Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-43281 — mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate()

In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fw_mbox_index_xlate() Although it is guided that `#mbox-cells` must be at least 1, there…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43280 — drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise When user provides a bogus pat_index value through th…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43279 — ALSA: usb-audio: Add sanity check for OOB writes at silencing

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode befor…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43278 — dm: clear cloned request bio pointer when last clone bio completes

In the Linux kernel, the following vulnerability has been resolved: dm: clear cloned request bio pointer when last clone bio completes Stale rq->bio values have been observed to cause double-initia…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43277 — APEI/GHES: ensure that won't go past CPER allocated record

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghes_new() prevents allocating too large records, by chec…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43276 — net: mana: Fix double destroy_workqueue on service rescan PCI path

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroy_workqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free cra…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43275 — scsi: ufs: core: Flush exception handling work when RPM level is zero

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Flush exception handling work when RPM level is zero Ensure that the exception event handling work is explicitly…

| Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43274 — mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() The cluster_cfg array is dynamically allocated…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43273 — ceph: supply snapshot context in ceph_zero_partial_object()

In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in ceph_zero_partial_object() The ceph_zero_partial_object function was missing proper snapshot con…

| Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43272 — ring-buffer: Fix possible dereference of uninitialized pointer

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix possible dereference of uninitialized pointer There is a pointer head_page in rb_meta_validate_events() which is…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43271 — md-cluster: fix NULL pointer dereference in process_metadata_update

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in process_metadata_update The function process_metadata_update() blindly dereferences t…

| Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43270 — media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove()

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() In mtk_mdp_probe(), vpu_get_plat_device() increases the reference co…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43269 — drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback

In the Linux kernel, the following vulnerability has been resolved: drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback After several commits, the slab memory increases. Some dr…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43268 — hfsplus: pretend special inodes as regular files

In the Linux kernel, the following vulnerability has been resolved: hfsplus: pretend special inodes as regular files Since commit af153bb63a33 ("vfs: catch invalid modes in may_open()") requires an…

| Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43267 — wifi: rtw89: fix potential zero beacon interval in beacon tracking

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bss_conf->beacon_i…

| Denial of Service
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43266 — EFI/CPER: don't go past the ARM processor CPER record buffer

In the Linux kernel, the following vulnerability has been resolved: EFI/CPER: don't go past the ARM processor CPER record buffer There's a logic inside GHES/CPER to detect if the section_length is …

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43265 — KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a b…

| Denial of Service
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43264 — fbdev: of: display_timing: fix refcount leak in of_get_display_timings()

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: display_timing: fix refcount leak in of_get_display_timings() of_parse_phandle() returns a device_node with refcount i…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43263 — media: chips-media: wave5: Fix Null reference while testing fluster

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts h…

| Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
0.0 NA
CVE-2026-43262 — gfs2: fiemap page fault fix

In the Linux kernel, the following vulnerability has been resolved: gfs2: fiemap page fault fix In gfs2_fiemap(), we are calling iomap_fiemap() while holding the inode glock. This can lead to recu…

May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
Showing 20 of 5864 Results