Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.2 MEDIUM
CVE-2026-9813 — FlowIntel external reference URL probe allows server-side request forgery

FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker who can submit an external…

Remote | Server-Side Request Forgery
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
6.0 MEDIUM
CVE-2026-4377 — Use of Weak Credentials in D-Link DWR-X1820 router

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the defaul…

| Authentication
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
8.7 HIGH
CVE-2026-47074 — ex_aws_sns SigningCertURL not validated in verify_message/1

Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated wi…

Remote | Authentication
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46241 — spi: mpc52xx: fix use-after-free on registration failure

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on registration failure Make sure to disable and free the interrupts in case controller registra…

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46240 — media: iris: Fix use-after-free in iris_release_internal_buffers()

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in iris_release_internal_buffers() The recent change in commit 1dabf00ee206 ("media: iris: gen1: …

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46239 — media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl Three control cases (AUTOGAIN, EXPOSURE_AUTO, ANALOGUE_GAIN) directly …

| Misconfiguration
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46238 — batman-adv: stop caching unowned originator pointers in BAT IV

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neigh_node, but…

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46237 — drm/amdgpu/vcn3: Avoid overflow on msg bound check

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. …

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46236 — media: rc: xbox_remote: heed DMA restrictions

In the Linux kernel, the following vulnerability has been resolved: media: rc: xbox_remote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates th…

| Misconfiguration
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46235 — media: saa7164: add ioremap return checks and cleanups

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164_dev_setup(). If ioremap fo…

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46234 — vsock: fix buffer size clamping order

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsock_update_buffer_size(), the buffer size was being clamped to the maximum first, and …

| Misconfiguration
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46233 — batman-adv: bla: only purge non-released claims

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadv_bla_purge_claims() goes through the list of claims, it is only traver…

| Race Condition
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46232 — HID: playstation: Clamp num_touch_reports

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp num_touch_reports A device would never lie about the number of touch reports would it? If it does the lo…

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46231 — batman-adv: bla: put backbone reference on failed claim hash insert

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadv_bla_add_claim() fails to insert a new claim into …

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46230 — drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg.

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46229 — drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPU_GEM_CREATE_VRAM_WIPE_ON_RELEA…

| Information Disclosure
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46228 — spi: ch341: fix devres lifetime

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime ti…

| Memory Corruption
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46227 — sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL The SCTP_SENDALL path in sctp_sendmsg() iterates ep->as…

| Race Condition
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46226 — spi: fsl: fix controller deregistration

In the Linux kernel, the following vulnerability has been resolved: spi: fsl: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA dur…

| Misconfiguration
May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
0.0 NA
CVE-2026-46225 — spi: rspi: fix controller deregistration

In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA du…

May 28, 2026 May 28, 2026
May 28, 2026
May 28, 2026
Showing 20 of 6700 Results