Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,925
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,301 - 15,320 of 38,670 CVEs
CVE-2026-43273 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43272 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is not initialized at the beginning of a function. This pointer can be dereferenced if there is a failu...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43271 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences the 'thread' pointer (acquired via rcu_dereference_protected) within the wait_event() macro....

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43270 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference count of the returned platform device. Add platform_device_put() to prevent reference leak.

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43269 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some drm_crtc_commit objects are not freed. The atomic_destroy_state callback only put the framebuffer. Use ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43268 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFR...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43267 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_int might be zero, which could result in a division by zero error in subsequent calculations. Set a...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43266 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is too small, but it doesn't detect if it is too big. Currently, if the firmware receive...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43265 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit, us...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43264 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount incremented, which is stored in 'entry' and then copied to 'native_mode'. When the...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43263 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpu_instance" this structure is shar...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43262 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43261 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer) attack, which can be exploited to leak information through branch prediction side channels. This co...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43260 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netif_running() is ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43259 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove().

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43258 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: alpha: fix user-space corruption during memory compaction Alpha systems can suffer sporadic user-space crashes and heap corruption when memory compaction is enabled. Symptoms include SIGSEGV, glibc allocator failures (e.g. "...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43257 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Add missing unmap in snd_cx88_hw_params() In error path, add cx88_alsa_dma_unmap() to release resource acquired by cx88_alsa_dma_map().

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43256 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() vfe_isr() iterates using MSM_VFE_IMAGE_MASTERS_NUM(7) as the loop bound and passes the index to vfe_isr_reg_update(). However, vfe->line[] array is defin...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43255 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix WARNING in usb_tx_block The function usb_tx_block() submits cardp->tx_urb without ensuring that any previous transmission on this URB has completed. If a second call occurs while the URB is still active (e.g...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43254 HIGH - 7.5

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - fix packet extraction from stream When processing TCP stream data in ovpn_tcp_recv, we receive large cloned skbs from __strp_rcv that may contain multiple coalesced packets. The current implementation has two bugs: 1....

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD