CVEs from 2026
Total
13,460
critical
critical 1,176
high
high 4,283
medium
medium 4,162
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43346 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: ice: ptp: don't WARN when controlling PF is unavailable In VFIO passthrough setups, it is possible to pass through only a PF whic… | |||
| CVE-2026-43344 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbep_pci2phy_map_init(), in the nr_node_ids > 8 path, uncore_device_t… | |||
| CVE-2026-43343 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_subset: Fix unbalanced refcnt in geth_free geth_alloc() increments the reference count, but geth_free() fails to d… | |||
| CVE-2026-43340 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: comedi: Reinit dev->spinlock between attachments to low-level drivers `struct comedi_device` is the main controlling structure fo… | |||
| CVE-2026-43338 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our qgroup ioctls don't reserve any space, they just do a tra… | |||
| CVE-2026-43337 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference in dcn401_init_hw() dcn401_init_hw() assumes that update_bw_bounding_box() is valid… | |||
| CVE-2026-43335 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sm8450: Fix NULL pointer dereference in icc_link_nodes() The change to dynamic IDs for SM8450 platform interc… | |||
| CVE-2026-43333 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: bpf: reject direct access to nullable PTR_TO_BUF pointers check_mem_access() matches PTR_TO_BUF via base_type() which strips PTR_… | |||
| CVE-2026-43331 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Disable KCOV instrumentation after load_segments() The load_segments() function changes segment registers, invalidatin… | |||
| CVE-2026-43327 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: USB: dummy-hcd: Fix locking/synchronization error Syzbot testing was able to provoke an addressing exception and crash in the usb… | |||
| CVE-2026-43326 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix SCX_KICK_WAIT deadlock by deferring wait to balance callback SCX_KICK_WAIT busy-waits in kick_cpus_irq_workfn() us… | |||
| CVE-2026-43325 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't send a 6E related command when not supported MCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not s… | |||
| CVE-2026-43323 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix zero_vruntime tracking fix John reported that stress-ng-yield could make his machine unhappy and managed to bisec… | |||
| CVE-2026-43320 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue [why] Need to add function hook check before use | |||
| CVE-2026-43319 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: spi: spidev: fix lock inversion between spi_lock and buf_lock The spidev driver previously used two mutexes, spi_lock and buf_loc… | |||
| CVE-2026-43318 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify Invalidating a dmabuf will impact other users of the shared BO. In th… | |||
| CVE-2026-43317 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: most: core: fix leak on early registration failure A recent commit fixed a resource leak on early registration failures but for s… | |||
| CVE-2026-43316 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: solo6x10: Check for out of bounds chip_id Clang with CONFIG_UBSAN_SHIFT=y noticed a condition where a signed type (literal… | |||
| CVE-2026-43315 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Remove a user-triggerable WARN on nested_svm_load_cr3() succeeding Drop the WARN in svm_set_nested_state() on nested_s… | |||
| CVE-2026-43314 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 ("blk-mq: move failure injection out of blk_mq_complete_r… | |||
| CVE-2026-43313 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() In acpi_processor_errata_piix4(), the pointer dev … | |||
| CVE-2026-43312 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Initialize subdev before controls In ov5647_init_controls() we call v4l2_get_subdevdata, but it is initialize… | |||
| CVE-2026-43311 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: soc/tegra: pmc: Fix unsafe generic_handle_irq() call Currently, when resuming from system suspend on Tegra platforms, the followi… | |||
| CVE-2026-43310 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: th… | |||
| CVE-2026-43309 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID a… | |||
| CVE-2026-43308 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() There is no need to BUG(), we can just return an error… | |||
| CVE-2026-43306 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: bpf: crypto: Use the correct destructor kfunc type With CONFIG_CFI enabled, the kernel strictly enforces that indirect function c… | |||
| CVE-2026-43305 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path [Why] The evaluation for whether we need to use the DMU… | |||
| CVE-2026-43302 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIG_DMA_API_DEBUG enabled, the kernel occa… | |||
| CVE-2026-43301 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix PM runtime usage count underflow Replace pm_runtime_put_sync() with pm_runtime_dont_use_autosuspen… | |||
| CVE-2026-43300 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() In jdi_panel_dsi_remove(), jdi is explicitly checked… | |||
| CVE-2026-43299 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure() [BUG] There is a bug report that when btrfs hits ENO… | |||
| CVE-2026-43298 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Skip vcn poison irq release on VF VF doesn't enable VCN poison irq in VCNv2.5. Skip releasing it and avoid call trace… | |||
| CVE-2026-43297 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init() rga_get_frame() can return ERR_PTR(-EINVAL) when buffer … | |||
| CVE-2026-43295 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() When idtab allocation fails, net is not registered with rio_… | |||
| CVE-2026-43294 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels Since commit 56de5e305d4b ("clk: renesas: r9a07g04… | |||
| CVE-2026-43293 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix kthread worker destruction in polling mode Fix the cleanup order in polling mode (irq < 0) to prev… | |||
| CVE-2026-43292 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node When CONFIG_PAGE_OWNER is enabled, freeing KASAN shadow pages during… | |||
| CVE-2026-43289 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: kexec: derive purgatory entry from symbol kexec_load_purgatory() derives image->start by locating e_entry inside an SHF_EXECINSTR… | |||
| CVE-2026-43288 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: move ext4_percpu_param_init() before ext4_mb_init() When running `kvm-xfstests -c ext4/1k -C 1 generic/383` with the `DOUBL… | |||
| CVE-2026-43287 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: drm: Account property blob allocations to memcg DRM_IOCTL_MODE_CREATEPROPBLOB allows userspace to allocate arbitrary-sized proper… | |||
| CVE-2026-43286 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 ("mm: hugetlb: fix incorrect fallback for subpool")… | |||
| CVE-2026-43285 | medium | 5.5 | 5.5 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: mm/slab: do not access current->mems_allowed_seq if !allow_spin Lockdep complains when get_from_any_partial() is called in an NMI… | |||
| CVE-2026-8149 | medium | — | 5.5 | 23d ago | Bouncy Castle has a vulnerability in program files gcm128w, gcm512w | |||
| CVE-2026-43942 | medium | 5.5 | 5.5 | 23d ago | Electerm's full process.env exposed to renderer via window.pre.env | |||
| CVE-2026-41646 | medium | 5.5 | 5.5 | 23d ago | Nuclei: Local File Read via require() Module Loader Bypass | |||
| CVE-2026-8124 | medium | 5.5 | 5.5 | 23d ago | A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation of resources. … | |||
| CVE-2026-8119 | medium | 5.5 | 5.5 | 24d ago | A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_by_id in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation resul… | |||
| CVE-2026-8088 | medium | 5.5 | 5.5 | 24d ago | A weakness has been identified in OSGeo gdal up to 3.13.0dev-4. The affected element is the function GDfieldinfo of the file frmts/hdf4/hdf-eos/GDapi.c. Executing a manipulation can lead to out-of-bo… | |||
| CVE-2026-42259 | medium | — | 5.5 | 24d ago | Saltcorn: Open Redirect in `POST /auth/login` due to incomplete `is_relative_url` validation (backslash bypass) | |||
| CVE-2026-8084 | medium | 5.5 | 5.5 | 24d ago | A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This… | |||
| CVE-2026-32686 | medium | — | 5.5 | 24d ago | Decimal: Unbounded exponent in `Decimal.new` enables unauthenticated DoS | |||
| CVE-2026-33554 | medium | — | 5.5 | 25d ago | RHSA-2026:20579: freeipmi security update (Moderate) | |||
| CVE-2026-3291 | medium | 5.5 | 5.5 | 25d ago | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate … | |||
| CVE-2026-42458 | medium | — | 5.5 | 25d ago | Magento LTS: Reflected XSS - Import -> Data Flow (profiles) | |||
| CVE-2026-43282 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port The function ionic_query_port() calls ib_device_get_netdev… | |||
| CVE-2026-43277 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghes_new() prevents allocating too large records, by chec… | |||
| CVE-2026-43273 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot con… | |||
| CVE-2026-43272 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is… | |||
| CVE-2026-43271 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences t… | |||
| CVE-2026-43270 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference co… | |||
| CVE-2026-43269 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some dr… | |||
