Latest CVE Feed
-
0.0
NACVE-2026-23212
In the Linux kernel, the following vulnerability has been resolved: bonding: annotate data-races around slave->last_rx slave->last_rx and slave->target_last_arp_rx[...] can be read and written locklessly. Add READ_ONCE() and WRITE_ONCE() annotations. s... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23211
In the Linux kernel, the following vulnerability has been resolved: mm, swap: restore swap_space attr aviod kernel panic commit 8b47299a411a ("mm, swap: mark swap address space ro and add context debug check") made the swap address space read-only. It ... Read more
Affected Products : linux_kernel- Published: Feb. 18, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-70846
lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting (XSS) on the /tools/Password/add page in the input field password.... Read more
Affected Products :- Published: Feb. 17, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2026-23010
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6_addr_del(). syzbot reported use-after-free of inet6_ifaddr in inet6_addr_del(). [0] The cited commit accidentally moved ipv6_del_addr() for mngtmpaddr... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23207
In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect curr_xfer check in IRQ handler Now that all other accesses to curr_xfer are done under the lock, protect the curr_xfer NULL check in tegra_qspi_isr_thread() ... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23180
In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for if_id in IRQ handler The IRQ handler extracts if_id from the upper 16 bits of the hardware status register and uses it to index into ethsw->ports[] wi... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23179
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() When the socket is closed while in TCP_LISTEN a callback is run to flush all outstanding packets, which in turns calls nvmet_tcp_l... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23178
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() `i2c_hid_xfer` is used to read `recv_len + sizeof(__le16)` bytes of data into `ihid->rawbuf`. The former can come fr... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23162
In the Linux kernel, the following vulnerability has been resolved: drm/xe/nvm: Fix double-free on aux add failure After a successful auxiliary_device_init(), aux_dev->dev.release (xe_nvm_release_dev()) is responsible for the kfree(nvm). When there is f... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23161
In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swap freeing is not handling the order of swap entries correctly. It uses xa_cmpxchg_irq to erase the swa... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23144
In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure When a context DAMON sysfs directory setup is failed after setup of attrs/ directory, subdirectories of attrs/ directo... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23132
In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dw_dp_bind Fix several issues in dw_dp_bind() error handling: 1. Missing return after drm_bridge_attach() failure - the function cont... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23125
In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTP_CMD_ASSOC_SHKEY right after SCTP_CMD_PEER_INIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ======================... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23541
Missing Authorization vulnerability in WPFunnels Mail Mint mail-mint allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Mail Mint: from n/a through <= 1.19.4.... Read more
Affected Products :- Published: Feb. 19, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Authorization
-
0.0
NACVE-2026-23543
Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Addons for Elementor: from n/a throu... Read more
Affected Products : essential_addons_for_elementor- Published: Feb. 19, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Authorization
-
0.0
NACVE-2026-23122
In the Linux kernel, the following vulnerability has been resolved: igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue The previous 7 KB per queue caused TX unit hangs under heavy timestamping load. Reducing to 5 KB avoids these hangs and matche... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23121
In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev->work dev->work can re read locklessly in mISDN_read() and mISDN_poll(). Add READ_ONCE()/WRITE_ONCE() annotations. BUG: KCSAN: data-race in mISDN_i... Read more
Affected Products : linux_kernel- Published: Feb. 14, 2026
- Modified: Feb. 18, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23548
Missing Authorization vulnerability in designinvento DirectoryPress directorypress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DirectoryPress: from n/a through <= 3.6.25.... Read more
Affected Products : directorypress- Published: Feb. 19, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Authorization
-
0.0
NACVE-2026-22998
In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Commit efa56305908b ("nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length") added ttag bounds ch... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23805
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yoren Chang Media Search Enhanced media-search-enhanced allows SQL Injection.This issue affects Media Search Enhanced: from n/a through <= 0.9.1.... Read more
Affected Products :- Published: Feb. 19, 2026
- Modified: Feb. 19, 2026
- Vuln Type: Injection