Latest CVE Feed
-
0.0
NACVE-2026-23005
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATE_BV[i] in guest XSAVE state whenever XFD[i]=1 When loading guest XSAVE state via KVM_SET_XSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabl... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-71185
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag This is more of a preventive patch to make the code more consistent and to prevent possible explo... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23110
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wak... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-67102
A SQL injection vulnerability in the alldayoffs feature in Jorani up to v1.0.4, allows an authenticated attacker to execute arbitrary SQL commands via the entity parameter.... Read more
Affected Products :- Published: Feb. 17, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Injection
-
0.0
NACVE-2026-22996
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv mlx5e_priv is an unstable structure that can be memset(0) if profile attaching fails, mlx5e_priv in mlx5e_dev devlink private... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23007
In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrity buffer for writes needs to be fully initialized before being passed to the underlying block device, othe... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Jan. 26, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-67433
A heap buffer overflow in the processRequest function of Open TFTP Server MultiThreaded v1.7 allows attackers to cause a Denial of Service (DoS) via a crafted DATA packet.... Read more
Affected Products :- Published: Feb. 12, 2026
- Modified: Feb. 13, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23031
In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak In gs_can_open(), the URBs for USB-in transfers are allocated, added to the parent->rx_submitted anchor and submitted. I... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23040
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This c... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-32355
Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the proxy is misconfigured in a way that allows specifying absolute URLs in the HTTP request line, causing the proxy to load the given resource.... Read more
Affected Products :- Published: Feb. 17, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23045
In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devl_param_driverinit_value_set() in ena. WARNING: net/devlink/core.c:261 at devl_assert_lock... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23051
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix drm panic null pointer when driver not support atomic When driver not support atomic, fb using plane->fb rather than plane->state->fb. (cherry picked from commit 2f2a72... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
-
0.0
NACVE-2026-23060
In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryp... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Cryptography
-
0.0
NACVE-2026-23011
In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header() robust Analog to commit db5b4e39c4e6 ("ip6_gre: make ip6gre_header() robust") Over the years, syzbot found many ways to crash the kernel in ipgre_head... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23196
In the Linux kernel, the following vulnerability has been resolved: HID: Intel-thc-hid: Intel-thc: Add safety check for reading DMA buffer Add DMA buffer readiness check before reading DMA buffer to avoid unexpected NULL pointer accessing.... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
-
0.0
NACVE-2026-23191
In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. S... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23208
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize[0] 22 packsize[1] 23. T... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23204
In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_u32: use skb_header_pointer_careful() skb_header_pointer() does not fully validate negative @offset values. Use skb_header_pointer_careful() instead. GangMin Kim provid... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23209
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 i... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption