Skip to main content
CVE-2026-22995 HIGH PATCH This Week

Linux kernel ublk subsystem suffers from a use-after-free vulnerability in partition scan operations where a race condition between device teardown and asynchronous partition scanning allows local attackers with user privileges to access freed memory, potentially causing denial of service or information disclosure. The vulnerability stems from improper reference counting of disk objects during concurrent operations, affecting all Linux systems with the vulnerable ublk driver. A patch is available to resolve this issue by implementing proper disk reference management in the partition scan worker.

Linux Use After Free Race Condition Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71159 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free warning in btrfs_get_or_create_delayed_node() Previously, btrfs_get_or_create_delayed_node() set the delayed_node's refcount before acquiring the root->delayed_nodes lock. [CVSS 7.8 HIGH]

Linux Use After Free Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71152 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense. [CVSS 7.8 HIGH]

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22988 HIGH PATCH This Week

Linux kernel ARP implementation incorrectly assumes that dev_hard_header() does not modify the SKB header structure, leading to potential denial of service when the function pointer is changed. A local user with standard privileges can trigger a system crash or hang by exploiting this unsafe memory assumption during ARP packet creation. A patch is available to properly reinitialize the ARP pointer after the dev_hard_header() call.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22980 HIGH PATCH This Week

The Linux kernel NFSv4 grace period handler contains a use-after-free vulnerability in the v4_end_grace function that can be triggered by local attackers with unprivileged access, allowing them to read or modify sensitive kernel memory or cause a denial of service. The vulnerability arises from improper synchronization between the grace period shutdown logic and the NFSv4 client tracking mechanism, which can result in memory being accessed after it has been freed. A patch is available to add proper locking that prevents concurrent access to the vulnerable code path.

Linux Use After Free Memory Corruption Authentication Bypass
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71157 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ib_del_sub_device_and_put() Since nldev_deldev() (introduced by commit 060c642b2ab8 ("RDMA/nldev: Add support to add/delete a sub IB device through netlink") grabs a reference using ib_device_get_by_index() before calling ib_del_sub_device_and_put(), we need to drop that reference before returning -EOPNOTSUPP error. [CVSS 7.8 HIGH]

Linux Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71156 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. [CVSS 7.8 HIGH]

Linux Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-71145 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case as the isp1301_get_client() helper only increases the reference count for the returned I2C device in the OF case. [CVSS 7.8 HIGH]

Linux Use After Free Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-0772 HIGH This Week

Remote code execution in Langflow's disk cache service allows authenticated attackers to execute arbitrary code by exploiting improper deserialization of untrusted data. The vulnerability affects Langflow installations and requires valid authentication credentials to exploit, enabling attackers to gain code execution within the service account context. No patch is currently available.

RCE Deserialization AI / ML Langflow
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2026-24624 HIGH This Week

Blind SQL injection in Neoforum version 1.0 and earlier allows high-privileged attackers to execute arbitrary SQL commands over the network without user interaction, potentially compromising data confidentiality and integrity. The vulnerability stems from inadequate sanitization of user inputs in SQL queries, and no patch is currently available.

SQLi
NVD
CVSS 3.1
7.6
EPSS
0.0%
CVE-2025-15349 HIGH This Week

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. [CVSS 7.5 HIGH]

RCE Race Condition Shockline
NVD
CVSS 3.0
7.5
EPSS
0.2%
CVE-2026-24531 HIGH This Week

A WordPress plugin has a PHP Remote File Inclusion vulnerability (CWE-98) allowing unauthenticated remote code execution through crafted include paths.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-24635 HIGH This Week

DevsBlink EduBlink Core through version 2.0.7 contains a local file inclusion vulnerability in its PHP file handling that allows authenticated attackers to read arbitrary files on the server. An attacker with valid credentials can manipulate filename parameters to bypass proper input validation and access sensitive system files. No patch is currently available for this vulnerability.

PHP LFI
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24609 HIGH This Week

The Laurent theme for PHP versions 3.1 and earlier contains a local file inclusion vulnerability that allows authenticated attackers to read arbitrary files on the affected system. An attacker with valid credentials can manipulate filename parameters in include/require statements to access sensitive data outside the intended application directory. No patch is currently available for this vulnerability.

PHP LFI
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24608 HIGH This Week

Laurent Core plugin for PHP through version 2.4.1 contains a local file inclusion vulnerability in its filename handling for include/require statements, allowing authenticated attackers to read arbitrary files from the affected system. With a CVSS score of 7.5, this vulnerability enables confidentiality and integrity compromise, though exploitation requires valid credentials and no patch is currently available.

