Skip to main content

Red Hat

8625 CVEs vendor

Monthly

CVE-2026-2323 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 4.3).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-2322 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 5.4).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-2321 HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2320 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2319 HIGH PATCH This Week

Google Chrome versions prior to 145.0.7632.45 contain a race condition in DevTools that allows remote attackers to corrupt objects by convincing users to perform specific UI interactions and install a malicious extension. An attacker exploiting this vulnerability could achieve high-impact outcomes including information disclosure, data modification, or denial of service. The vulnerability currently has no available patch.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-2318 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2317 MEDIUM PATCH This Month

Google Chrome versions before 145.0.7632.45 contain an animation implementation flaw that allows remote attackers to exfiltrate cross-origin data through specially crafted HTML pages. The vulnerability requires user interaction to trigger and affects all Chrome users, potentially exposing sensitive information from other websites. No patch is currently available.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2316 MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-2315 HIGH PATCH This Week

Out of bounds memory access in Google Chrome's WebGPU implementation prior to version 145.0.7632.45 allows unauthenticated attackers to trigger memory corruption through a malicious HTML page. This vulnerability requires user interaction but carries high risk due to potential for arbitrary code execution or information disclosure. No patch is currently available.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2314 HIGH PATCH This Week

Heap buffer overflow in Google Chrome's codec implementation prior to version 145.0.7632.45 enables remote attackers to corrupt heap memory and potentially achieve arbitrary code execution through a malicious HTML page. The vulnerability requires user interaction to visit a crafted webpage but does not require special privileges, affecting all Chrome users. No patch is currently available.

Google Buffer Overflow Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2313 HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome Red Hat Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-26079 MEDIUM PATCH This Month

Roundcube Webmail versions up to 1.5.13 is affected by inclusion of functionality from untrusted control sphere (CVSS 4.7).

RCE Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
4.7
EPSS
0.1%
CVE-2025-11537 Maven MEDIUM PATCH This Month

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. [CVSS 5.0 MEDIUM]

Information Disclosure Red Hat
NVD
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-25934 Go MEDIUM PATCH This Month

Corrupted Git pack and index files are not properly validated in go-git versions before 5.16.5, allowing an attacker to supply malicious packfiles that bypass integrity checks and cause go-git to consume corrupted data. This can result in unexpected application errors and denial of service conditions for any system using the vulnerable go-git library to fetch or process Git repositories. The vulnerability requires user interaction to fetch from a malicious or compromised Git source.

Information Disclosure Go Git Red Hat Suse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-25765 Ruby MEDIUM PATCH This Month

Faraday HTTP client library versions before 2.14.1 fail to properly validate protocol-relative URLs when merging user-supplied paths with base URLs, allowing attackers to redirect requests to arbitrary hosts via SSRF attacks. Applications that pass untrusted input to Faraday request methods like get() or post() are vulnerable to request hijacking. A patch is available in version 2.14.1 and later.

Ruby SSRF Faraday Red Hat Suse
NVD GitHub
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-25598 MEDIUM This Month

Harden-Runner versions prior to 2.14.2 fail to log outbound network connections made through sendto, sendmsg, and sendmmsg socket calls when audit mode is enabled, allowing attackers to exfiltrate data from GitHub Actions runners without detection. This integrity bypass affects users relying on Harden-Runner's egress policy auditing for security monitoring. A patch is available in version 2.14.2 and later.

Github Harden Runner Red Hat
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-14778 Maven MEDIUM PATCH This Month

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). [CVSS 5.4 MEDIUM]

Privilege Escalation Red Hat
NVD
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-24684 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24683 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24682 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a buffer management error in audio format parsing that causes out-of-bounds memory access when processing malformed audio data. An attacker can exploit this vulnerability over the network without authentication to trigger a denial of service condition. A patch is available in FreeRDP 3.22.0 and later.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24681 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24680 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24679 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a heap buffer overflow in the URBDRC USB redirection client enabling RCE through malicious RDP servers.

Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24677 CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a use-after-free in ecam_encoder_compress allowing malicious RDP servers to crash or execute code on clients.

Use After Free Buffer Overflow Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-24676 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in audio format renegotiation that allows unauthenticated attackers to cause denial of service by triggering a crash through audio processing. The vulnerability occurs when the AUDIN format list is freed during renegotiation while the capture thread continues accessing the freed memory, affecting any system running vulnerable FreeRDP instances. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24675 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the libusb device interface selection code where error handling prematurely frees configuration data that subsequent code attempts to access, causing denial of service. This vulnerability affects systems using FreeRDP for remote desktop protocol operations and can be triggered remotely without authentication or user interaction. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-24491 HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 are vulnerable to a use-after-free condition where the video_timer component sends notifications after the control channel closes, dereferencing freed memory and causing denial of service. An unauthenticated remote attacker can trigger this crash by manipulating RDP session timing, making the vulnerability exploitable with no user interaction required. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-23948 HIGH PATCH This Week

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

Null Pointer Dereference Denial Of Service Freerdp Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-66630 Go CRITICAL PATCH Act Now

Go Fiber web framework before 2.52.11 has a weak PRNG vulnerability (on Go < 1.24) that makes session tokens predictable, enabling session hijacking.

Golang CSRF Fiber Red Hat Suse
NVD GitHub
CVSS 3.1
9.4
EPSS
0.0%
CVE-2026-23903 Maven MEDIUM PATCH This Month

Authentication Bypass by Alternate Name vulnerability in Apache Shiro. This issue affects Apache Shiro: before 2.0.7. [CVSS 5.3 MEDIUM]

macOS Apache Authentication Bypass Shiro Red Hat
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-25793 Go HIGH PATCH This Week

Nebula is a scalable overlay networking tool. [CVSS 8.1 HIGH]

Information Disclosure Nebula Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-25731 HIGH POC PATCH This Week

calibre is an e-book manager. [CVSS 7.8 HIGH]

RCE Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-25636 HIGH POC PATCH This Week

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to corrupt or modify arbitrary files writable by the Calibre process. The vulnerability exploits improper handling of CipherReference URIs in encryption metadata, enabling attackers to write outside the intended extraction directory. Public exploit code exists for this high-severity issue, which is patched in version 9.2.0.

Path Traversal Calibre Red Hat Suse
NVD GitHub
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-25635 HIGH POC PATCH This Week

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk.

Windows RCE Path Traversal Calibre Red Hat +1
NVD GitHub
CVSS 3.1
8.6
EPSS
0.2%
CVE-2026-25727 Cargo MEDIUM PATCH This Month

The Rust time library versions 0.3.6 through 0.3.46 are vulnerable to denial of service through stack exhaustion when processing maliciously crafted RFC 2822 formatted input. An unauthenticated attacker can trigger recursive parsing of deprecated RFC 2822 features to exhaust stack memory and crash applications using affected versions. A patch implementing recursion depth limits is available in version 0.3.47 and later.

Denial Of Service Time Red Hat Suse
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24851 Go HIGH PATCH This Week

Improper policy enforcement in OpenFGA versions 1.8.5 through 1.11.2 (and corresponding Helm Chart and Docker releases) allows authenticated users to bypass authorization checks through specially crafted tuple configurations that mix type-bound public and non-public access policies. An attacker with valid credentials can exploit mismatched tuple assignments to gain unauthorized access to protected resources by leveraging lexicographic object ID ordering in the authorization engine. No patch is currently available.

Docker Openfga Helm Charts Red Hat Suse
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2025-58190 Go MEDIUM POC PATCH This Month

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. [CVSS 5.3 MEDIUM]

Golang Denial Of Service Html Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-47911 Go MEDIUM PATCH This Month

Html contains a vulnerability that allows attackers to denial of service (DoS) if an attacker provides specially crafted HTML content (CVSS 5.3).

Golang Denial Of Service Html Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2020-37127 MEDIUM POC PATCH This Month

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. [CVSS 5.5 MEDIUM]

Buffer Overflow Denial Of Service Red Hat Suse
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-25537 Cargo HIGH POC PATCH This Week

jsonwebtoken prior to version 10.3.0 allows attackers to bypass JWT time-based validation checks through type confusion when standard claims like nbf or exp are provided with incorrect JSON types. The library incorrectly treats malformed claims as absent rather than invalid, enabling bypass of critical security restrictions if validation is enabled but the claim is not explicitly marked as required. Public exploit code exists for this vulnerability.

Buffer Overflow Jsonwebtoken Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-25518 Go MEDIUM PATCH This Month

Denial-of-service in cert-manager versions 1.18.0-1.18.4 and 1.19.0-1.19.2 allows network-adjacent attackers to crash the controller by poisoning DNS cache entries during ACME DNS-01 validation through unencrypted DNS traffic interception. An attacker positioned to intercept DNS queries from the cert-manager pod can inject malicious DNS responses that trigger a panic in the controller, disrupting certificate management operations in affected Kubernetes clusters. A patch is available for immediate deployment.

Kubernetes DNS Cert Manager Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-23109 MEDIUM PATCH This Month

A denial of service vulnerability in the Linux kernel's writeback mechanism allows local users with standard privileges to cause indefinite hangs in wait_sb_inodes() when interacting with faulty FUSE servers that fail to respond to write requests. The vulnerability stems from improper handling of mappings without data integrity semantics, which should be skipped during synchronization operations but are instead waited upon indefinitely. An attacker controlling a malfunctioning FUSE server can exploit this to freeze system operations that depend on filesystem synchronization.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23108 MEDIUM PATCH This Month

The Linux kernel USB CAN driver (usb_8dev) fails to properly manage URB memory when USB transfers complete, allowing a local attacker with user privileges to trigger a memory leak and cause a denial of service through resource exhaustion. The vulnerability occurs because completed URBs are unanchored by the USB framework before the callback function executes, preventing proper cleanup during driver shutdown. No patch is currently available for this issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23105 HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq.

Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23104 MEDIUM PATCH This Month

A use-after-free vulnerability in the Linux kernel's ice driver causes a denial of service when devlink reload is followed by driver removal, as freed HWMON sensor memory is accessed by sysfs attribute handlers. Local users with sufficient privileges can trigger recurring kernel page faults approximately every 10 minutes when system monitoring tools attempt to read the orphaned hwmon attributes. This affects Linux systems with ice network drivers and causes system instability through repeated call traces.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23098 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netrom subsystem allows local attackers with user privileges to cause a denial of service or potentially execute code by triggering a double-free condition in the nr_route_frame() function when nr_neigh->ax25 is NULL. The vulnerability requires local access and user-level privileges to exploit, with no patch currently available.

Linux Information Disclosure Red Hat Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-23097 MEDIUM PATCH This Month

A deadlock vulnerability in the Linux kernel's hugetlb file folio migration code allows a local privileged user to cause a denial of service by triggering conflicting lock acquisitions between folio locks and memory mapping semaphores. The vulnerability occurs when migrate_pages() and hugetlbfs_fallocate() operations compete for locks in opposite orders, freezing affected processes. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23096 MEDIUM PATCH This Month

The Linux kernel's uacce subsystem can hang during device cleanup when cdev_device_add fails, as subsequent calls to cdev_device_del attempt to release already-freed memory. Local users with sufficient privileges can trigger a denial of service by causing the device initialization to fail, resulting in a system hang. A patch is not currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23094 MEDIUM PATCH This Month

The Linux kernel uacce driver improperly validates callback function implementations before creating isolation policy sysfs files, allowing local users with sufficient privileges to trigger a system crash by accessing unimplemented callback functions. This denial of service vulnerability affects systems where device isolation is configured but callback functions are incompletely implemented. No patch is currently available.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23093 MEDIUM PATCH This Month

CVE-2026-23093 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.1%
CVE-2026-23092 HIGH PATCH This Week

Local stack buffer overflow in the Linux kernel's AD3552R DAC driver allows a local authenticated attacker to write beyond allocated buffer boundaries through improper bounds checking in the ad3552r_hs_write_data_source function. An attacker with local access can trigger out-of-bounds writes on the stack, potentially leading to privilege escalation or denial of service. No patch is currently available for this vulnerability.

Linux Memory Corruption Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23091 MEDIUM PATCH This Month

The Linux kernel's Intel Trace Hub driver fails to properly release device references during output device operations, leading to resource exhaustion on systems with local access. A local authenticated user can trigger this memory leak through repeated open/close cycles or error conditions, potentially causing denial of service. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23090 MEDIUM PATCH This Month

The Linux kernel's Slimbus core driver fails to properly release device references when processing report-present messages, leading to a memory leak that can exhaust system resources. A local attacker with user privileges can trigger this leak by causing repeated Slimbus device registration events, potentially causing a denial of service through memory exhaustion. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23089 HIGH POC PATCH This Week

A use-after-free vulnerability in the Linux kernel's ALSA USB audio mixer can be triggered by local attackers with low privileges when mixer initialization fails, causing the kernel to access freed memory during sound card registration and potentially leading to information disclosure or denial of service. The flaw affects Linux systems with USB audio devices and remains unpatched, exploitable without user interaction after initial access to the system.

Linux Use After Free Memory Corruption Information Disclosure Linux Kernel +2
NVD VulDB GitHub
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23088 MEDIUM PATCH This Month

Linux kernel null pointer dereference in the tracing subsystem causes a denial of service when synthetic events reference stacktrace fields from other synthetic events. Local users with tracing permissions can trigger a kernel crash by creating chained synthetic events that pass stacktrace data between them. No patch is currently available for this vulnerability.

Linux Debian Denial Of Service Null Pointer Dereference Linux Kernel +2
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23085 MEDIUM PATCH This Month

The GICv3 interrupt controller driver in the Linux kernel on 32-bit systems with CONFIG_ARM_LPAE can truncate physical memory addresses above the 4GB limit when storing them in 32-bit variables, potentially causing system crashes or memory corruption. A local attacker with kernel-level privileges could trigger this condition through memory allocation patterns that force addresses into higher physical memory ranges. This vulnerability affects Linux systems using ARM Large Physical Address Extension with 32-bit address space configurations.

Linux Denial Of Service Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23081 MEDIUM PATCH This Month

The Intel XWay PHY driver in the Linux kernel fails to properly release device tree node references, causing memory leaks that can degrade system stability over time. Local users with sufficient privileges can trigger this refcount leakage through repeated device tree operations, potentially leading to denial of service conditions as memory resources become exhausted.

Linux Information Disclosure Intel Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23080 MEDIUM PATCH This Month

Memory leak in Linux kernel CAN USB driver (mcba_usb) allows local attackers with user privileges to exhaust system memory by triggering improper URB cleanup in the USB bulk read callback function. The vulnerability occurs because USB framework unanchors URBs before the completion callback executes, preventing proper deallocation when the device is closed. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23079 MEDIUM PATCH This Month

Memory resource leaks in the Linux kernel's GPIO character device interface allow local users with basic privileges to exhaust system memory through repeated errors in the lineinfo_changed_notify() function. An attacker can trigger this condition without user interaction, potentially causing denial of service through memory exhaustion. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23078 HIGH PATCH This Week

A buffer overflow in the Linux kernel's ALSA scarlett2 USB driver allows local attackers with user privileges to corrupt memory and potentially execute code by triggering improper endianness conversion during audio device configuration retrieval. The vulnerability stems from incorrect size validation that causes the function to access more bytes than allocated when processing multiple configuration elements. No patch is currently available for this vulnerability affecting Linux systems with Scarlett audio interfaces.

Linux Buffer Overflow Memory Corruption Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23077 HIGH PATCH This Week

Linux kernel memory corruption via use-after-free (UAF) in virtual memory area (VMA) handling allows local attackers with user privileges to cause denial of service or potentially execute code by triggering incorrect VMA merges during mremap() operations on faulted and unfaulted memory regions. The vulnerability stems from improper handling of anonymous VMA merges when remapping memory adjacent to unfaulted pages. No patch is currently available for this high-severity issue affecting the Linux kernel.

Linux Memory Corruption Information Disclosure Use After Free Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23076 HIGH PATCH This Week

Out-of-bounds array access in the Linux kernel's ctxfi audio mixer driver allows local attackers with user privileges to read sensitive memory or cause denial of service through improper loop index initialization in the amixer_index() and sum_index() functions. The vulnerability stems from uninitialized conf field handling that enables array bounds bypass with no user interaction required. No patch is currently available for this high-severity issue affecting all Linux distributions.

Linux Buffer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-23075 MEDIUM PATCH This Month

The Linux kernel esd_usb driver leaks memory in its USB bulk transfer callback function because unanchored URBs are not properly freed during device closure, allowing a local attacker with device access to exhaust kernel memory and cause a denial of service. The vulnerability affects systems using esd_usb CAN interface devices and can be triggered repeatedly through device open/close cycles.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23073 HIGH PATCH This Week

The RSI911x WiFi driver in the Linux kernel fails to allocate sufficient memory for virtual interface driver data, causing out-of-bounds writes to the ieee80211_vif structure and memory corruption. A local attacker with low privileges can exploit this to corrupt kernel memory and potentially execute arbitrary code. No patch is currently available.

Linux Memory Corruption Buffer Overflow Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23072 MEDIUM PATCH This Month

A memory leak in the Linux kernel's l2tp_udp_encap_recv() function fails to properly release l2tp_session and l2tp_tunnel structures when protocol version validation fails, allowing a local attacker to exhaust kernel memory and trigger a denial of service. The vulnerability affects all Linux systems running the vulnerable kernel versions, and exploitation requires local access with unprivileged user privileges. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23071 MEDIUM PATCH This Month

The Linux kernel's regmap hwspinlock implementation contains a race condition where concurrent threads accessing a shared spinlock flags variable can corrupt IRQ state, potentially leading to denial of service through system hangs or crashes. A local attacker with sufficient privileges can exploit this condition to cause the kernel to become unresponsive. The vulnerability affects Linux systems and currently has no available patch.

Linux Race Condition Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-23070 MEDIUM PATCH This Month

The Linux kernel's OcteonTX2 firmware driver fails to validate firmware data structures before access, causing kernel panics on systems without a MAC block. A local privileged attacker can trigger a denial of service by accessing the uninitialized firmware data region. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23069 MEDIUM PATCH This Month

An integer underflow in the Linux kernel's vsock/virtio credit calculation allows a local attacker with unprivileged access to cause a denial of service by exhausting system resources when the peer shrinks its advertised buffer while data is in flight. The vulnerability enables more data to be queued than the peer can handle, potentially leading to system instability. No patch is currently available for this medium-severity issue.

Linux Integer Overflow Information Disclosure Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23068 HIGH PATCH This Week

Double-free vulnerability in the Linux kernel's spi-sprd-adi driver allows local attackers with low privileges to cause a denial of service or potentially execute code by triggering a probe error path that improperly frees the SPI controller structure twice. The vulnerability exists in error handling where devm_spi_register_controller() is paired with manual spi_controller_put() calls, causing the kernel to attempt freeing the same memory region twice when device registration fails. No patch is currently available.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-23067 MEDIUM PATCH This Month

The Linux kernel's ARM IOMMU page table unmapping function returns a signedness-corrupted value when encountering unmapped memory, causing IOVA address overflow that triggers a kernel panic. Local attackers with sufficient privileges can exploit this to cause a denial of service by attempting to unmap invalid IOMMU pages. A patch is not yet available for this medium-severity vulnerability.

Linux Buffer Overflow Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23065 MEDIUM PATCH This Month

A memory leak in the Linux kernel's AMD platform driver allows local authenticated users to exhaust system memory through repeated failures in the WBRF (Wifi Band RFI Mitigation) record function, potentially leading to denial of service. The vulnerability exists in the wbrf_record() function where a temporary buffer allocated via kcalloc() is not properly freed when the acpi_evaluate_dsm() call fails. An attacker with local access and sufficient privileges could trigger this condition multiple times to consume available memory and degrade system performance.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23064 MEDIUM PATCH This Month

A null pointer dereference in the Linux kernel's net/sched act_ife module allows local users with low privileges to cause a denial of service through a kernel crash when the ife_encode() function fails to validate return values. The vulnerability affects the traffic control scheduling subsystem and requires local access to trigger.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23063 MEDIUM PATCH This Month

Linux kernel UACCE subsystem is vulnerable to a null pointer dereference that causes a denial of service when queue release and device removal operations execute concurrently during system shutdown. A local attacker with standard user privileges can trigger this condition by forcing accelerator queue cleanup while the device is being removed, crashing the kernel. No patch is currently available.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23062 MEDIUM PATCH This Month

The hp-bioscfg driver in the Linux kernel contains a null pointer dereference vulnerability triggered by an off-by-one error and missing NULL checks in the GET_INSTANCE_ID macro when accessing BIOS configuration sysfs attributes. Local users with unprivileged access can trigger a kernel panic by reading certain attribute files, causing denial of service during BIOS configuration operations. No patch is currently available for this vulnerability.

Linux Null Pointer Dereference Denial Of Service Linux Kernel Red Hat +1
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23061 MEDIUM PATCH This Month

The Linux kernel's Kvaser USB CAN driver fails to properly release USB request block (URB) memory in its completion callback, allowing a local attacker with user privileges to cause a denial of service through memory exhaustion. The vulnerability occurs because URBs are unanchored by the USB framework before the completion function executes, preventing proper cleanup during device removal. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-1642 MEDIUM PATCH This Month

NGINX proxy configurations forwarding traffic to upstream TLS servers can be exploited by network-positioned attackers to inject unencrypted data into proxied responses, potentially compromising data integrity. This vulnerability affects NGINX OSS, NGINX Plus, and related products when specific upstream server conditions are present. No patch is currently available for this medium-severity issue.

Nginx Nginx Ingress Controller Nginx Open Source Nginx Instance Manager Nginx Gateway Fabric +3
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-1801 MEDIUM PATCH This Month

HTTP request smuggling in libsoup allows remote attackers to exploit non-compliant chunk header parsing by injecting malformed requests with LF-only line endings instead of proper CRLF formatting. Without requiring authentication, an attacker can cause libsoup to interpret multiple HTTP requests from a single network message, potentially leading to information disclosure. No patch is currently available for this vulnerability.

Information Disclosure Request Smuggling Red Hat Suse
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-1285 PyPI HIGH PATCH This Week

Django's HTML truncation functions (chars(), words(), and related template filters) are vulnerable to denial-of-service attacks when processing specially crafted inputs with excessive unmatched HTML end tags. Affected versions include Django 6.0 before 6.0.2, 5.2 before 5.2.11, 4.2 before 4.2.28, and potentially unsupported series 5.0.x, 4.1.x, and 3.2.x. Remote attackers can exploit this to cause service disruptions without requiring authentication or user interaction.

Django Red Hat Suse
NVD HeroDevs
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-14550 PyPI HIGH PATCH This Week

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. [CVSS 7.5 HIGH]

Golang Django Red Hat Suse
NVD HeroDevs
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-13473 PyPI MEDIUM PATCH This Month

Django versions up to 6.0.2 contains a vulnerability that allows attackers to enumerate users via a timing attack (CVSS 5.3).

Golang Django Red Hat Suse
NVD HeroDevs
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-61645 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. [CVSS 6.1 MEDIUM]

Mediawiki PHP XSS Red Hat
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-24133 npm MEDIUM POC PATCH This Month

Denial of service in jsPDF prior to version 4.1.0 occurs when malicious BMP files with oversized dimension headers are processed by the addImage or html methods, causing excessive memory allocation and application crashes. Public exploit code exists for this vulnerability. Organizations using jsPDF should upgrade to version 4.1.0 or later to remediate the issue.

Denial Of Service Jspdf Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-24043 npm MEDIUM POC PATCH This Month

Jspdf versions up to 4.1.0 contains a vulnerability that allows attackers to inject arbitrary XML (CVSS 5.4).

Code Injection Jspdf Red Hat
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-24040 npm MEDIUM POC PATCH This Month

jsPDF versions prior to 4.1.0 contain a race condition in the addJS method where a shared module-scoped variable is overwritten during concurrent PDF generation, causing JavaScript payloads and embedded data intended for one user to be included in another user's generated PDF. This cross-user data leakage primarily affects server-side Node.js deployments handling simultaneous requests, allowing attackers to access sensitive information leaked across user sessions. Public exploit code exists for this vulnerability.

Node.js Race Condition Jspdf Red Hat
NVD GitHub
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-6594 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. [CVSS 4.7 MEDIUM]

Mediawiki XSS Red Hat
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-1760 MEDIUM PATCH This Month

SoupServer's improper handling of HTTP requests combining Transfer-Encoding: chunked and Connection: keep-alive headers enables remote attackers to smuggle malicious requests over persistent connections without authentication. This HTTP request smuggling vulnerability can cause denial-of-service conditions and unintended request processing by exploiting the server's failure to properly close connections per RFC 9112. No patch is currently available.

Denial Of Service Code Injection Red Hat Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-23024 MEDIUM PATCH This Month

The idpf driver in the Linux kernel fails to properly clean up flow steering list entries during module removal, resulting in memory leaks when ethtool flow steering rules remain active. A local user with module removal privileges can trigger this memory exhaustion condition. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23023 MEDIUM PATCH This Month

The Linux kernel's idpf driver fails to properly free the vport->rx_ptype_lkup memory during virtual port reset operations, resulting in a memory leak that could degrade system performance or cause denial of service on affected systems. A local attacker with sufficient privileges could trigger repeated reset cycles to exhaust available kernel memory. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23022 MEDIUM PATCH This Month

The Linux kernel's idpf driver fails to free the hw->lan_regs memory allocation during core deinitialization, resulting in a memory leak that can degrade system stability during driver reset operations. Local users with sufficient privileges can trigger this leak repeatedly through driver reset cycles, potentially leading to denial of service through memory exhaustion. A patch is not currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-23021 MEDIUM PATCH This Month

The pegasus USB driver in Linux kernel fails to properly release memory when asynchronous device register writes encounter USB submission failures, leading to memory exhaustion. A local attacker with user-level access can trigger this leak by causing USB operations to fail, potentially degrading system performance or causing denial of service. A patch is available to address the resource cleanup issue.

Linux Information Disclosure Linux Kernel Red Hat Suse
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 4.3).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 5.4).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's Ozone component (versions prior to 145.0.7632.45) stems from a use-after-free vulnerability that can be triggered when users interact with malicious HTML pages through specific UI gestures. An unauthenticated remote attacker can exploit this to achieve arbitrary code execution with high impact on confidentiality, integrity, and availability. No patch is currently available, leaving affected Chrome users vulnerable to exploitation.

Google Use After Free Chrome +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Google Chrome versions prior to 145.0.7632.45 contain a race condition in DevTools that allows remote attackers to corrupt objects by convincing users to perform specific UI interactions and install a malicious extension. An attacker exploiting this vulnerability could achieve high-impact outcomes including information disclosure, data modification, or denial of service. The vulnerability currently has no available patch.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Google Chrome versions before 145.0.7632.45 contain an animation implementation flaw that allows remote attackers to exfiltrate cross-origin data through specially crafted HTML pages. The vulnerability requires user interaction to trigger and affects all Chrome users, potentially exposing sensitive information from other websites. No patch is currently available.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Chrome versions up to 145.0.7632.45 is affected by user interface (ui) misrepresentation of critical information (CVSS 6.5).

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out of bounds memory access in Google Chrome's WebGPU implementation prior to version 145.0.7632.45 allows unauthenticated attackers to trigger memory corruption through a malicious HTML page. This vulnerability requires user interaction but carries high risk due to potential for arbitrary code execution or information disclosure. No patch is currently available.

Google Chrome Red Hat +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in Google Chrome's codec implementation prior to version 145.0.7632.45 enables remote attackers to corrupt heap memory and potentially achieve arbitrary code execution through a malicious HTML page. The vulnerability requires user interaction to visit a crafted webpage but does not require special privileges, affecting all Chrome users. No patch is currently available.

Google Buffer Overflow Chrome +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's CSS engine prior to version 145.0.7632.45 can be triggered through crafted HTML pages, enabling remote attackers to achieve arbitrary code execution without user interaction beyond viewing a malicious webpage. The vulnerability stems from a use-after-free memory flaw that affects all Chrome users, and currently no patch is available. With a CVSS score of 8.8 and low exploit difficulty, this represents a critical risk to active Chrome installations.

Google Use After Free Chrome +2
NVD
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Roundcube Webmail versions up to 1.5.13 is affected by inclusion of functionality from untrusted control sphere (CVSS 4.7).

RCE Red Hat Suse
NVD GitHub VulDB
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

A flaw was found in Keycloak. When the logging format is configured to a verbose, user-supplied pattern (such as the pre-defined 'long' pattern), sensitive headers including Authorization and Cookie are disclosed to the logs in cleartext. [CVSS 5.0 MEDIUM]

Information Disclosure Red Hat
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Corrupted Git pack and index files are not properly validated in go-git versions before 5.16.5, allowing an attacker to supply malicious packfiles that bypass integrity checks and cause go-git to consume corrupted data. This can result in unexpected application errors and denial of service conditions for any system using the vulnerable go-git library to fetch or process Git repositories. The vulnerability requires user interaction to fetch from a malicious or compromised Git source.

Information Disclosure Go Git Red Hat +1
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM PATCH This Month

Faraday HTTP client library versions before 2.14.1 fail to properly validate protocol-relative URLs when merging user-supplied paths with base URLs, allowing attackers to redirect requests to arbitrary hosts via SSRF attacks. Applications that pass untrusted input to Faraday request methods like get() or post() are vulnerable to request hijacking. A patch is available in version 2.14.1 and later.

Ruby SSRF Faraday +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Harden-Runner versions prior to 2.14.2 fail to log outbound network connections made through sendto, sendmsg, and sendmmsg socket calls when audit mode is enabled, allowing attackers to exfiltrate data from GitHub Actions runners without detection. This integrity bypass affects users relying on Harden-Runner's egress policy auditing for security monitoring. A patch is available in version 2.14.2 and later.

Github Harden Runner Red Hat
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService (UMA Protection API). [CVSS 5.4 MEDIUM]

Privilege Escalation Red Hat
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the audio playback subsystem where the RDPSND async thread processes queued audio packets after the channel has been closed and its internal state freed, causing a denial of service. The vulnerability affects systems running vulnerable FreeRDP versions and can be exploited remotely without authentication or user interaction. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the input event handling mechanism where unsynchronized access to cached channel callbacks can be freed or reinitialized by concurrent channel closure operations. An attacker with network access can trigger a denial of service condition by exploiting this race condition. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a buffer management error in audio format parsing that causes out-of-bounds memory access when processing malformed audio data. An attacker can exploit this vulnerability over the network without authentication to trigger a denial of service condition. A patch is available in FreeRDP 3.22.0 and later.

Buffer Overflow Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the URBDRC channel handler where asynchronous bulk transfer completions reference freed memory after channel closure, enabling denial of service attacks. An unauthenticated remote attacker can trigger this condition through malformed RDP protocol messages to crash the FreeRDP service. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in pointer handling where sdl_Pointer_New and sdl_Pointer_Free both attempt to free the same memory, causing a denial of service condition. An attacker with network access can trigger this memory corruption to crash RDP client instances without authentication. The vulnerability affects all users of vulnerable FreeRDP versions and is resolved in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a heap buffer overflow in the URBDRC USB redirection client enabling RCE through malicious RDP servers.

Buffer Overflow Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

FreeRDP prior to 3.22.0 has a use-after-free in ecam_encoder_compress allowing malicious RDP servers to crash or execute code on clients.

Use After Free Buffer Overflow Freerdp +2
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in audio format renegotiation that allows unauthenticated attackers to cause denial of service by triggering a crash through audio processing. The vulnerability occurs when the AUDIN format list is freed during renegotiation while the capture thread continues accessing the freed memory, affecting any system running vulnerable FreeRDP instances. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 contain a use-after-free vulnerability in the libusb device interface selection code where error handling prematurely frees configuration data that subsequent code attempts to access, causing denial of service. This vulnerability affects systems using FreeRDP for remote desktop protocol operations and can be triggered remotely without authentication or user interaction. A patch is available in version 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP versions prior to 3.22.0 are vulnerable to a use-after-free condition where the video_timer component sends notifications after the control channel closes, dereferencing freed memory and causing denial of service. An unauthenticated remote attacker can trigger this crash by manipulating RDP session timing, making the vulnerability exploitable with no user interaction required. A patch is available in FreeRDP 3.22.0 and later.

Use After Free Freerdp Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

FreeRDP proxy versions prior to 3.22.0 are vulnerable to denial of service when processing specially crafted RDP server responses that trigger a null pointer dereference in the logon information handler. An unauthenticated attacker controlling a malicious RDP server can crash the FreeRDP proxy by sending a LogonInfoV2 PDU with empty domain or username fields. This vulnerability has been patched in version 3.22.0 and later.

Null Pointer Dereference Denial Of Service Freerdp +2
NVD GitHub VulDB
EPSS 0% CVSS 9.4
CRITICAL PATCH Act Now

Go Fiber web framework before 2.52.11 has a weak PRNG vulnerability (on Go < 1.24) that makes session tokens predictable, enabling session hijacking.

Golang CSRF Fiber +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Authentication Bypass by Alternate Name vulnerability in Apache Shiro. This issue affects Apache Shiro: before 2.0.7. [CVSS 5.3 MEDIUM]

macOS Apache Authentication Bypass +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Nebula is a scalable overlay networking tool. [CVSS 8.1 HIGH]

Information Disclosure Nebula Red Hat +1
NVD GitHub VulDB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

calibre is an e-book manager. [CVSS 7.8 HIGH]

RCE Calibre Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.2
HIGH POC PATCH This Week

Calibre 9.1.0 and earlier contains a path traversal vulnerability in EPUB conversion that allows malicious EPUB files to corrupt or modify arbitrary files writable by the Calibre process. The vulnerability exploits improper handling of CipherReference URIs in encryption metadata, enabling attackers to write outside the intended extraction directory. Public exploit code exists for this high-severity issue, which is patched in version 9.2.0.

Path Traversal Calibre Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.6
HIGH POC PATCH This Week

Remote code execution in Calibre prior to version 9.2.0 through a path traversal flaw in the CHM reader allows local attackers to write arbitrary files with user permissions, enabling payload execution via the Windows Startup folder. Public exploit code exists for this vulnerability. Windows users should upgrade to Calibre 9.2.0 or later to remediate the risk.

Windows RCE Path Traversal +3
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The Rust time library versions 0.3.6 through 0.3.46 are vulnerable to denial of service through stack exhaustion when processing maliciously crafted RFC 2822 formatted input. An unauthenticated attacker can trigger recursive parsing of deprecated RFC 2822 features to exhaust stack memory and crash applications using affected versions. A patch implementing recursion depth limits is available in version 0.3.47 and later.

Denial Of Service Time Red Hat +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Improper policy enforcement in OpenFGA versions 1.8.5 through 1.11.2 (and corresponding Helm Chart and Docker releases) allows authenticated users to bypass authorization checks through specially crafted tuple configurations that mix type-bound public and non-public access policies. An attacker with valid credentials can exploit mismatched tuple assignments to gain unauthorized access to protected resources by leveraging lexicographic object ID ordering in the authorization engine. No patch is currently available.

Docker Openfga Helm Charts +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content. [CVSS 5.3 MEDIUM]

Golang Denial Of Service Html +2
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Html contains a vulnerability that allows attackers to denial of service (DoS) if an attacker provides specially crafted HTML content (CVSS 5.3).

Golang Denial Of Service Html +2
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM POC PATCH This Month

Dnsmasq-utils 2.79-1 contains a buffer overflow vulnerability in the dhcp_release utility that allows attackers to cause a denial of service by supplying excessive input. [CVSS 5.5 MEDIUM]

Buffer Overflow Denial Of Service Red Hat +1
NVD Exploit-DB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

jsonwebtoken prior to version 10.3.0 allows attackers to bypass JWT time-based validation checks through type confusion when standard claims like nbf or exp are provided with incorrect JSON types. The library incorrectly treats malformed claims as absent rather than invalid, enabling bypass of critical security restrictions if validation is enabled but the claim is not explicitly marked as required. Public exploit code exists for this vulnerability.

Buffer Overflow Jsonwebtoken Red Hat
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Denial-of-service in cert-manager versions 1.18.0-1.18.4 and 1.19.0-1.19.2 allows network-adjacent attackers to crash the controller by poisoning DNS cache entries during ACME DNS-01 validation through unencrypted DNS traffic interception. An attacker positioned to intercept DNS queries from the cert-manager pod can inject malicious DNS responses that trigger a panic in the controller, disrupting certificate management operations in affected Kubernetes clusters. A patch is available for immediate deployment.

Kubernetes DNS Cert Manager +2
NVD GitHub VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A denial of service vulnerability in the Linux kernel's writeback mechanism allows local users with standard privileges to cause indefinite hangs in wait_sb_inodes() when interacting with faulty FUSE servers that fail to respond to write requests. The vulnerability stems from improper handling of mappings without data integrity semantics, which should be skipped during synchronization operations but are instead waited upon indefinitely. An attacker controlling a malfunctioning FUSE server can exploit this to freeze system operations that depend on filesystem synchronization.

Linux Denial Of Service Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel USB CAN driver (usb_8dev) fails to properly manage URB memory when USB transfers complete, allowing a local attacker with user privileges to trigger a memory leak and cause a denial of service through resource exhaustion. The vulnerability occurs because completed URBs are unanchored by the USB framework before the callback function executes, preventing proper cleanup during driver shutdown. No patch is currently available for this issue.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq.

Linux Information Disclosure Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A use-after-free vulnerability in the Linux kernel's ice driver causes a denial of service when devlink reload is followed by driver removal, as freed HWMON sensor memory is accessed by sysfs attribute handlers. Local users with sufficient privileges can trigger recurring kernel page faults approximately every 10 minutes when system monitoring tools attempt to read the orphaned hwmon attributes. This affects Linux systems with ice network drivers and causes system instability through repeated call traces.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's netrom subsystem allows local attackers with user privileges to cause a denial of service or potentially execute code by triggering a double-free condition in the nr_route_frame() function when nr_neigh->ax25 is NULL. The vulnerability requires local access and user-level privileges to exploit, with no patch currently available.

Linux Information Disclosure Red Hat +1
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A deadlock vulnerability in the Linux kernel's hugetlb file folio migration code allows a local privileged user to cause a denial of service by triggering conflicting lock acquisitions between folio locks and memory mapping semaphores. The vulnerability occurs when migrate_pages() and hugetlbfs_fallocate() operations compete for locks in opposite orders, freezing affected processes. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's uacce subsystem can hang during device cleanup when cdev_device_add fails, as subsequent calls to cdev_device_del attempt to release already-freed memory. Local users with sufficient privileges can trigger a denial of service by causing the device initialization to fail, resulting in a system hang. A patch is not currently available.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel uacce driver improperly validates callback function implementations before creating isolation policy sysfs files, allowing local users with sufficient privileges to trigger a system crash by accessing unimplemented callback functions. This denial of service vulnerability affects systems where device isolation is configured but callback functions are incompletely implemented. No patch is currently available.

Linux Denial Of Service Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

CVE-2026-23093 is a security vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local stack buffer overflow in the Linux kernel's AD3552R DAC driver allows a local authenticated attacker to write beyond allocated buffer boundaries through improper bounds checking in the ad3552r_hs_write_data_source function. An attacker with local access can trigger out-of-bounds writes on the stack, potentially leading to privilege escalation or denial of service. No patch is currently available for this vulnerability.

Linux Memory Corruption Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's Intel Trace Hub driver fails to properly release device references during output device operations, leading to resource exhaustion on systems with local access. A local authenticated user can trigger this memory leak through repeated open/close cycles or error conditions, potentially causing denial of service. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's Slimbus core driver fails to properly release device references when processing report-present messages, leading to a memory leak that can exhaust system resources. A local attacker with user privileges can trigger this leak by causing repeated Slimbus device registration events, potentially causing a denial of service through memory exhaustion. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH POC PATCH This Week

A use-after-free vulnerability in the Linux kernel's ALSA USB audio mixer can be triggered by local attackers with low privileges when mixer initialization fails, causing the kernel to access freed memory during sound card registration and potentially leading to information disclosure or denial of service. The flaw affects Linux systems with USB audio devices and remains unpatched, exploitable without user interaction after initial access to the system.

Linux Use After Free Memory Corruption +4
NVD VulDB GitHub
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Linux kernel null pointer dereference in the tracing subsystem causes a denial of service when synthetic events reference stacktrace fields from other synthetic events. Local users with tracing permissions can trigger a kernel crash by creating chained synthetic events that pass stacktrace data between them. No patch is currently available for this vulnerability.

Linux Debian Denial Of Service +4
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The GICv3 interrupt controller driver in the Linux kernel on 32-bit systems with CONFIG_ARM_LPAE can truncate physical memory addresses above the 4GB limit when storing them in 32-bit variables, potentially causing system crashes or memory corruption. A local attacker with kernel-level privileges could trigger this condition through memory allocation patterns that force addresses into higher physical memory ranges. This vulnerability affects Linux systems using ARM Large Physical Address Extension with 32-bit address space configurations.

Linux Denial Of Service Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Intel XWay PHY driver in the Linux kernel fails to properly release device tree node references, causing memory leaks that can degrade system stability over time. Local users with sufficient privileges can trigger this refcount leakage through repeated device tree operations, potentially leading to denial of service conditions as memory resources become exhausted.

Linux Information Disclosure Intel +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory leak in Linux kernel CAN USB driver (mcba_usb) allows local attackers with user privileges to exhaust system memory by triggering improper URB cleanup in the USB bulk read callback function. The vulnerability occurs because USB framework unanchors URBs before the completion callback executes, preventing proper deallocation when the device is closed. No patch is currently available.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Memory resource leaks in the Linux kernel's GPIO character device interface allow local users with basic privileges to exhaust system memory through repeated errors in the lineinfo_changed_notify() function. An attacker can trigger this condition without user interaction, potentially causing denial of service through memory exhaustion. No patch is currently available.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

A buffer overflow in the Linux kernel's ALSA scarlett2 USB driver allows local attackers with user privileges to corrupt memory and potentially execute code by triggering improper endianness conversion during audio device configuration retrieval. The vulnerability stems from incorrect size validation that causes the function to access more bytes than allocated when processing multiple configuration elements. No patch is currently available for this vulnerability affecting Linux systems with Scarlett audio interfaces.

Linux Buffer Overflow Memory Corruption +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Linux kernel memory corruption via use-after-free (UAF) in virtual memory area (VMA) handling allows local attackers with user privileges to cause denial of service or potentially execute code by triggering incorrect VMA merges during mremap() operations on faulted and unfaulted memory regions. The vulnerability stems from improper handling of anonymous VMA merges when remapping memory adjacent to unfaulted pages. No patch is currently available for this high-severity issue affecting the Linux kernel.

Linux Memory Corruption Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Out-of-bounds array access in the Linux kernel's ctxfi audio mixer driver allows local attackers with user privileges to read sensitive memory or cause denial of service through improper loop index initialization in the amixer_index() and sum_index() functions. The vulnerability stems from uninitialized conf field handling that enables array bounds bypass with no user interaction required. No patch is currently available for this high-severity issue affecting all Linux distributions.

Linux Buffer Overflow Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel esd_usb driver leaks memory in its USB bulk transfer callback function because unanchored URBs are not properly freed during device closure, allowing a local attacker with device access to exhaust kernel memory and cause a denial of service. The vulnerability affects systems using esd_usb CAN interface devices and can be triggered repeatedly through device open/close cycles.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The RSI911x WiFi driver in the Linux kernel fails to allocate sufficient memory for virtual interface driver data, causing out-of-bounds writes to the ieee80211_vif structure and memory corruption. A local attacker with low privileges can exploit this to corrupt kernel memory and potentially execute arbitrary code. No patch is currently available.

Linux Memory Corruption Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak in the Linux kernel's l2tp_udp_encap_recv() function fails to properly release l2tp_session and l2tp_tunnel structures when protocol version validation fails, allowing a local attacker to exhaust kernel memory and trigger a denial of service. The vulnerability affects all Linux systems running the vulnerable kernel versions, and exploitation requires local access with unprivileged user privileges. No patch is currently available.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

The Linux kernel's regmap hwspinlock implementation contains a race condition where concurrent threads accessing a shared spinlock flags variable can corrupt IRQ state, potentially leading to denial of service through system hangs or crashes. A local attacker with sufficient privileges can exploit this condition to cause the kernel to become unresponsive. The vulnerability affects Linux systems and currently has no available patch.

Linux Race Condition Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's OcteonTX2 firmware driver fails to validate firmware data structures before access, causing kernel panics on systems without a MAC block. A local privileged attacker can trigger a denial of service by accessing the uninitialized firmware data region. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

An integer underflow in the Linux kernel's vsock/virtio credit calculation allows a local attacker with unprivileged access to cause a denial of service by exhausting system resources when the peer shrinks its advertised buffer while data is in flight. The vulnerability enables more data to be queued than the peer can handle, potentially leading to system instability. No patch is currently available for this medium-severity issue.

Linux Integer Overflow Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Double-free vulnerability in the Linux kernel's spi-sprd-adi driver allows local attackers with low privileges to cause a denial of service or potentially execute code by triggering a probe error path that improperly frees the SPI controller structure twice. The vulnerability exists in error handling where devm_spi_register_controller() is paired with manual spi_controller_put() calls, causing the kernel to attempt freeing the same memory region twice when device registration fails. No patch is currently available.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's ARM IOMMU page table unmapping function returns a signedness-corrupted value when encountering unmapped memory, causing IOVA address overflow that triggers a kernel panic. Local attackers with sufficient privileges can exploit this to cause a denial of service by attempting to unmap invalid IOMMU pages. A patch is not yet available for this medium-severity vulnerability.

Linux Buffer Overflow Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A memory leak in the Linux kernel's AMD platform driver allows local authenticated users to exhaust system memory through repeated failures in the WBRF (Wifi Band RFI Mitigation) record function, potentially leading to denial of service. The vulnerability exists in the wbrf_record() function where a temporary buffer allocated via kcalloc() is not properly freed when the acpi_evaluate_dsm() call fails. An attacker with local access and sufficient privileges could trigger this condition multiple times to consume available memory and degrade system performance.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A null pointer dereference in the Linux kernel's net/sched act_ife module allows local users with low privileges to cause a denial of service through a kernel crash when the ife_encode() function fails to validate return values. The vulnerability affects the traffic control scheduling subsystem and requires local access to trigger.

Linux Null Pointer Dereference Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Linux kernel UACCE subsystem is vulnerable to a null pointer dereference that causes a denial of service when queue release and device removal operations execute concurrently during system shutdown. A local attacker with standard user privileges can trigger this condition by forcing accelerator queue cleanup while the device is being removed, crashing the kernel. No patch is currently available.

Linux Null Pointer Dereference Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The hp-bioscfg driver in the Linux kernel contains a null pointer dereference vulnerability triggered by an off-by-one error and missing NULL checks in the GET_INSTANCE_ID macro when accessing BIOS configuration sysfs attributes. Local users with unprivileged access can trigger a kernel panic by reading certain attribute files, causing denial of service during BIOS configuration operations. No patch is currently available for this vulnerability.

Linux Null Pointer Dereference Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's Kvaser USB CAN driver fails to properly release USB request block (URB) memory in its completion callback, allowing a local attacker with user privileges to cause a denial of service through memory exhaustion. The vulnerability occurs because URBs are unanchored by the USB framework before the completion function executes, preventing proper cleanup during device removal. No patch is currently available for this medium-severity issue.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

NGINX proxy configurations forwarding traffic to upstream TLS servers can be exploited by network-positioned attackers to inject unencrypted data into proxied responses, potentially compromising data integrity. This vulnerability affects NGINX OSS, NGINX Plus, and related products when specific upstream server conditions are present. No patch is currently available for this medium-severity issue.

Nginx Nginx Ingress Controller Nginx Open Source +5
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

HTTP request smuggling in libsoup allows remote attackers to exploit non-compliant chunk header parsing by injecting malformed requests with LF-only line endings instead of proper CRLF formatting. Without requiring authentication, an attacker can cause libsoup to interpret multiple HTTP requests from a single network message, potentially leading to information disclosure. No patch is currently available for this vulnerability.

Information Disclosure Request Smuggling Red Hat +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Django's HTML truncation functions (chars(), words(), and related template filters) are vulnerable to denial-of-service attacks when processing specially crafted inputs with excessive unmatched HTML end tags. Affected versions include Django 6.0 before 6.0.2, 5.2 before 5.2.11, 4.2 before 4.2.28, and potentially unsupported series 5.0.x, 4.1.x, and 3.2.x. Remote attackers can exploit this to cause service disruptions without requiring authentication or user interaction.

Django Red Hat Suse
NVD HeroDevs
EPSS 0% CVSS 7.5
HIGH PATCH This Week

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. `ASGIRequest` allows a remote attacker to cause a potential denial-of-service via a crafted request with multiple duplicate headers. [CVSS 7.5 HIGH]

Golang Django Red Hat +1
NVD HeroDevs
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Django versions up to 6.0.2 contains a vulnerability that allows attackers to enumerate users via a timing attack (CVSS 5.3).

Golang Django Red Hat +1
NVD HeroDevs
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/pager/CodexTablePager.Php. [CVSS 6.1 MEDIUM]

Mediawiki PHP XSS +1
NVD
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Denial of service in jsPDF prior to version 4.1.0 occurs when malicious BMP files with oversized dimension headers are processed by the addImage or html methods, causing excessive memory allocation and application crashes. Public exploit code exists for this vulnerability. Organizations using jsPDF should upgrade to version 4.1.0 or later to remediate the issue.

Denial Of Service Jspdf Red Hat
NVD GitHub
EPSS 0% CVSS 5.4
MEDIUM POC PATCH This Month

Jspdf versions up to 4.1.0 contains a vulnerability that allows attackers to inject arbitrary XML (CVSS 5.4).

Code Injection Jspdf Red Hat
NVD GitHub
EPSS 0% CVSS 4.8
MEDIUM POC PATCH This Month

jsPDF versions prior to 4.1.0 contain a race condition in the addJS method where a shared module-scoped variable is overwritten during concurrent PDF generation, causing JavaScript payloads and embedded data intended for one user to be included in another user's generated PDF. This cross-user data leakage primarily affects server-side Node.js deployments handling simultaneous requests, allowing attackers to access sensitive information leaked across user sessions. Public exploit code exists for this vulnerability.

Node.js Race Condition Jspdf +1
NVD GitHub
EPSS 0% CVSS 4.7
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandbox.Js. [CVSS 4.7 MEDIUM]

Mediawiki XSS Red Hat
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

SoupServer's improper handling of HTTP requests combining Transfer-Encoding: chunked and Connection: keep-alive headers enables remote attackers to smuggle malicious requests over persistent connections without authentication. This HTTP request smuggling vulnerability can cause denial-of-service conditions and unintended request processing by exploiting the server's failure to properly close connections per RFC 9112. No patch is currently available.

Denial Of Service Code Injection Red Hat +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The idpf driver in the Linux kernel fails to properly clean up flow steering list entries during module removal, resulting in memory leaks when ethtool flow steering rules remain active. A local user with module removal privileges can trigger this memory exhaustion condition. No patch is currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's idpf driver fails to properly free the vport->rx_ptype_lkup memory during virtual port reset operations, resulting in a memory leak that could degrade system performance or cause denial of service on affected systems. A local attacker with sufficient privileges could trigger repeated reset cycles to exhaust available kernel memory. No patch is currently available for this vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Linux kernel's idpf driver fails to free the hw->lan_regs memory allocation during core deinitialization, resulting in a memory leak that can degrade system stability during driver reset operations. Local users with sufficient privileges can trigger this leak repeatedly through driver reset cycles, potentially leading to denial of service through memory exhaustion. A patch is not currently available for this medium-severity vulnerability.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The pegasus USB driver in Linux kernel fails to properly release memory when asynchronous device register writes encounter USB submission failures, leading to memory exhaustion. A local attacker with user-level access can trigger this leak by causing USB operations to fail, potentially degrading system performance or causing denial of service. A patch is available to address the resource cleanup issue.

Linux Information Disclosure Linux Kernel +2
NVD VulDB
Prev Page 34 of 96 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy