Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
7.8 HIGH
CVE-2026-23248 — perf/core: Fix refcount bug and potential UAF in perf_mmap

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix refcount bug and potential UAF in perf_mmap Syzkaller reported a refcount_t: addition on 0; use-after-free warning…

linux_kernel | Race Condition
Mar 18, 2026 Apr 02, 2026
Mar 18, 2026
Apr 02, 2026
0.0 NA
CVE-2026-23247 — tcp: secure_seq: add back ports to TS offset

In the Linux kernel, the following vulnerability has been resolved: tcp: secure_seq: add back ports to TS offset This reverts 28ee1b746f49 ("secure_seq: downgrade to per-host timestamp offsets") t…

linux_kernel | Information Disclosure
Mar 18, 2026 Mar 18, 2026
Mar 18, 2026
Mar 18, 2026
8.8 HIGH
CVE-2026-23246 — wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration link_id is taken from the ML Reconfiguration element (contro…

linux_kernel | Memory Corruption
Mar 18, 2026 Apr 02, 2026
Mar 18, 2026
Apr 02, 2026
7.8 HIGH
CVE-2026-23245 — net/sched: act_gate: snapshot parameters with RCU on replace

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_gate: snapshot parameters with RCU on replace The gate action can be replaced while the hrtimer callback or dump p…

linux_kernel | Race Condition
Mar 18, 2026 Apr 02, 2026
Mar 18, 2026
Apr 02, 2026
0.0 NA
CVE-2026-23244 — nvme: fix memory allocation in nvme_pr_read_keys()

In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvme_pr_read_keys() nvme_pr_read_keys() takes num_keys from userspace and uses it to calculate the…

linux_kernel | Memory Corruption
Mar 18, 2026 Mar 25, 2026
Mar 18, 2026
Mar 25, 2026
7.8 HIGH
CVE-2026-23243 — RDMA/umad: Reject negative data_len in ib_umad_write

In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD heade…

linux_kernel | Memory Corruption
Mar 18, 2026 Apr 02, 2026
Mar 18, 2026
Apr 02, 2026
7.5 HIGH
CVE-2026-23242 — RDMA/siw: Fix potential NULL pointer dereference in header processing

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix potential NULL pointer dereference in header processing If siw_get_hdr() returns -EINVAL before set_rx_fpdu_context…

linux_kernel | Remote | Memory Corruption
Mar 18, 2026 Apr 02, 2026
Mar 18, 2026
Apr 02, 2026
0.0 NA
CVE-2025-71267 — fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST We found an infinite loop bug in the ntfs3 file system that can le…

linux_kernel | Denial of Service
Mar 18, 2026 Mar 18, 2026
Mar 18, 2026
Mar 18, 2026
0.0 NA
CVE-2025-71266 — fs: ntfs3: check return value of indx_find to avoid infinite loop

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indx_find to avoid infinite loop We found an infinite loop bug in the ntfs3 file system that can…

linux_kernel | Denial of Service
Mar 18, 2026 Mar 18, 2026
Mar 18, 2026
Mar 18, 2026
0.0 NA
CVE-2025-71265 — fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata We found an infinite loop bug in the ntfs3 file sys…

linux_kernel | Denial of Service
Mar 18, 2026 Mar 18, 2026
Mar 18, 2026
Mar 18, 2026
5.3 MEDIUM
CVE-2025-12518 — Stored XSS in beefree.io

beefree.io SDK is vulnerable to Stored XSS in Social Media icon URL parameter in email builder functionality. Malicious attacker can inject arbitrary HTML and JS into template, which will be rendered…

Remote | Cross-Site Scripting
Mar 18, 2026 Mar 18, 2026
Mar 18, 2026
Mar 18, 2026
Showing 20 of 6511 Results