| CVE-2026-43268 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires an… | |||
| CVE-2026-43267 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_i… | |||
| CVE-2026-43266 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is … | |||
| CVE-2026-43265 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a b… | |||
| CVE-2026-43264 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount i… | |||
| CVE-2026-43262 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recu… | |||
| CVE-2026-43261 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer… | |||
| CVE-2026-43259 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove(). | |||
| CVE-2026-43257 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by c… | |||
| CVE-2026-43255 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usb_tx_block The function usb_tx_block() submits cardp->tx_urb without ensuring that any previous … | |||
| CVE-2026-43252 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating … | |||
| CVE-2026-43251 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm->input_ep82 Fake USB devices can send their own report descriptors for which the input_mappi… | |||
| CVE-2026-43247 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. T… | |||
| CVE-2026-43246 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated … | |||
| CVE-2026-43244 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in frag_list on partial sendmsg error Syzkaller reported a warning in kcm_write_msgs() when processing a m… | |||
| CVE-2026-43243 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src Trying to access link enc on a dpia link will cause a crash o… | |||
| CVE-2026-43242 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the… | |||
| CVE-2026-43240 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limit… | |||
| CVE-2026-43238 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash() Commit 38a6f0865796 ("net: sched: support hash selecting tx queu… | |||
| CVE-2026-43235 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - get_vpu_buffer_si… | |||
| CVE-2026-43234 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU event when unregistering slave syzbot is reporting unregister_netdevice: waiting for netdevsim0 t… | |||
| CVE-2026-43231 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: radio-keene: fix memory leak in error path Fix a memory leak in usb_keene_probe(). The v4l2 control handler is initialized… | |||
| CVE-2026-43229 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of … | |||
| CVE-2026-43228 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUG_ON with error handling for CNID count checks In a06ec283e125 next_id, folder_count, and file_count in the super … | |||
| CVE-2026-43227 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/sh_tmu: Always leave device running after probe The TMU device can be used as both a clocksource and a clocke… | |||
| CVE-2026-43225 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix memory leak on failure path cfg80211_inform_bss_frame() may return NULL on failure. In that case, the all… | |||
| CVE-2026-43224 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix sgtable leak on mapping failures In an unlikely case when io_populate_area_dma() fails, which could only happe… | |||
| CVE-2026-43223 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix URB leak in pvr2_send_request_ex When pvr2_send_request_ex() submits a write URB successfully but fails to su… | |||
| CVE-2026-43221 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2… | |||
| CVE-2026-43220 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait ra… | |||
| CVE-2026-43219 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: cpsw_new: Fix potential unregister of netdev that has not been registered yet If an error occurs during register_netdev() fo… | |||
| CVE-2026-43218 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9903: Fix potential memory leak in tw9903_probe() In one of the error paths in tw9903_probe(), the memory allocated … | |||
| CVE-2026-43217 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iris_kill_session, inst->state is set to IRIS_INST_ERROR and session_clos… | |||
| CVE-2026-43216 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skb_may_tx_timestamp() skb_may_tx_timestamp() may acquire sock::sk_callback_lock. The lock must not be take… | |||
| CVE-2026-43210 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in … | |||
| CVE-2026-43209 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minix_check_superblock() The fs/minix implementation of the minix filesystem does not curr… | |||
| CVE-2026-43204 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce ("ASoC: qcom: q6asm: handle the responses afte… | |||
| CVE-2026-43202 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: vt8500lcdfb: fix missing dma_free_coherent() fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed… |