Total CVEs

142,750

Critical Severity

4,026

High Severity

14,425

Last 7 Days

1,411
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 15,781 - 15,800 of 39,155 CVEs
CVE-2026-43278 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq->bio values have been observed to cause double-initialization of cloned bios in request-based device-mapper targets, leading to use-after-free and doub...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43277 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghes_new() prevents allocating too large records, by checking if they're bigger than GHES_ESTATUS_MAX_SIZE (currently, 64KB). Yet, the allocation is...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43276 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroy_workqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free crash was found on the service rescan PCI path. When mana_serv_reset() calls mana_gd_suspend(), mana_gd...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43275 MEDIUM - 4.7

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly flushed during suspend when the runtime power management level is set to UFS_PM_LVL_0. When the RPM...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43274 HIGH - 8.4

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() The cluster_cfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previous...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43273 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43272 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is not initialized at the beginning of a function. This pointer can be dereferenced if there is a failu...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43271 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences the 'thread' pointer (acquired via rcu_dereference_protected) within the wait_event() macro....

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43270 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference count of the returned platform device. Add platform_device_put() to prevent reference leak.

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43269 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some drm_crtc_commit objects are not freed. The atomic_destroy_state callback only put the framebuffer. Use ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43268 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires any inode be one of S_IFDIR/S_IFLNK/S_IFREG/S_IFCHR/S_IFBLK/ S_IFIFO/S_IFSOCK type, use S_IFR...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43267 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_int might be zero, which could result in a division by zero error in subsequent calculations. Set a...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43266 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is too small, but it doesn't detect if it is too big. Currently, if the firmware receive...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43265 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit, us...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43264 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount incremented, which is stored in 'entry' and then copied to 'native_mode'. When the...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43263 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpu_instance" this structure is shar...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43262 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recursive glock taking if the fiemap buffer is memory mapped to the same inode and accessing it triggers ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43261 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer) attack, which can be exploited to leak information through branch prediction side channels. This co...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43260 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netif_running() is ...

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD
CVE-2026-43259 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platform_set_drvdata() as the data will be used in remove().

Vendor: Linux
Product: Linux
Published: May 06, 2026
Source: NVD