Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-27390

    In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: remove one synchronize_net() barrier in ipv6_mc_down() As discussed in the past (commit 2d3916f31891 ("ipv6: fix skb drops in igmp6_event_query() and igmp6_event_report()")... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-27391

    In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: do not realloc workqueue everytime an interface is added Commit 09ed8bfc5215 ("wilc1000: Rename workqueue from "WILC_wq" to "NETDEV-wq"") moved workqueue creation in wil... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 7.8

    HIGH
    CVE-2024-27036

    In the Linux kernel, the following vulnerability has been resolved: cifs: Fix writeback data corruption cifs writeback doesn't correctly handle the case where cifs_extend_writeback() hits a point where it is considering an additional folio, but this wou... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 6.5

    MEDIUM
    CVE-2025-10061

    An authorized user can cause a crash in the MongoDB Server through a specially crafted $group query. This vulnerability is related to the incorrect handling of certain accumulator functions when additional parameters are specified within the $group operat... Read more

    Affected Products : mongodb
    • Published: Sep. 05, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 5.5

    MEDIUM
    CVE-2021-47532

    In the Linux kernel, the following vulnerability has been resolved: drm/msm/devfreq: Fix OPP refcnt leak... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 7.5

    HIGH
    CVE-2025-58446

    xgrammar is an open-source library for efficient, flexible, and portable structured generation. A grammar optimizer introduced in 0.1.23 processes large grammars (>100k characters) at very low rates, and can be used for DOS of model providers. This issue ... Read more

    Affected Products : xgrammar
    • Published: Sep. 06, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Denial of Service

  • 7.8

    HIGH
    CVE-2021-47533

    In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Clear the HVS FIFO commit pointer once done Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before a commit") introduced a wait on the previous commit done... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 7.8

    HIGH
    CVE-2021-47536

    In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the link group from the link group list, but it deleted the list head by mistake. This may ... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2021-47538

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() Need to call rxrpc_put_local() for peer candidate before kfree() as it holds a ref to rxrpc_local. [DH: v2: Changed to abstract the p... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2021-47539

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() Need to call rxrpc_put_peer() for bundle candidate before kfree() as it holds a ref to rxrpc_peer. [DH: v2: Changed to abstract out... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 9.8

    CRITICAL
    CVE-2025-10079

    A flaw has been found in PHPGurukul Small CRM 4.0. Affected by this vulnerability is an unknown functionality of the file /get-quote.php. Executing manipulation of the argument Contact can lead to sql injection. The attack can be executed remotely. The ex... Read more

    Affected Products : small_crm
    • Published: Sep. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Injection

  • 7.1

    HIGH
    CVE-2024-36019

    In the Linux kernel, the following vulnerability has been resolved: regmap: maple: Fix cache corruption in regcache_maple_drop() When keeping the upper end of a cache block entry, the entry[] array must be indexed by the offset from the base register of... Read more

    Affected Products : linux_kernel
    • Published: May. 30, 2024
    • Modified: Sep. 18, 2025

  • 7.8

    HIGH
    CVE-2024-36015

    In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the return value of ida_simple_get is unchecked, in witch ida_simple_get will use an invalid index value. To address th... Read more

    Affected Products : linux_kernel
    • Published: May. 29, 2024
    • Modified: Sep. 18, 2025

  • 6.5

    MEDIUM
    CVE-2025-58782

    Deserialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1; Apache Jackrabbit JCR Commons: from 1.0.0 through 2.22.1. Deployments that... Read more

    Affected Products : jackrabbit jackrabbit_jcr_commons
    • Published: Sep. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Misconfiguration

  • 5.5

    MEDIUM
    CVE-2024-27063

    In the Linux kernel, the following vulnerability has been resolved: leds: trigger: netdev: Fix kernel panic on interface rename trig notify Commit d5e01266e7f5 ("leds: trigger: netdev: add additional specific link speed mode") in the various changes, re... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2024-27039

    In the Linux kernel, the following vulnerability has been resolved: clk: hisilicon: hi3559a: Fix an erroneous devm_kfree() 'p_clk' is an array allocated just before the for loop for all clk that need to be registered. It is incremented at each loop iter... Read more

    Affected Products : linux_kernel
    • Published: May. 01, 2024
    • Modified: Sep. 18, 2025

  • 5.5

    MEDIUM
    CVE-2021-47567

    In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fix hardlockup on vmap stack overflow Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do not activate MMU before reading task struct") a vmap stack overflow res... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 3.7

    LOW
    CVE-2024-48341

    dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addShop... Read more

    Affected Products : dingfanzu
    • Published: Sep. 08, 2025
    • Modified: Sep. 18, 2025
    • Vuln Type: Cross-Site Request Forgery

  • 7.8

    HIGH
    CVE-2021-47566

    In the Linux kernel, the following vulnerability has been resolved: proc/vmcore: fix clearing user buffer by properly using clear_user() To clear a user buffer we cannot simply use memset, we have to use clear_user(). With a virtio-mem device that regi... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025

  • 7.8

    HIGH
    CVE-2021-47565

    In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix kernel panic during drive powercycle test While looping over shost's sdev list it is possible that one of the drives is getting removed and its sas_target object is f... Read more

    Affected Products : linux_kernel
    • Published: May. 24, 2024
    • Modified: Sep. 18, 2025
Showing 20 of 294690 Results