PHP LFI
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-24538 HIGH This Week

Omnipress through version 1.6.6 contains a local file inclusion vulnerability in its PHP program that allows authenticated attackers to read arbitrary files on the server. An attacker with valid credentials can manipulate filename parameters in include/require statements to access sensitive files outside the intended directory. This vulnerability requires user interaction but poses significant risk to confidentiality with no available patch at this time.

PHP LFI Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0790 HIGH This Week

8180 Ip Audio Alerter Firmware versions up to 5.5 contains a vulnerability that allows attackers to disclose sensitive information on affected installations of ALGO 8180 IP Audio A (CVSS 7.5).

Golang Information Disclosure 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-0789 HIGH This Week

The ALGO 8180 IP Audio Alerter web interface improperly exposes authentication cookies in HTTP response bodies, enabling unauthenticated remote attackers to steal sensitive credentials and gain unauthorized access to affected devices. This information disclosure vulnerability requires no authentication or user interaction to exploit and affects the device's web-based management interface. No patch is currently available for this vulnerability.

Golang Information Disclosure 8180 Ip Audio Alerter Firmware
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-69907 HIGH This Week

An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. [CVSS 7.5 HIGH]

Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-22271 HIGH This Week

Elastic Cloud Storage versions up to 3.8.1.7 is affected by cleartext transmission of sensitive information (CVSS 7.5).

Information Disclosure Objectscale Elastic Cloud Storage
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24138 HIGH This Week

Unauthenticated Server-Side Request Forgery (SSRF) in FOG 1.5.10.1754 and earlier allows remote attackers to read internal files and access local services by manipulating the url parameter in getversion.php when newService=1 is present. The vulnerability requires no authentication or user interaction and affects the confidentiality of sensitive data accessible from the affected system. No patch is currently available.

PHP SSRF
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-52026 HIGH This Week

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. [CVSS 7.5 HIGH]

Information Disclosure Gemscms Backend
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22991 HIGH PATCH This Week

A null pointer dereference vulnerability in the Linux kernel's libceph library occurs when free_choose_arg_map() is called after a partial memory allocation failure, allowing a local attacker with low privileges to cause a denial of service. The vulnerability exists because the function does not validate pointers before dereferencing them during cleanup operations. A patch is available to add proper pointer checks and make the cleanup routine resilient to incomplete allocations.

Linux Null Pointer Dereference Denial Of Service
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-22990 HIGH PATCH This Week

A local privileged user can trigger a kernel panic in the Linux kernel's Ceph client by providing a maliciously corrupted incremental osdmap with an unexpected epoch value, causing a denial of service. The vulnerability stems from overzealous assertion logic that should instead gracefully reject invalid osdmap data. A patch is available to replace the fatal BUG_ON check with proper validation.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2024-11976 HIGH This Week

The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. [CVSS 7.3 HIGH]

WordPress
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2026-0776 HIGH This Week

Discord Client's discord_rpc module improperly loads files from an unsecured search path, enabling local attackers with low-privilege code execution to escalate privileges and run arbitrary code with elevated user context. This vulnerability requires prior local code execution capability and affects systems running vulnerable Discord Client installations. No patch is currently available.

Privilege Escalation
NVD
CVSS 3.0
7.3
EPSS
0.0%
CVE-2026-0771 HIGH This Week

Langflow's PythonFunction component allows authenticated attackers with user interaction to inject and execute arbitrary Python code within application workflows, achieving remote code execution. The vulnerability affects Langflow deployments using Python-based AI/ML components, with exploitation feasibility depending on specific product configurations. No patch is currently available.

Python RCE Code Injection AI / ML Langflow
NVD
CVSS 3.0
7.1
EPSS
0.1%
CVE-2026-24623 HIGH This Week

Reflected cross-site scripting (XSS) in Neoforum version 1.0 and earlier allows authenticated attackers to inject malicious scripts that execute in users' browsers when they interact with crafted links, potentially leading to session hijacking or credential theft. The vulnerability requires user interaction and authenticated access, limiting its immediate impact but still posing a risk in multi-user forum environments. No patch is currently available.

XSS
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2025-67230 HIGH This Week

Improper permissions in the handler for the Custom URL Scheme in ToDesktop Builder v0.33.0 allows attackers with renderer-context access to invoke external protocol handlers without sufficient validation. [CVSS 7.1 HIGH]

Privilege Escalation Builder
NVD
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-0775 HIGH PATCH This Week

npm cli contains an insecure module loading mechanism that enables local privilege escalation on Node.js installations. An attacker with low-privileged code execution can exploit this flaw to gain elevated privileges and execute arbitrary code with target user permissions. No patch is currently available for this vulnerability.

Node.js Privilege Escalation RCE
NVD VulDB
CVSS 3.1
7.0
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy