Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-41570 — PHPUnit: Argument injection via newline in PHP INI values forwarded to child processes

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes (used for isolated/PHPT test execution) as -d name=value command-line argu…

| Injection
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-41308 — Password Pusher: JSON API `/p.json` file upload alias bypasses file-push authentication

Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue in OSS PasswordPusher allowed unauthenticated cre…

| Authentication
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-41487 — Langfuse: Improper role-based-access control in Langfuse LLM connection management allowe…

Langfuse is an open source large language model engineering platform. From version 3.68.0 to before version 3.167.0, there is a role-based-access control flaw in the LLM connection update flow. An a…

| Authorization
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43475 — scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT This resolves the follow splat and lock-up when running with PREEMPT_RT …

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43474 — fs: init flags_valid before calling vfs_fileattr_get

In the Linux kernel, the following vulnerability has been resolved: fs: init flags_valid before calling vfs_fileattr_get syzbot reported a uninit-value bug in [1]. Similar to the "*get" context wh…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43473 — scsi: mpi3mr: Add NULL checks when resetting request and reply queues

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a crash during resource cleanup when…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43472 — unshare: fix unshare_fs() handling

In the Linux kernel, the following vulnerability has been resolved: unshare: fix unshare_fs() handling There's an unpleasant corner case in unshare(2), when we have a CLONE_NEWNS in flags and curre…

| Misconfiguration
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43471 — scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace()

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace() The kernel log indicates a crash in ufshcd_a…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43470 — nfs: return EISDIR on nfs3_proc_create if d_alias is a dir

In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir If we found an alias through nfs3_do_create/nfs_add_or_obtain /d_splic…

| Misconfiguration
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43469 — xprtrdma: Decrement re_receiving on the early exit paths

In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrement re_receiving on the early exit paths In the event that rpcrdma_post_recvs() fails to create a work request (d…

| Denial of Service
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43468 — net/mlx5: Fix deadlock between devlink lock and esw->wq

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw->wq esw->work_queue executes esw_functions_changed_event_handler -> esw_vfs_c…

| Race Condition
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43467 — net/mlx5: Fix crash when moving to switchdev mode

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the device doesn't support IPsec, we try to …

| Misconfiguration
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43466 — net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX error CQE, a recovery flow is triggered, mlx5e_reset_txqs…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43465 — net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer whe…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43464 — net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify the layout of the XDP buffer when …

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43463 — rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer()

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer() rxrpc_kernel_lookup_peer() can also return error poi…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43462 — net: spacemit: Fix error handling in emac_tx_mem_map()

In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emac_tx_mem_map() The DMA mappings were leaked on mapping error. Free them with the existing…

May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43461 — spi: amlogic: spifc-a4: Fix DMA mapping error handling

In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in aml_sfc_dma_buffer_setup() error paths: 1. Unnecessary g…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43460 — spi: rockchip-sfc: Fix double-free in remove() callback

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove() callback The driver uses devm_spi_register_controller() for registration, which au…

May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
0.0 NA
CVE-2026-43459 — ASoC: soc-core: flush delayed work before removing DAIs and widgets

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is unbound while a PCM stream is open, a us…

| Memory Corruption
May 08, 2026 May 08, 2026
May 08, 2026
May 08, 2026
Showing 20 of 5924 Results