CVEs from 2026
Total
13,362
critical
critical 1,116
high
high 3,953
medium
medium 4,013
low
low 420
% Critical
8.4%
% with KEV
0.4%
% with exploit
0.4%
Top products
- chrome 299
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 221
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-7988 | high | 8.8 | 8.8 | 22d ago | Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7987 | high | 8.8 | 8.8 | 22d ago | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7984 | high | 8.8 | 8.8 | 22d ago | Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML … | |
| CVE-2026-7980 | high | 8.8 | 8.8 | 22d ago | Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7974 | high | 8.8 | 8.8 | 22d ago | Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7973 | high | 8.8 | 8.8 | 22d ago | Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Med… | |
| CVE-2026-7957 | high | 8.8 | 8.8 | 22d ago | Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr… | |
| CVE-2026-7951 | high | 8.8 | 8.8 | 22d ago | Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7940 | high | 8.8 | 8.8 | 22d ago | Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome … | |
| CVE-2026-7938 | high | 8.8 | 8.8 | 22d ago | Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2026-7930 | high | 8.8 | 8.8 | 22d ago | Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security sev… | |
| CVE-2026-7928 | high | 8.8 | 8.8 | 22d ago | Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: … | |
| CVE-2026-7927 | high | 8.8 | 8.8 | 22d ago | Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7926 | high | 8.8 | 8.8 | 22d ago | Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… | |
| CVE-2026-7921 | high | 8.8 | 8.8 | 22d ago | Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7907 | high | 8.8 | 8.8 | 22d ago | Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7906 | high | 8.8 | 8.8 | 22d ago | Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7903 | high | 8.8 | 8.8 | 22d ago | Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:… | |
| CVE-2026-7902 | high | 8.8 | 8.8 | 22d ago | Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… | |
| CVE-2026-7901 | high | 8.8 | 8.8 | 22d ago | Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2026-7899 | high | 8.8 | 8.8 | 22d ago | Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… | |
| CVE-2026-7898 | high | 8.8 | 8.8 | 22d ago | Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) | |
| CVE-2026-7896 | high | 8.8 | 8.8 | 22d ago | Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2026-41938 | high | 8.8 | 8.8 | 22d ago | Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restricti… | |
| CVE-2026-41934 | high | 8.8 | 8.8 | 22d ago | Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through ins… | |
| CVE-2026-7875 | high | 8.8 | 8.8 | 22d ago | NanoClaw version 1.2.0 and prior contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container … | |
| CVE-2026-42503 | high | 8.8 | 8.8 | 22d ago | gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value without an explicit host (e.g. :8080), or -port is used, gopl… | |
| CVE-2026-29080 | high | 8.8 | 8.8 | 22d ago | Rucio has SQL Injection in FilterEngine Oracle JSON Path via DID Search API | |
| CVE-2026-20034 | high | 8.8 | 8.8 | 22d ago | A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is… | |
| CVE-2026-29090 | high | 8.8 | 8.8 | 22d ago | Rucio has SQL Injection in FilterEngine PostgreSQL Query Builder via DID Search API | |
| CVE-2026-43283 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ec_bhf: Fix dma_free_coherent() dma handle dma_free_coherent() in error path takes priv->rx_buf.alloc_len as the d… | |
| CVE-2026-43249 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen_9pfs_front_free against concurrent calls The xenwatch thread can race with other back-end change notification… | |
| CVE-2026-43239 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in ->query_interfaces() It was possible for two query interface works to be concurrently trying to upd… | |
| CVE-2026-43232 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets When the FarSync T-series card is being detached, the fs… | |
| CVE-2026-43215 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifs_tcp_ses_lock to protect a lot of objects that are not just the se… | |
| CVE-2026-43187 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 ("xfs: fix attr leaf header freemap.size underflow… | |
| CVE-2026-43176 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate… | |
| CVE-2026-43172 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (which doesn't exist in hardware) then us… | |
| CVE-2026-43158 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592 and xfs/794 both trip this assertion in the leaf block fre… | |
| CVE-2026-43113 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: validate packet IDs before indexing tx_frames wl1251_tx_packet_cb() uses the firmware completion ID directly to ind… | |
| CVE-2026-43112 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath is called with an empty string or a str… | |
| CVE-2026-43110 | high | 8.8 | 8.8 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events brcmf_fweh_handle_if_event() validates the firmware-provided interface index… | |
| CVE-2026-7841 | high | 8.8 | 8.8 | 23d ago | A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary commands on the server b… | |
| CVE-2026-42843 | high | 8.8 | 8.8 | 23d ago | Grav API Privilege Escalation to Super Admin | |
| CVE-2026-40068 | high | 8.8 | 8.8 | 23d ago | Claude Code: Trust Dialog Bypass via Git Worktree Spoofing Allows Arbitrary Code Execution | |
| CVE-2026-39849 | high | 8.8 | 8.8 | 23d ago | Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the `dns.interface` configuration field in Pi-hole FTL accepted newline charac… | |
| CVE-2026-42266 | high | 8.8 | 8.8 | 23d ago | JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed… | |
| CVE-2026-34464 | high | 8.8 | 8.8 | 23d ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fix… | |
| CVE-2026-34459 | high | 8.8 | 8.8 | 23d ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilit… | |
| CVE-2026-34458 | high | 8.8 | 8.8 | 23d ago | Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration re… | |
| CVE-2026-33324 | high | 8.8 | 8.8 | 23d ago | SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided que… | |
| CVE-2026-25589 | high | 8.8 | 8.8 | 23d ago | RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTOR… | |
| CVE-2026-25588 | high | 8.8 | 8.8 | 23d ago | RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE comma… | |
| CVE-2026-25243 | high | 8.8 | 8.8 | 23d ago | Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to exe… | |
| CVE-2026-23479 | high | 8.8 | 8.8 | 23d ago | Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blo… | |
| CVE-2026-35397 | high | 8.8 | 8.8 | 23d ago | Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_d… | |
| CVE-2026-31196 | high | 8.8 | 8.8 | 23d ago | The traceroute diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing aut… | |
| CVE-2026-31195 | high | 8.8 | 8.8 | 23d ago | The ping diagnostic handler in /bin/httpd_clientside for ALTICE LABS / SFR France GR140DG and GR140IG fibre CPE/Router/Gateway, inserts unsanitized user input into a system() call, allowing authentic… | |
| CVE-2026-6261 | high | 8.8 | 8.8 | 23d ago | The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the upload_icons() function workflow moving and unzipping user-controlled… | |
| CVE-2026-43571 | high | 8.8 | 8.8 | 23d ago | OpenClaw: Channel setup catalog lookups could include untrusted workspace plugin shadows | |
| CVE-2026-43569 | high | 8.8 | 8.8 | 23d ago | OpenClaw: Workspace provider auth choices could auto-enable untrusted provider plugins | |
| CVE-2026-43531 | high | 8.8 | 8.8 | 23d ago | OpenClaw: Workspace .env could inject OpenClaw runtime-control variables | |
| CVE-2026-43530 | high | 8.8 | 8.8 | 23d ago | OpenClaw: busybox and toybox applet execution weakened exec approval binding | |
| CVE-2026-42435 | high | 8.8 | 8.8 | 23d ago | OpenClaw: Shell-wrapper detection missed env-argv assignment injection forms | |
| CVE-2026-42434 | high | 8.8 | 8.8 | 23d ago | OpenClaw: Sandboxed agents could escape exec routing via host=node override | |
| CVE-2026-42606 | high | 8.8 | 8.8 | 24d ago | AzuraCast has Password Reset Poisoning via Untrusted X-Forwarded-Host Header that Leads to Account Takeover and 2FA Bypass | |
| CVE-2026-42605 | high | 8.8 | 8.8 | 24d ago | AzuraCast has Path Traversal in `currentDirectory` Parameter that Enables Remote Code Execution via Media Upload | |
| CVE-2026-42237 | high | 8.8 | 8.8 | 24d ago | n8n has SQL Injection in Snowflake and MySQL Nodes | |
| CVE-2026-42234 | high | 8.8 | 8.8 | 24d ago | n8n has a Python Task Runner Sandbox Escape Vulnerability | |
| CVE-2026-42232 | high | 8.8 | 8.8 | 24d ago | n8n has XML Node Prototype Pollution that to RCE | |
| CVE-2026-42231 | high | 8.8 | 8.8 | 24d ago | n8n has Prototype Pollution in XML Webhook Body Parser that Leads to RCE | |
| CVE-2026-42229 | high | 8.8 | 8.8 | 24d ago | n8n has SQL Injection in SeaTable Node | |
| CVE-2026-0073 | high | 8.8 | 8.8 | 24d ago | In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as… | |
| CVE-2026-42375 | high | 8.8 | 8.8 | 24d ago | D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static… | |
| CVE-2026-42374 | high | 8.8 | 8.8 | 24d ago | D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static… | |
| CVE-2026-42373 | high | 8.8 | 8.8 | 24d ago | D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the s… | |
| CVE-2026-42372 | high | 8.8 | 8.8 | 24d ago | D-Link DIR-605L Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the s… | |
| CVE-2026-29514 | high | 8.8 | 8.8 | 24d ago | NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or con… | |
| CVE-2026-23918 | high | 8.8 | 8.8 | 24d ago | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… | |
| CVE-2026-24072 | high | 8.8 | 8.8 | 24d ago | An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgra… | |
| CVE-2026-7750 | high | 8.8 | 8.8 | 24d ago | A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The … | |
| CVE-2026-7749 | high | 8.8 | 8.8 | 24d ago | A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manip… | |
| CVE-2026-7748 | high | 8.8 | 8.8 | 24d ago | A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executin… | |
| CVE-2026-7717 | high | 8.8 | 8.8 | 25d ago | A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Execu… | |
| CVE-2026-42364 | high | 8.8 | 8.8 | 25d ago | An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An… | |
| CVE-2026-7685 | high | 8.8 | 8.8 | 26d ago | A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer ove… | |
| CVE-2026-7684 | high | 8.8 | 8.8 | 26d ago | A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffe… | |
| CVE-2026-7675 | high | 8.8 | 8.8 | 26d ago | A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid l… | |
| CVE-2026-7674 | high | 8.8 | 8.8 | 26d ago | A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web Management Interface. Executing a manipulation… | |
| CVE-2026-7609 | high | 8.8 | 8.8 | 26d ago | A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation cause… | |
| CVE-2026-7489 | high | 8.8 | 8.8 | 26d ago | CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. | |
| CVE-2026-7607 | high | 8.8 | 8.8 | 27d ago | A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads t… | |
| CVE-2026-2052 | high | 8.8 | 8.8 | 27d ago | The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.2 via… | |
| CVE-2026-7641 | high | 8.8 | 8.8 | 27d ago | The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the `save_extra_user_profile_fields()` function. Thi… | |
| CVE-2026-6963 | high | 8.8 | 8.8 | 27d ago | The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wmg_save_provider_config AJAX action in all versions up to, and including, 1.8. … | |
| CVE-2026-42468 | high | 8.8 | 8.8 | 27d ago | Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a … | |
| CVE-2026-37536 | high | 8.8 | 8.8 | 27d ago | miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives … | |
| CVE-2026-43048 | high | 8.8 | 8.8 | 27d ago | In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset() The memset() in hid_report_raw_event() has the good intention of cle… | |
| CVE-2026-43018 | high | 8.8 | 8.8 | 27d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in hci_le_remote_conn_param_req_evt hci_conn lookup and field access must be covered by h… | |
| CVE-2026-31773 | high | 8.8 | 8.8 | 27d ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp_random() currently la… |