Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,925
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,321 - 15,340 of 38,670 CVEs
CVE-2026-43253 HIGH - 7.5

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move wait_on_sem() out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as wait_on_sem() busy-waits under the spinlock with interrupts disabled. Move...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43252 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always set ID as avail when rm endp Syzkaller managed to find a combination of actions that was generating this warning: WARNING: net/mptcp/pm_kernel.c:1074 at __mark_subflow_endp_available net/mptcp/pm_ke...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43251 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm->input_ep82 Fake USB devices can send their own report descriptors for which the input_mapping() hook does not get called. In this case, pm->input_ep82 stays NULL, which leads to a crash...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43250 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke() The ChipIdea UDC driver can encounter "not page aligned sg buffer" errors when a USB device is reconnected after being disconnected during an active transfer. This...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43249 HIGH - 8.8

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen_9pfs_front_free against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen_9pfs_front_free() twice, hitting the observed general protection fault due to a double...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43248 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: vhost: move vdpa group bound check to vhost_vdpa Remove duplication by consolidating these here. This reduces the posibility of a parent driver missing them. While we're at it, fix a bug in vdpa_sim where a valid ASID can b...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43247 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. [ 48.834439...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43246 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: i2c/tw9906: Fix potential memory leak in tw9906_probe() In one of the error paths in tw9906_probe(), the memory allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() is not freed. Fix that by calling v4l2_ctrl_handl...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43245 HIGH - 7.5

In the Linux kernel, the following vulnerability has been resolved: ntfs: ->d_compare() must not block ... so don't use __getname() there. Switch it (and ntfs_d_hash(), while we are at it) to kmalloc(PATH_MAX, GFP_NOWAIT). Yes, ntfs_d_hash() almost certainly can do with smaller allocatio...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43244 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: kcm: fix zero-frag skb in frag_list on partial sendmsg error Syzkaller reported a warning in kcm_write_msgs() when processing a message with a zero-fragment skb in the frag_list. When kcm_sendmsg() fills MAX_SKB_FRAGS fragments i...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43243 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src Trying to access link enc on a dpia link will cause a crash otherwise

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43242 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: soc: ti: k3-socinfo: Fix regmap leak on probe failure The mmio regmap allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures (e.g. probe deferral) and ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43241 HIGH - 7.1

In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAX_MWS, This patch protects against invalid index out of bounds access to mw_sizes When invalid access p...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43240 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=<size>", the physical range that contains the carr...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43239 HIGH - 8.8

In the Linux kernel, the following vulnerability has been resolved: smb: client: prevent races in ->query_interfaces() It was possible for two query interface works to be concurrently trying to update the interfaces. Prevent this by checking and updating iface_last_update under iface_lock.

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43238 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash() Commit 38a6f0865796 ("net: sched: support hash selecting tx queue") added SKBEDIT_F_TXQ_SKBHASH support. The inclusive range size is computed as: mapping_...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43237 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amdgpu_gem_va_ioctl function, key updates include: - Moved the logic for managing the last update fence...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43236 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release The atmel_hlcdc_plane_atomic_duplicate_state() callback was copying the atmel_hlcdc_plane state structure without properly duplicating the drm_plane_state. In pa...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43235 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - get_vpu_buffer_size = iris_vpu33_buf_size Without this, the driver fails to allocate the required internal buf...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43234 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU event when unregistering slave syzbot is reporting unregister_netdevice: waiting for netdevsim0 to become free. Usage count = 3 ref_tracker: netdev@ffff88807dcf8618 has 1/2 users at __netde...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD