Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-63874 — net: mctp: usb: fix race between urb completion and rx_retry cancellation

In the Linux kernel, the following vulnerability has been resolved: net: mctp: usb: fix race between urb completion and rx_retry cancellation It's possible that sequencing between setting ->stopped…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63873 — accel/amdxdna: Fix mm_struct reference leak in aie2_populate_range()

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix mm_struct reference leak in aie2_populate_range() aie2_populate_range() jumps back to the again label without …

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63872 — esp: fix page frag reference leak on skb_to_sgvec failure

In the Linux kernel, the following vulnerability has been resolved: esp: fix page frag reference leak on skb_to_sgvec failure In esp_output_tail(), when esp->inplace is false, the old skb page frag…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63871 — Bluetooth: ISO: Fix data-race on iso_pi fields in hci_get_route calls

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix data-race on iso_pi fields in hci_get_route calls iso_connect_bis(), iso_connect_cis(), iso_listen_bis(), and…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63870 — ieee802154: 6lowpan: only accept IPv6 packets in lowpan_xmit()

In the Linux kernel, the following vulnerability has been resolved: ieee802154: 6lowpan: only accept IPv6 packets in lowpan_xmit() The aoe driver (or similar) generates a non-IPv6 packet (e.g., ETH…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63869 — wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap When parsing the radiotap header of an injected frame…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63868 — net: garp: fix unsigned integer underflow in garp_pdu_parse_attr

In the Linux kernel, the following vulnerability has been resolved: net: garp: fix unsigned integer underflow in garp_pdu_parse_attr The receive-side GARP attribute parser computes dlen with revers…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63867 — mptcp: close TOCTOU race while computing rcv_wnd

In the Linux kernel, the following vulnerability has been resolved: mptcp: close TOCTOU race while computing rcv_wnd The MPTCP output path access locklessly the MPTCP-level ack_seq in multiple time…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
7.5 HIGH
CVE-2026-16221 — fast-uri vulnerable to host confusion via literal backslash authority delimiter

Impact: fast-uri versions from 2.3.1 through 4.1.0 (including the 3.x line up to 3.1.3 and the 2.x line up to 2.4.2) do not treat a literal backslash character (U+005C) as an authority delimiter. Nod…

| Server-Side Request Forgery
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63866 — wifi: mt76: mt7996: Clear wcid pointer in mt7996_mac_sta_deinit_link()

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Clear wcid pointer in mt7996_mac_sta_deinit_link() Clear WCID pointer removing the sta link in mt7996_mac_sta…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63865 — bpf: Drop task_to_inode and inet_conn_established from lsm sleepable hooks

In the Linux kernel, the following vulnerability has been resolved: bpf: Drop task_to_inode and inet_conn_established from lsm sleepable hooks bpf_lsm_task_to_inode() is called under rcu_read_lock(…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63864 — bpf: Propagate error from visit_tailcall_insn

In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from visit_tailcall_insn Commit e40f5a6bf88a ("bpf: correct stack liveness for tail calls") added visit_tail…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63863 — drm/gpusvm: Fix unbalanced unlock in drm_gpusvm_scan_mm()

In the Linux kernel, the following vulnerability has been resolved: drm/gpusvm: Fix unbalanced unlock in drm_gpusvm_scan_mm() There is a unbalanced lock/unlock to gpusvm notifier lock: [ 931.04586…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63862 — PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found

In the Linux kernel, the following vulnerability has been resolved: PCI: mediatek-gen3: Prevent leaking IRQ domains when IRQ not found In mtk_pcie_setup_irq(), the IRQ domains are allocated before …

Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63861 — spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback

In the Linux kernel, the following vulnerability has been resolved: spi: mtk-snfi: unregister ECC engine on probe failure and remove() callback mtk_snand_probe() registers the on-host NAND ECC engi…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63860 — RDMA/core: Prefer NLA_NUL_STRING

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Prefer NLA_NUL_STRING These attributes are evaluated as c-string (passed to strcmp), but NLA_STRING doesn't check for …

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63859 — net: airoha: Add missing bits in airoha_qdma_cleanup_tx_queue()

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Add missing bits in airoha_qdma_cleanup_tx_queue() Similar to airoha_qdma_cleanup_rx_queue(), reset DMA TX descripto…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63858 — netfilter: nf_tables: add hook transactions for device deletions

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: add hook transactions for device deletions Restore the flag that indicates that the hook is going away, ie.…

Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63857 — net: airoha: Do not read uninitialized fragment address in airoha_dev_xmit()

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Do not read uninitialized fragment address in airoha_dev_xmit() The transmit loop in airoha_dev_xmit() reads fragmen…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-63856 — drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn: set no_user_fence for VCN v2.0 enc/dec rings VCN encoder and decoder rings do not support 64-bit user fence write…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
Showing 20 of 7863 Results