Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,708
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 16,081 - 16,100 of 38,432 CVEs
CVE-2026-31746 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: Fix memory leak with CCA cards used as accelerator Tests showed that there is a memory leak if CCA cards are used as accelerator for clear key RSA requests (ME and CRT). With the last rework for the memory allocation ...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31745 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: reset: gpio: fix double free in reset_add_gpio_aux_device() error path When __auxiliary_device_add() fails, reset_add_gpio_aux_device() calls auxiliary_device_uninit(adev). The device release callback reset_gpio_aux_device_releas...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31744 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found dev_energymodel_nl_get_perf_domains_doit() calls em_perf_domain_get_by_id() but does not check the return value before passing it to __em_nl_get_pd_size(). When...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31743 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: Fix buffer size in DMA and memcpy Buffer size used in dma allocation and memcpy is wrong. It can lead to undersized DMA buffer access and possible memory corruption. use correct buffer size in dma_alloc_cohere...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31742 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: vt: discard stale unicode buffer on alt screen exit after resize When enter_alt_screen() saves vc_uni_lines into vc_saved_uni_lines and sets vc_uni_lines to NULL, a subsequent console resize via vc_do_resize() skips reallocating t...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31741 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: prevent counter from being toggled multiple times Runtime PM counter is incremented / decremented each time the sysfs enable file is written to. If user writes 0 to the sysfs enable file multiple times, runt...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31740 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rz_mtu3_channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counte...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31739 HIGH - 8.8

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - Add missing CRYPTO_ALG_ASYNC The tegra crypto driver failed to set the CRYPTO_ALG_ASYNC on its asynchronous algorithms, causing the crypto API to select them for users that request only synchronous algorithms. Thi...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31738 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlan_na_create vxlan_na_create() walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31737 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: net: ftgmac100: fix ring allocation unwind on open failure ftgmac100_alloc_rings() allocates rx_skbs, tx_skbs, rxdes, txdes, and rx_scratch in stages. On intermediate failures it returned -ENOMEM directly, leaking resources alloca...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31736 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_ppe: avoid NULL deref when gmac0 is disabled If the gmac0 is disabled, the precheck for a valid ingress device will cause a NULL pointer deref and crash the system. This happens because eth->netdev[0] will be...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31735 HIGH - 8.8

In the Linux kernel, the following vulnerability has been resolved: iommupt: Fix short gather if the unmap goes into a large mapping unmap has the odd behavior that it can unmap more than requested if the ending point lands within the middle of a large or contiguous IOPTE. In this case the gather...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31734 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix is_bpf_migration_disabled() false negative on non-PREEMPT_RCU Since commit 8e4f0b1ebcf2 ("bpf: use rcu_read_lock_dont_migrate() for trampoline.c"), the BPF prolog (__bpf_prog_enter) calls migrate_disable()...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31733 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix stale direct dispatch state in ddsp_dsq_id @p->scx.ddsp_dsq_id can be left set (non-SCX_DSQ_INVALID) triggering a spurious warning in mark_direct_dispatch() when the next wakeup's ops.select_cpu() calls scx_...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31732 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: gpio: Fix resource leaks on errors in gpiochip_add_data_with_key() Since commit aab5c6f20023 ("gpio: set device type for GPIO chips"), `gdev->dev.release` is unset. As a result, the reference count to `gdev->dev` ...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31731 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermal_zone_pm_complete() and thermal_zone_device_resume() re-initialize the poll_queue delayed work for the given thermal zone, the cancel_delayed_work_sync() i...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31730 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: possible double-free of cctx->remote_heap fastrpc_init_create_static_process() may free cctx->remote_heap on the err_map path but does not clear the pointer. Later, fastrpc_rpmsg_remove() frees cctx->remote...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31729 HIGH - 7.8

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsi_notify_common() The connector number extracted from CCI via UCSI_CCI_CONNECTOR() is a 7-bit field (0-127) that is used to index into the connector array in ucsi_connector_change(...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31728 MEDIUM - 4.7

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_ether: Fix race between gether_disconnect and eth_stop A race condition between gether_disconnect() and eth_stop() leads to a NULL pointer dereference. Specifically, if eth_stop() is triggered concurrently while get...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD
CVE-2026-31727 MEDIUM - 5.5

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_ether: Fix NULL pointer deref in eth_get_drvinfo Commit ec35c1969650 ("usb: gadget: f_ncm: Fix net_device lifecycle with device_move") reparents the gadget device to /sys/devices/virtual during unbind, cle...

Vendor: Linux
Product: Linux
Published: May 01, 2026
Source: NVD