CVEs from 2026
Total
13,464
critical
critical 1,177
high
high 4,294
medium
medium 4,166
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43210 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: tracing: ring-buffer: Fix to check event length before using Check the event length before adding it for accessing next index in … | |||
| CVE-2026-43209 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minix_check_superblock() The fs/minix implementation of the minix filesystem does not curr… | |||
| CVE-2026-43204 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce ("ASoC: qcom: q6asm: handle the responses afte… | |||
| CVE-2026-43202 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: fbdev: vt8500lcdfb: fix missing dma_free_coherent() fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed… | |||
| CVE-2026-43201 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an inco… | |||
| CVE-2026-43200 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions struct configfs_item_operations callb… | |||
| CVE-2026-43195 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size mus… | |||
| CVE-2026-43193 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg() Claude pointed out that there is a nfs4_file refcount leak in nfsd_get_… | |||
| CVE-2026-43192 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dm_put_device when failing to get scsi dh name When commit fd81bc5cca8f ("scsi: device_handler: Return erro… | |||
| CVE-2026-43191 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 th… | |||
| CVE-2026-43189 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwn… | |||
| CVE-2026-43188 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, move_dirty_folio_in_page_array() ma… | |||
| CVE-2026-43183 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix a resource leak in cx25821_dev_setup() Add release_mem_region() if ioremap() fails to release the memory regi… | |||
| CVE-2026-43182 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: ccs: Avoid possible division by zero Calculating maximum M for scaler configuration involves dividing by MIN_X_OUTPUT_SIZE… | |||
| CVE-2026-43181 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO … | |||
| CVE-2026-43179 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits for invalid metabox-enabled images Crafted EROFS images with metadata compression enabled can tr… | |||
| CVE-2026-43177 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: ipu6: Fix RPM reference leak in probe error paths Several error paths in ipu6_pci_probe() were jumping directly to out_ipu… | |||
| CVE-2026-43175 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: clk: rs9: Reserve 8 struct clk_hw slots for for 9FGV0841 The 9FGV0841 has 8 outputs and registers 8 struct clk_hw, make sure ther… | |||
| CVE-2026-43174 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix post open error handling Closing a queue doesn't guarantee that all associated page pools are terminated right… | |||
| CVE-2026-43173 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: xscale: Check for PTP support properly In ixp4xx_get_ts_info() ixp46x_ptp_find() is called unconditionally despite… | |||
| CVE-2026-43171 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't dump the entire memory region The current logic at cper_print_fw_err() doesn't check if the error record length i… | |||
| CVE-2026-43170 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3_gadget_vbus_draw() can be called from atomic context, which… | |||
| CVE-2026-43169 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/buddy: Prevent BUG_ON by validating rounded allocation When DRM_BUDDY_CONTIGUOUS_ALLOCATION is set, the requested size is rou… | |||
| CVE-2026-43168 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix reflink preserve cleanup issue commit c06c303832ec ("ocfs2: fix xattr array entry __counted_by error") doesn't handle … | |||
| CVE-2026-43167 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: always flush state and policy upon NETDEV_UNREGISTER event syzbot is reporting that "struct xfrm_state" refcount is leaking… | |||
| CVE-2026-43165 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin When calling of_parse_phandle_with_args(), the caller is respon… | |||
| CVE-2026-43162 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: tegra-video: Fix memory leak in __tegra_channel_try_format() The state object allocated by __v4l2_subdev_state_alloc() mus… | |||
| CVE-2026-43161 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed th… | |||
| CVE-2026-43160 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: mfd: macsmc: Initialize mutex Initialize struct apple_smc's mutex in apple_smc_probe(). Using the mutex uninitialized surprisingl… | |||
| CVE-2026-43159 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix null dereference in find_network The variable pwlan has the possibility of being NULL when passed into rt… | |||
| CVE-2026-43157 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: CGX: fix bitmap leaks The RX/TX flow-control bitmaps (rx_fc_pfvf_bmap and tx_fc_pfvf_bmap) are allocated by cgx_lma… | |||
| CVE-2026-43156 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: enable basic endpoint checking pegasus_probe() fills URBs with hardcoded endpoint pipes without verifying the … | |||
| CVE-2026-43155 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: mux: mmio: fix regmap leak on probe failure The mmio regmap that may be allocated during probe is never freed. Switch to using t… | |||
| CVE-2026-43154 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: erofs: fix incorrect early exits in volume label handling Crafted EROFS images containing valid volume labels can trigger incorre… | |||
| CVE-2026-43152 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used. | |||
| CVE-2026-43151 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert t… | |||
| CVE-2026-43149 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() The priv->rx_buffer and priv->tx_buffer are alloc'd together a… | |||
| CVE-2026-43148 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() As kcalloc() may fail, check its return value to avoid a NU… | |||
| CVE-2026-43147 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" This reverts commit 05703271c3cd ("PCI/IOV: Add PC… | |||
| CVE-2026-43146 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move `list_add_tail()` to after `dma_alloc_attrs()` succeeds whe… | |||
| CVE-2026-43145 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix invalid loaded resource table detection imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a… | |||
| CVE-2026-43144 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential kernel oops when probe fails When probe of the sdio brcmfmac device fails for some reasons (i.e. mi… | |||
| CVE-2026-43143 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfd_of_node_list' Manipulating a list in the kernel isn't safe without some sort of mutual exclusi… | |||
| CVE-2026-43142 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not de… | |||
| CVE-2026-43140 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc->input Fake USB devices can send their own report descriptors for which the input_ma… | |||
| CVE-2026-43137 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the top… | |||
| CVE-2026-43136 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can … | |||
| CVE-2026-43135 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add missing unmap in snd_cx23885_hw_params() In error path, add cx23885_alsa_dma_unmap() to release the resource … | |||
| CVE-2026-43132 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: dm-verity: correctly handle dm_bufio_client_create() failure If either of the calls to dm_bufio_client_create() in verity_fec_ctr… | |||
| CVE-2026-43131 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix null pointer dereference issue If SMU is disabled, during RAS initialization, there will be null pointer derefere… | |||
| CVE-2026-43130 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Flush dev-IOTLB only when PCIe device is accessible in scalable mode Commit 4fc82cd907ac ("iommu/vt-d: Don't issue AT… | |||
| CVE-2026-43129 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in ima_restore_measurement_… | |||
| CVE-2026-43127 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in run_unpack_ex Syzbot reported a circular locking dependency between wnd->rw_lock (sbi->… | |||
| CVE-2026-43124 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: pstore: ram_core: fix incorrect success return when vmap() fails In persistent_ram_vmap(), vmap() may return NULL on failure. If… | |||
| CVE-2026-43123 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: fbcon: check return value of con2fb_acquire_newinfo() If fbcon_open() fails when called from con2fb_acquire_newinfo() then info->… | |||
| CVE-2026-43122 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ACPI: processor: Update cpuidle driver check in __acpi_processor_start() Commit 7a8c994cbb2d ("ACPI: processor: idle: Optimize AC… | |||
| CVE-2026-43119 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: annotate data-races around hdev->req_status __hci_cmd_sync_sk() sets hdev->req_status under hdev->req_lock: … | |||
| CVE-2026-43118 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name o… | |||
| CVE-2026-43115 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: srcu: Use irq_work to start GP in tiny SRCU Tiny SRCU's srcu_gp_start_if_needed() directly calls schedule_work(), which acquires … | |||
| CVE-2026-43109 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstk_pop_sigframe() doesn't check for errors from mmap_… | |||
| CVE-2026-43108 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei It looks element length declared in servreg_loc_pfr_req_ei for… | |||
| CVE-2026-43107 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMA_IF_ID in aevent size calculation xfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then build… | |||
| CVE-2026-43105 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix memory leak of BO array in hang state The hang state's BO array is allocated separately with kzalloc() in vc4_save_h… | |||
| CVE-2026-43104 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix a memory leak in hang state error path When vc4_save_hang_state() encounters an early return condition, it returns w… | |||
| CVE-2026-43103 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: lapbether: handle NETDEV_PRE_TYPE_CHANGE lapbeth_data_transmit() expects the underlying device type to be ARPHRD_ETHER. Ret… | |||
| CVE-2026-43102 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix memory leak in airoha_qdma_rx_process() If an error occurs on the subsequents buffers belonging to the non-linea… | |||
| CVE-2026-43100 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: bridge: guard local VLAN-0 FDB helpers against NULL vlan group When CONFIG_BRIDGE_VLAN_FILTERING is not set, br_vlan_group() and … | |||
| CVE-2026-43098 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: nfc: s3fwrn5: allocate rx skb before consuming bytes s3fwrn82_uart_read() reports the number of accepted bytes to the serdev core… | |||
| CVE-2026-43096 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions … | |||
| CVE-2026-43095 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdca_irq_populate() from component probe using devm_request_thread… | |||
| CVE-2026-43094 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiate_features op to Hyper-V ops table Commit a7075f501bd3 ("ixgbevf: fix mailbox API compatibility by n… | |||
| CVE-2026-43092 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AF_XDP bind currently accepts zero-copy pool configurations without verifying… | |||
| CVE-2026-43090 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: fix refcount leak in xfrm_migrate_policy_find syzkaller reported a memory leak in xfrm_policy_alloc: BUG: memory leak … | |||
| CVE-2026-43089 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_mapping() struct xfrm_usersa_id has a one-byte padding hole after the proto field, which ends u… | |||
| CVE-2026-43088 | medium | 5.5 | 5.5 | 25d ago | In the Linux kernel, the following vulnerability has been resolved: net: af_key: zero aligned sockaddr tail in PF_KEY exports PF_KEY export paths use `pfkey_sockaddr_size()` when reserving sockaddr… | |||
| CVE-2026-43073 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various his… | |||
| CVE-2026-43072 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so … | |||
| CVE-2026-43069 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_ll: Fix firmware leak on error path Smatch reports: drivers/bluetooth/hci_ll.c:587 download_firmware() warn: 'fw'… | |||
| CVE-2026-43068 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() There's issue as follows: ... EXT4-fs (mmcblk0p1): Dela… | |||
| CVE-2026-43066 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths During code review, Joseph found that ext4_fc_replay_inode() calls e… | |||
| CVE-2026-43065 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4_mb_release() While reviewing recent ext4 patch[1], Sashiko raised the following co… | |||
| CVE-2026-43064 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release() The workqueue associated with an DSA/IAA device is not released when t… | |||
| CVE-2026-43061 | medium | 5.5 | 5.5 | 26d ago | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA `dmaengine_terminate_async` does not guarantee that the `__dma_tx_complete` callback… | |||
| CVE-2026-39103 | medium | 5.5 | 5.5 | 26d ago | Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_string… | |||
| CVE-2026-5247 | medium | 5.5 | 5.5 | 27d ago | The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction] shortcode in all versions up to,… | |||
| CVE-2026-29111 | medium | — | 5.5 | 27d ago | Moderate: systemd security update | |||
| CVE-2026-31958 | medium | — | 5.5 | 27d ago | Moderate: pcs security update | |||
| CVE-2026-35536 | medium | — | 5.5 | 27d ago | Moderate: python-tornado security update | |||
| CVE-2026-41891 | medium | — | 5.5 | 27d ago | CI4MS has a Deactivated User Session Bypass (active=0) | |||
| CVE-2026-41890 | medium | — | 5.5 | 27d ago | CI4MS Vulnerable to Arbitrary Database Table Drop via Theme deleteProcess | |||
| CVE-2026-42309 | medium | 5.5 | 5.5 | 27d ago | Pillow has a heap buffer overflow with nested list coordinates | |||
| CVE-2026-42146 | medium | 5.5 | 5.5 | 27d ago | CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is used directly to compute an allocation size without validating it aga… | |||
| CVE-2026-6501 | medium | — | 5.5 | 27d ago | jOpenDocument has an improper restriction of XML external entity reference vulnerability | |||
| CVE-2026-43077 | medium | 5.5 | 5.5 | 28d ago | RHSA-2026:13578: kernel-rt security update (Important) | |||
| CVE-2026-6525 | medium | 5.5 | 5.5 | 29d ago | IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 | |||
| CVE-2026-43058 | medium | 5.5 | 5.5 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their… | |||
| CVE-2026-39805 | medium | — | 5.5 | 1mo ago | Bandit is vulnerable to CL.CL request smuggling via unrejected duplicate `Content-Length` header | |||
| CVE-2026-39807 | medium | — | 5.5 | 1mo ago | Bandit trusts client-supplied URI scheme on plaintext connections | |||
| CVE-2026-42788 | medium | — | 5.5 | 1mo ago | Bandit HTTP/2 Frame Size Limit Bypass via Late Buffer Check Enables Memory Exhaustion | |||
| CVE-2026-21996 | medium | 5.5 | 5.5 | 1mo ago | An unprivileged attacker can reliably trigger a crash of the dtrace process with a malicious ELF binary due to an integer Divide-by-Zero in Pbuild_file_symtab() |