file()) cleared file->f_ep under file->f_l… | |||
| CVE-2026-49382 | high | 7.8 | 7.8 | 9d ago | In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin | |||
| CVE-2026-49366 | high | 7.8 | 7.8 | 9d ago | In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion | |||
| CVE-2026-45555 | high | 7.8 | 7.8 | 9d ago | Roslyn CodeLens MCP Server is a Roslyn-based MCP server providing semantic code intelligence for .NET codebases. From 0.0.9 to 1.17.0, the get_diagnostics MCP tool loads and executes all DiagnosticAn… | |||
| CVE-2026-40528 | high | 7.8 | 7.8 | 9d ago | OpenSC before 0.27.0, fixed in commit 0358817, contains a stack and heap buffer overrun vulnerability in the do_key_value() function in src/pkcs15init/profile.c that allows attackers to corrupt memor… | |||
| CVE-2026-9987 | high | 7.8 | 7.8 | 10d ago | Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium sec… | |||
| CVE-2026-47333 | high | 7.8 | 7.8 | 10d ago | Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification han… | |||
| CVE-2026-47331 | high | 7.8 | 7.8 | 10d ago | Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-fr… | |||
| CVE-2026-44463 | high | 7.8 | 7.8 | 10d ago | Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed by prepending environment variable assignments to allowlisted commands, hijacking program behavior (e.g.,… | |||
| CVE-2026-49237 | high | 7.8 | 7.8 | 10d ago | An issue was discovered in Canonical Multipass for macOS before version 1.16.3 due to an incomplete fix for CVE-2025-5199. While the patch in version 1.16.0 updated the ownership of the multipassd da… | |||
| CVE-2026-46240 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in iris_release_internal_buffers() The recent change in commit 1dabf00ee206 ("media: iris: gen1: … | |||
| CVE-2026-46227 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL The SCTP_SENDALL path in sctp_sendmsg() iterates ep->as… | |||
| CVE-2026-46215 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: drm: Set old handle to NULL before prime swap in change_handle There was a potential race condition in change_handle. The ioctl b… | |||
| CVE-2026-46210 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmt_src during MBPF check During concurrency testing, multiple instances can run in parallel, … | |||
| CVE-2026-46209 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() drm_gem_fb_init_with_funcs() computes sub-s… | |||
| CVE-2026-46208 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tp_meter sessions during mesh teardown TP meter sessions remain linked on bat_priv->tp_list after the netlink re… | |||
| CVE-2026-46206 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tp_meter sessions during teardown Prevent tp_meter from starting new sender or receiver sessions after mes… | |||
| CVE-2026-46205 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume … | |||
| CVE-2026-46201 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import() When xe_dma_buf_init_obj() fails, the attachment from dma_buf_dynami… | |||
| CVE-2026-46197 | high | 7.8 | 7.8 | 10d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds b… |