Latest CVE Feed
-
0.0
NACVE-2026-23224
In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option [ 9.269940][ T3222] Call trace: [ 9.269948][ T3222] ext4_file_read_iter+0xac/0x108 [ 9.269979][ T3222] vfs_iocb... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23220
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In __process_request(), i... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-71234
In the Linux kernel, the following vulnerability has been resolved: wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add The driver does not set hw->sta_data_size, which causes mac80211 to allocate insufficient space for driver private station dat... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71237
In the Linux kernel, the following vulnerability has been resolved: nilfs2: Fix potential block overflow that cause system hang When a user executes the FITRIM command, an underflow can occur when calculating nblocks if end_block is too small. Since nbl... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23212
In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races around slave->last_rx slave->last_rx and slave->target_last_arp_rx[...] can be read and written locklessly. Add READ_ONCE() and WRITE_ONCE() annotations. s... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23023
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpf_vport_rel() Free vport->rx_ptype_lkup in idpf_vport_rel() to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23173
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touc... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
-
0.0
NACVE-2026-23211
In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swap_space attr aviod kernel panic commit 8b47299a411a ("mm, swap: mark swap address space ro and add context debug check") made the swap address space read-only. It ... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) on the /tools/Password/add page in the input field password.... Read more
Affected Products :- Published: Feb. 17, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2026-26722
An issue in Key Systems Inc Global Facilities Management Software v.20230721a allows a remote attacker to escalate privileges via PIN component of the login functionality.... Read more
Affected Products :- Published: Feb. 20, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Authentication
-
0.0
NACVE-2026-23207
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() ... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23180
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for if_id in IRQ handler The IRQ handler extracts if_id from the upper 16 bits of the hardware status register and uses it to index into ethsw->ports[] wi... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23179
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() When the socket is closed while in TCP_LISTEN a callback is run to flush all outstanding packets, which in turns calls nvmet_tcp_l... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23131
In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with em... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
-
0.0
NACVE-2026-26724
Cross Site Scripting vulnerability in Key Systems Inc Global Facilities Management Software v. 20230721a allows a remote attacker to execute arbitrary code via the selectgroup and gn parameters on the /?Function=Groups endpoint.... Read more
Affected Products :- Published: Feb. 20, 2026
- Modified: Feb. 20, 2026
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2026-23134
In the Linux kernel, the following vulnerability has been resolved: slab: fix kmalloc_nolock() context check for PREEMPT_RT On PREEMPT_RT kernels, local_lock becomes a sleeping lock. The current check in kmalloc_nolock() only verifies we're not in NMI o... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23136
In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osd_fault() When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progre... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23139
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conncount: update last_gc only when GC has been performed Currently last_gc is being updated everytime a new connection is tracked, that means that it is updated even if a... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23154
In the Linux kernel, the following vulnerability has been resolved: net: fix segmentation of forwarding fraglist GRO This patch enhances GSO segment handling by properly checking the SKB_GSO_DODGY flag for frag_list GSO packets, addressing low throughpu... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23157
In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages [BUG] There is an internal report that over 1000 processes are waiting at the io_schedule_timeout() of ba... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service