CVEs from 2026
Total
13,468
critical
critical 1,176
high
high 4,290
medium
medium 4,163
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43044 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: crypto: caam - fix DMA corruption on long hmac keys When a key longer than block size is supplied, it is copied and then hashed i… | |||
| CVE-2026-43033 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src … | |||
| CVE-2026-43030 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may retur… | |||
| CVE-2026-43027 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:21745: kernel-rt security update (Important) | |||
| CVE-2026-43023 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in sco_sock_connect() sco_sock_connect() checks sk_state and sk_type without holding the sock… | |||
| CVE-2026-43020 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:21745: kernel-rt security update (Important) | |||
| CVE-2026-43019 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync hci_conn lookup and field access must be covered by hdev lock in se… | |||
| CVE-2026-43016 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready(). syzbot reported use-after-free of AF_UNIX soc… | |||
| CVE-2026-43015 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix clk handling on PCI glue driver removal platform_device_unregister() may still want to use the registered clks dur… | |||
| CVE-2026-43009 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrack_insn encounters a BPF_STX instruction with BPF_A… | |||
| CVE-2026-43007 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Handle DBC deactivation if the owner went away When a DBC is released, the device sends a QAIC_TRANS_DEACTIVATE_FROM_… | |||
| CVE-2026-31782 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software even… | |||
| CVE-2026-31780 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the… | |||
| CVE-2026-31776 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix missing SPDIFI1 index handling SPDIF1 DAIO type isn't properly handled in daio_device_index() for hw20k2, and it… | |||
| CVE-2026-31772 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync hci_le_big_create_sync() uses DEFINE_FLEX to allocate a … | |||
| CVE-2026-31769 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpib_descriptor pointer aft… | |||
| CVE-2026-31768 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-adc161s626: use DMA-safe memory for spi_read() Add a DMA-safe buffer and use it for spi_read() instead of a stack me… | |||
| CVE-2026-31764 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: Set buffer sampling frequency for accelerometer only The st_lsm6dsx_hwfifo_odr_store() function, which is c… | |||
| CVE-2026-31761 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050: Move iio_device_register() to correct location iio_device_register() should be at the end of the probe functi… | |||
| CVE-2026-31759 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix double free in ulpi_register_interface() error path When device_register() fails, ulpi_register() calls put_device… | |||
| CVE-2026-31758 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmc_release When calling usbtmc_release, pending anchored URBs must be flushed or killed t… | |||
| CVE-2026-31748 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: comedi: me_daq: Fix potential overrun of firmware buffer `me2600_xilinx_download()` loads the firmware that was requested by `req… | |||
| CVE-2026-31747 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer `me4000_xilinx_download()` loads the firmware that was requested by `req… | |||
| CVE-2026-31745 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in reset_add_gpio_aux_device() error path When __auxiliary_device_add() fails, reset_add_gpio_aux_de… | |||
| CVE-2026-31743 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: Fix buffer size in DMA and memcpy Buffer size used in dma allocation and memcpy is wrong. It can lead to und… | |||
| CVE-2026-31742 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enter_alt_screen() saves vc_uni_lines into vc_saved_uni_lin… | |||
| CVE-2026-31731 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermal_zone_pm_complete() and thermal_zone_device_resume() r… | |||
| CVE-2026-31730 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: possible double-free of cctx->remote_heap fastrpc_init_create_static_process() may free cctx->remote_heap on the e… | |||
| CVE-2026-31729 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsi_notify_common() The connector number extracted from CCI via UCSI_CCI_CONNECTO… | |||
| CVE-2026-31720 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_uac1_legacy: validate control request size f_audio_complete() copies req->length bytes into a 4-byte stack variabl… | |||
| CVE-2026-31716 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec->used in journal-replay file record check check_file_record() validates rec->total against the record size… | |||
| CVE-2026-31715 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io() The xfstests case "generic/107" and syzbot have both … | |||
| CVE-2026-31703 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: writeback: Fix use after free in inode_switch_wbs_work_fn() inode_switch_wbs_work_fn() has a loop like: wb_get(new_wb); whil… | |||
| CVE-2026-31702 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix use-after-free of sbi in f2fs_compress_write_end_io() In f2fs_compress_write_end_io(), dec_page_count(sbi, type) can br… | |||
| CVE-2026-31700 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() In tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr point… | |||
| CVE-2026-31696 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing validation of ticket length in non-XDR key preparsing In rxrpc_preparse(), there are two paths for parsing key… | |||
| CVE-2026-31695 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free Currently we execute `SET_NETDEV_DEV(dev, &priv->lowerdev->dev)` f… | |||
| CVE-2026-31694 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-control… | |||
| CVE-2026-7584 | high | 7.8 | 7.8 | 1mo ago | The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix, this mechanism accepted… | |||
| CVE-2026-5656 | high | 7.8 | 7.8 | 1mo ago | Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |||
| CVE-2026-5405 | high | 7.8 | 7.8 | 1mo ago | RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |||
| CVE-2026-5403 | high | 7.8 | 7.8 | 1mo ago | SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution | |||
| CVE-2026-6389 | high | 7.8 | 7.8 | 1mo ago | IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An a… | |||
| CVE-2026-33451 | high | 7.8 | 7.8 | 1mo ago | CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure Access Windows client prior to 14.50. Attackers with local control of the Windows client can send malformed data to an API and … | |||
| CVE-2026-31693 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher… | |||
| CVE-2026-31787 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmd_vm_ops defines .close (privcmd_close), but neither .may_split nor .open. W… | |||
| CVE-2026-31786 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISOR_xen_version(XENVER_build_id) is neither NUL t… | |||
| CVE-2026-39457 | high | 7.8 | 7.8 | 1mo ago | When exchanging data over a socket, libnv uses select(2) to wait for data to arrive. However, it does not verify whether the provided socket descriptor fits in select(2)'s file descriptor set size l… | |||
| CVE-2026-7270 | high | 7.8 | 7.8 | 1mo ago | An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers. The bug may be exploitable by… | |||
| CVE-2026-4775 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:20585: compat-libtiff3 security update (Important) | |||
| CVE-2026-30769 | high | 7.8 | 7.8 | 1mo ago | An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests. | |||
| CVE-2026-41952 | high | 7.8 | 7.8 | 1mo ago | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) … | |||
| CVE-2026-41220 | high | 7.8 | 7.8 | 1mo ago | Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect Cloud Agent (Windows) … | |||
| CVE-2026-42432 | high | 7.8 | 7.8 | 1mo ago | OpenClaw: Node Pairing Reconnect Command Escalation Bypasses operator.admin Scope Requirement | |||
| CVE-2026-41396 | high | 7.8 | 7.8 | 1mo ago | OpenClaw: Workspace `.env` can override the bundled plugin trust root | |||
| CVE-2026-41387 | high | 7.8 | 7.8 | 1mo ago | OpenClaw's incomplete host env sanitization blocklist allows supply-chain redirection via package-manager env overrides | |||
| CVE-2026-41384 | high | 7.8 | 7.8 | 1mo ago | OpenClaw Has Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable Injection via Workspace Config | |||
| CVE-2026-7279 | high | 7.8 | 7.8 | 1mo ago | AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code executio… | |||
| CVE-2026-41526 | high | 7.8 | 7.8 | 1mo ago | In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading … | |||
| CVE-2026-32655 | high | 7.8 | 7.8 | 1mo ago | Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could potentially exploit this vulnera… | |||
| CVE-2026-31690 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driv… | |||
| CVE-2026-31688 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: driver core: enforce device_lock for driver_match_device() Currently, driver_match_device() is called from three sites. One site … | |||
| CVE-2026-31686 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for kasan pXds kasan_free_pxd() assumes the page table is always struct page aligned. But that's not a… | |||
| CVE-2026-25908 | high | 7.8 | 7.8 | 1mo ago | Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potenti… | |||
| CVE-2026-5943 | high | 7.8 | 7.8 | 1mo ago | Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not pro… | |||
| CVE-2026-40048 | high | 7.8 | 7.8 | 1mo ago | Camel-PQC Vulnerable to Deserialization of Untrusted Data | |||
| CVE-2026-34001 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:13414: tigervnc security update (Important) | |||
| CVE-2026-33999 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:13414: tigervnc security update (Important) | |||
| CVE-2026-34003 | high | 7.8 | 7.8 | 1mo ago | RHSA-2026:13414: tigervnc security update (Important) | |||
| CVE-2026-7039 | high | 7.8 | 7.8 | 1mo ago | A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description l… | |||
| CVE-2026-31683 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: batman-adv: avoid OGM aggregation when skb tailroom is insufficient When OGM aggregation state is toggled at runtime, an existing… | |||
| CVE-2026-31680 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: flowlabel: defer exclusive option free until RCU teardown `ip6fl_seq_show()` walks the global flowlabel hash under the… | |||
| CVE-2026-31678 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already detached … | |||
| CVE-2026-31675 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_netem: fix out-of-bounds access in packet corruption In netem_enqueue(), the packet corruption logic uses get_rand… | |||
| CVE-2026-31673 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag lookups hold a reference to the socket, but not to u->path… | |||
| CVE-2026-42171 | high | 7.8 | 7.8 | 1mo ago | NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to gain privileges (if they can cause my_GetTe… | |||
| CVE-2026-41477 | high | 7.8 | 7.8 | 1mo ago | Deskflow is a keyboard and mouse sharing app. In 1.20.0, 1.26.0.134, and earlier, Deskflow daemon runs as SYSTEM and exposes an IPC named pipe with WorldAccessOption enabled. The daemon processes pr… | |||
| CVE-2026-31667 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered repro… | |||
| CVE-2026-31666 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() After commit 1618aa3c2e01 ("btrfs: simplify ret… | |||
| CVE-2026-31665 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree(… | |||
| CVE-2026-31663 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transport_finish NF_HOOK After async crypto completes, xfrm_input_resume() calls dev_put() immedia… | |||
| CVE-2026-31656 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat A use-after-free / refcount underflow is possible when the hea… | |||
| CVE-2026-31652 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm/damon/stat: deallocate damon_call() failure leaking damon_ctx damon_stat_start() always allocates the module's damon_ctx objec… | |||
| CVE-2026-31650 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its … | |||
| CVE-2026-31648 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm: filemap: fix nr_pages calculation overflow in filemap_map_pages() When running stress-ng on my Arm64 machine with v7.0-rc3 ke… | |||
| CVE-2026-31644 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: net: lan966x: fix use-after-free and leak in lan966x_fdma_reload() When lan966x_fdma_reload() fails to allocate new RX buffers, t… | |||
| CVE-2026-31641 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpc_preparse_xdr_yfs_rxgk() reads the raw key length and ticket length from the X… | |||
| CVE-2026-31630 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AF_RXRPC procfs helpers format local and remote socket addresses into fix… | |||
| CVE-2026-31627 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it shou… | |||
| CVE-2026-31602 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Limit PTP to a single page Commit 391e69143d0a increased CT_PTP_NUM from 1 to 4 to support 256 playback streams, but… | |||
| CVE-2026-31597 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY filemap_fault() may drop the mmap_lock before returning VM_FAULT_R… | |||
| CVE-2026-31587 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm: move component registration to unmanaged version q6apm component registers dais dynamically from ASoC toplolog… | |||
| CVE-2026-31586 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() cgwb_release_workfn() calls css_put(wb->blkcg_css) and then later acc… | |||
| CVE-2026-31584 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix use-after-free in encoder release path The fops_vcodec_release() function frees the context structur… | |||
| CVE-2026-31583 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: em28xx: fix use-after-free in em28xx_v4l2_open() em28xx_v4l2_open() reads dev->v4l2 without holding dev->lock, creating a … | |||
| CVE-2026-31582 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: hwmon: (powerz) Fix use-after-free on USB disconnect After powerz_disconnect() frees the URB and releases the mutex, a subsequent… | |||
| CVE-2026-31581 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: fix use-after-free on disconnect In usb6fire_chip_abort(), the chip struct is allocated as the card's private data (… | |||
| CVE-2026-31580 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: bcache: fix cached_dev.sb_bio use-after-free and crash In our production environment, we have received multiple crash reports reg… | |||
| CVE-2026-31578 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: as102: fix to not free memory after the device is registered in as102_usb_probe() In as102_usb driver, the following race … | |||
| CVE-2026-31576 | high | 7.8 | 7.8 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: media: hackrf: fix to not free memory after the device is registered in hackrf_probe() In hackrf driver, the following race condi… |