Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 0.0

    NA
    CVE-2026-23010

    In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of inet6_ifaddr in inet6_addr_del(). [0] The cited commit accidentally moved ipv6_del_addr() for mngtmpaddr... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Feb. 06, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23166

    In the Linux kernel, the following vulnerability has been resolved: ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues Add NULL pointer checks in ice_vsi_set_napi_queues() to prevent crashes during resume from suspend when rings[q_idx]->q_vect... Read more

    Affected Products : linux_kernel
    • Published: Feb. 14, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23024

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Module removal ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23017

    In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the init_task on load If the init_task fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that stat... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Denial of Service
  • 0.0

    NA
    CVE-2025-71184

    In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btr... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2025-71189

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 06, 2026
  • 0.0

    NA
    CVE-2026-23025

    In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU#0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: de... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 06, 2026
    • Vuln Type: Race Condition
  • 0.0

    NONE
    CVE-2025-67483

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Page.Preview.Js. This issue affects M... Read more

    Affected Products : mediawiki
    • Published: Feb. 03, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Cross-Site Scripting
  • 0.0

    NA
    CVE-2026-23006

    In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "snd_soc_component" in "adcx140_priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx14... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Feb. 06, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23003

    In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of pskb_... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Feb. 06, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23008

    In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2025-71190

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind.... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 06, 2026
  • 0.0

    NA
    CVE-2025-71227

    In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear (to me) how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and h... Read more

    Affected Products : linux_kernel
    • Published: Feb. 18, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Misconfiguration
  • 0.0

    NA
    CVE-2026-24984

    Missing Authorization vulnerability in Brecht Visual Link Preview visual-link-preview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Visual Link Preview: from n/a through <= 2.2.9.... Read more

    Affected Products : visual_link_preview
    • Published: Feb. 03, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Authorization
  • 0.0

    NA
    CVE-2026-23218

    In the Linux kernel, the following vulnerability has been resolved: gpio: loongson-64bit: Fix incorrect NULL check after devm_kcalloc() Fix incorrect NULL check in loongson_gpio_init_irqchip(). The function checks chip->parent instead of chip->irq.paren... Read more

    Affected Products : linux_kernel
    • Published: Feb. 18, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Memory Corruption
  • 0.0

    NA
    CVE-2026-23219

    In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single When CONFIG_MEM_ALLOC_PROFILING_DEBUG is enabled, the following warning may be noticed: [ 3959.023862] ----------... Read more

    Affected Products : linux_kernel
    • Published: Feb. 18, 2026
    • Modified: Feb. 18, 2026
    • Vuln Type: Misconfiguration
  • 0.0

    NONE
    CVE-2025-67478

    Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php. This issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.... Read more

    Affected Products :
    • Published: Feb. 03, 2026
    • Modified: Feb. 03, 2026
  • 0.0

    NA
    CVE-2025-71181

    In the Linux kernel, the following vulnerability has been resolved: rust_binder: remove spin_lock() in rust_shrink_free_page() When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 ("mm/list_lru: split the lock to per-cgroup ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Race Condition
  • 0.0

    NA
    CVE-2026-23036

    In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget_failed() in btrfs_read_locked_inode() In btrfs_read_locked_inode() if we fail to lookup the inode, we jump to the 'out' label with a path that has a read... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Race Condition
  • 0.0

    NA
    CVE-2026-23035

    In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails. Pass netdev to mlx5e_destroy_netdev... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Misconfiguration
Showing 20 of 4584 Results