Skip to main content
CVE-2025-71197 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarms_store The sysfs buffer passed to alarms_store() is allocated with 'size + 1' bytes and a NUL terminator is appended.

Linux Buffer Overflow Linux Kernel
NVD VulDB
EPSS
0.1%
CVE-2026-23101 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it is fully ready Before this change the LED was added to leds_list before led_init_core() gets called adding it the list before led_classdev.set_brightness_work gets initialized.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23058 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak").

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23056 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uacce_vm_ops to return -EPERM The current uacce_vm_ops does not support the mremap operation of vm_operations_struct. Implement .mremap to return -EPERM to remind users.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23049 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires connector type to be set.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71199 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver at91_adc_interrupt can call at91_adc_touch_data_handler function to start the work by schedule_work(&st->touch_st.workq).

Linux Use After Free Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71196 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe() The "index" variable is used as an index into the usbphyc->phys[] array which has usbphyc->nphys elements. So if it is equal to usbphyc->nphys then it is one element out of bounds.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71194 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in wait_current_trans() due to ignored transaction type When wait_current_trans() is called during start_transaction(), it currently waits for a blocked transaction without considering whether the given transaction type actually needs to wait for that particular transaction state.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23047 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_target() clears t->paused if the request shouldn't be paused anymore, but doesn't ever set t->paused even though it's able to determine when the request should be paused.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23107 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA The code to restore a ZA context doesn't attempt to allocate the task's sve_state before setting TIF_SME.

Linux Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23106 Monitor

In the Linux kernel, the following vulnerability has been resolved: timekeeping: Adjust the leap state for the correct auxiliary timekeeper When __do_ajdtimex() was introduced to handle adjtimex for any timekeeper, this reference to tk_core was not updated.

Linux Industrial Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23054 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23052 Monitor

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pg_remaining calculation in ftrace_process_locs() assumes that ENTRIES_PER_PAGE multiplied by 2^order equals the actual capacity of the allocated page group.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23051 Monitor

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix drm panic null pointer when driver not support atomic When driver not support atomic, fb using plane->fb rather than plane->state->fb. (cherry picked from commit 2f2a72de673513247cd6fae14e53f6c40c5841ef)

Linux Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23048 Monitor

In the Linux kernel, the following vulnerability has been resolved: udp: call skb_orphan() before skb_attempt_defer_free() Standard UDP receive path does not use skb->destructor. But skmsg layer does use it, since it calls skb_set_owner_sk_safe() from udp_read_skb().

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23046 Monitor

In the Linux kernel, the following vulnerability has been resolved: virtio_net: fix device mismatch in devm_kzalloc/devm_kfree Initial rss_hdr allocation uses virtio_device->device, but virtnet_set_queues() frees using net_device->device.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23045 Monitor

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devl_param_driverinit_value_set() in ena.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23044 Monitor

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When crypto_alloc_acomp() fails, it returns an ERR_PTR value, not NULL.

Linux Denial Of Service Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23043 Monitor

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL pointer dereference in do_abort_log_replay() Coverity reported a NULL pointer dereference issue (CID 1666756) in do_abort_log_replay().

Linux Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23042 Monitor

In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2_VPORT_ENABLE_RDMA, driver does not allocate vdev_info for this vport.

Linux Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23041 Monitor

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup When bnxt_init_one() fails during initialization (e.g., bnxt_init_int_mode returns -ENODEV), the error path calls bnxt_free_hwrm_resources() which destroys the DMA pool and sets bp->hwrm_dma_pool to NULL.

Broadcom Linux Null Pointer Dereference Denial Of Service Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23040 Monitor

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel.

Linux Null Pointer Dereference Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71192 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adapter() fails, put_device() is the correct way to drop the device reference. kfree() is not required.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23102 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context When SME is supported, Restoring SVE signal context can go wrong in a few ways, including placing the task into an invalid state where the kernel may read from out-of-bounds memory (and may potentially take a fatal fault) and/or may kill the task with a SIGKILL.

Linux Golang Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23059 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xx_copy_fpin_pkt() and qla27xx_copy_multiple_pkt(), the frame_size reported by firmware is used to calculate the copy length into item->iocb.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71198 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The st_lsm6dsx_acc_channels array of struct iio_chan_spec has a non-NULL event_spec field, indicating support for IIO events.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71195 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap max_register The max_register field is assigned the size of the register memory region instead of the offset of the last register.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-71193 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qusb2: Fix NULL pointer dereference on early suspend Enabling runtime PM before attaching the QPHY instance as driver data can lead to a NULL pointer dereference in runtime PM callbacks that expect valid driver data.

Linux Null Pointer Dereference Denial Of Service Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23057 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb (with a spare tail room) is followed by a small skb (length limited by GOOD_COPY_LEN = 128), an attempt is made to join them.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23055 Monitor

In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 ("i2c: riic: Add suspend/resume support") added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on entering suspend ...

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23053 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfs_release_folio() Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfs_release_folio().

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2026-23050 PATCH Monitor

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open() Ben Coddington reports seeing a hang in the following stack trace: 0 [ffffd0b50e1774e0] __schedule at ffffffff9ca05415 1 [ffffd0b50e177548] schedule at ffffffff9ca05717 2 [ffffd0b50e177558] bit_wait at ffffffff9ca061e1 3 [ffffd0b50e177568] __wait_on_bit at ffffffff9ca05cfb 4 [ffffd0b50e1775c8] out_of_line_wait_on_bit at ffffffff9ca05ea5 5 [ffffd0b50e177618] pnfs_roc at ffffffffc154207b [nfsv4] 6 [ffffd0b50e1776b8] _nfs4_proc_delegreturn at ffffffffc1506586 [nfsv4] 7 [ffffd0b50e177788] nfs4_proc_delegreturn at ffffffffc1507480 [nfsv4] 8 [ffffd0b50e1777f8] nfs_do_return_delegation at ffffffffc1523e41 [nfsv4] 9 [ffffd0b50e177838] nfs_inode_set_delegation at ffffffffc1524a75 [nfsv4] 10 [ffffd0b50e177888] nfs4_process_delegation at ffffffffc14f41dd [nfsv4] 11 [ffffd0b50e1778a0] _nfs4_opendata_to_nfs4_state at ffffffffc1503edf [nfsv4] 12 [ffffd0b50e1778c0] _nfs4_open_and_get_state at ffffffffc1504e56 [nfsv4] 13 [ffffd0b50e177978] _nfs4_do_open at ffffffffc15051b8 [nfsv4] 14 [ffffd0b50e1779f8] nfs4_do_open at ffffffffc150559c [nfsv4] 15 [ffffd0b50e177a80] nfs4_atomic_open at ffffffffc15057fb [nfsv4] 16 [ffffd0b50e177ad0] nfs4_file_open at ffffffffc15219be [nfsv4] 17 [ffffd0b50e177b78] do_dentry_open at ffffffff9c09e6ea 18 [ffffd0b50e177ba8] vfs_open at ffffffff9c0a082e 19 [ffffd0b50e177bd0] dentry_open at ffffffff9c0a0935 The issue is that the delegreturn is being asked to wait for a layout return that cannot complete because a state recovery was initiated.

Linux Linux Kernel
NVD VulDB
EPSS
0.0%
CVE-2025-29867 Monitor

Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom Office 2018, Hancom Inc.

Buffer Overflow
NVD
EPSS
0.0%
CVE-2026-25547 PATCH Monitor

@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the...

Node.js Denial Of Service
NVD GitHub VulDB
EPSS
0.0%
CVE-2026-20987 Monitor

Improper input validation in GalaxyDiagnostic versions up to 3.5.050 contains a security vulnerability.

Industrial
NVD
EPSS
0.0%
CVE-2026-20984 Monitor

Improper handling of insufficient permission in Galaxy Wearable installed on non-Samsung Device versions up to 2.2.68 contains a vulnerability that allows attackers to access sensitive information.

Samsung
NVD
EPSS
0.0%
CVE-2026-1622 PATCH Monitor

Neo4j Enterprise and Community editions versions prior to 2026.01.3 and 5.26.21 are vulnerable to a potential information disclosure by a user who has ability to access the local log files. The "obfuscate_literals" option in the query logs does not redact error information, exposing unredacted data in the query log when a customer writes a query that fails. It can allow a user with legitimate...

Information Disclosure
NVD
EPSS
0.0%
Prev Page 5 of 5

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy