Total CVEs

142,265

Critical Severity

3,947

High Severity

14,217

Last 7 Days

1,915
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,421 - 15,440 of 38,670 CVEs
CVE-2026-43153 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfs_attr_leaf_hasname The calling convention of xfs_attr_leaf_hasname() is problematic, because it returns a NULL buffer when xfs_attr3_leaf_read fails, a valid buffer when xfs_attr3_leaf_lookup_int returns -ENOATTR or...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43152 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used.

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43151 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert the check that skipped stop_streaming when the instance was in IRIS_INST_ERROR, as it caused...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43150 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: perf/arm-cmn: Reject unsupported hardware configurations So far we've been fairly lax about accepting both unknown CMN models (at least with a warning), and unknown revisions of those which we do know, as although things do f...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43149 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: net: wan/fsl_ucc_hdlc: Fix dma_free_coherent() in uhdlc_memclean() The priv->rx_buffer and priv->tx_buffer are alloc'd together as contiguous buffers in uhdlc_init() but freed as two buffers in uhdlc_memclean(). Change...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43148 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc() failure in parse_thread_groups() As kcalloc() may fail, check its return value to avoid a NULL pointer dereference when passing it to of_property_read_u32_array().

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43147 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" This reverts commit 05703271c3cd ("PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV"), which causes a deadlock...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43146 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add buffer to list only after successful allocation Move `list_add_tail()` to after `dma_alloc_attrs()` succeeds when creating internal buffers. Previously, the buffer was enqueued in `buffers->list` before the DMA...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43145 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imx_rproc: Fix invalid loaded resource table detection imx_rproc_elf_find_loaded_rsc_table() may incorrectly report a loaded resource table even when the current firmware does not provide one. When the device tree con...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43144 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential kernel oops when probe fails When probe of the sdio brcmfmac device fails for some reasons (i.e. missing firmware), the sdiodev->bus is set to error instead of NULL, thus the cleanup later in brcmf...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43143 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfd_of_node_list' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfd_of_node_list' to prevent po...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43142 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: iris: gen1: Destroy internal buffers after FW releases After the firmware releases internal buffers, the driver was not destroying them. This left stale allocations that were no longer used, especially across resolution cha...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43141 HIGH - 7.1

In the Linux kernel, the following vulnerability has been resolved: ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario rounddown_pow_of_two will cause undefined behaviour and should not be performed. T...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43140 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc->input Fake USB devices can send their own report descriptors for which the input_mapping() hook does not get called. In this case, msc->input stays NULL, leading to a crash at a...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43139 HIGH - 8.6

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() xfrm6_get_saddr() does not check the return value of ipv6_dev_get_saddr(). When ipv6_dev_get_saddr() fails to find a suitable source address (returns -EADDRNOTAVAIL), saddr->i...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43138 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: suppress bind attributes in sysfs This is a special device that's created dynamically and is supposed to stay in memory forever. We also currently don't have a devlink between it and the actual reset consume...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43137 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loo...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43136 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() Do not crash when a report has no fields. Fake USB gadgets can send their own HID report descriptors and can define report structures without valid fields. This ca...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43135 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: cx23885: Add missing unmap in snd_cx23885_hw_params() In error path, add cx23885_alsa_dma_unmap() to release the resource acquired by cx23885_alsa_dma_map().

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43134 HIGH - 8.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD