Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-43073 — x86-64: rename misleadingly named '__copy_user_nocache()' function

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various his…

May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43072 — drm/vc4: platform_get_irq_byname() returns an int

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so …

linux_kernel | Misconfiguration
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43071 — dcache: Limit the minimal number of bucket to two

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43070 — bpf: Reset register ID for BPF_END value tracking

In the Linux kernel, the following vulnerability has been resolved: bpf: Reset register ID for BPF_END value tracking When a register undergoes a BPF_END (byte swap) operation, its scalar value is …

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43069 — Bluetooth: hci_ll: Fix firmware leak on error path

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_ll: Fix firmware leak on error path Smatch reports: drivers/bluetooth/hci_ll.c:587 download_firmware() warn: 'fw'…

linux_kernel | Misconfiguration
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43068 — ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() There's issue as follows: ... EXT4-fs (mmcblk0p1): Dela…

linux_kernel | Misconfiguration
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43067 — ext4: handle wraparound when searching for blocks for indirect mapped blocks

In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 ("ext4: always allocate blocks o…

May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43066 — ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths During code review, Joseph found that ext4_fc_replay_inode() calls e…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43065 — ext4: always drain queued discard work in ext4_mb_release()

In the Linux kernel, the following vulnerability has been resolved: ext4: always drain queued discard work in ext4_mb_release() While reviewing recent ext4 patch[1], Sashiko raised the following co…

linux_kernel | Misconfiguration
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43064 — dmaengine: idxd: Fix not releasing workqueue on .release()

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release() The workqueue associated with an DSA/IAA device is not released when t…

linux_kernel | Misconfiguration
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43063 — xfs: don't irele after failing to iget in xfs_attri_recover_work

In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfs_attri_recover_work xlog_recovery_iget* never set @ip to a valid pointer if they ret…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43062 — Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp() l2cap_ecred_reconf_rsp() casts the incoming data to struct l2cap…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43061 — serial: 8250: Fix TX deadlock when using DMA

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix TX deadlock when using DMA `dmaengine_terminate_async` does not guarantee that the `__dma_tx_complete` callback…

linux_kernel | Denial of Service
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43060 — netfilter: nft_ct: drop pending enqueued packets on removal

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: drop pending enqueued packets on removal Packets sitting in nfqueue might hold a reference to: - templates th…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-43059 — Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers Commit 302a1f674c00 ("Bluetooth: MGMT: Fix possible UAF…

linux_kernel | Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
0.0 NA
CVE-2026-39103 — GPAC Buffer Overflow Denial of Service

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svg_attributes.c, svg_parse_string…

| Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
2.3 LOW
CVE-2026-35192 — Session fixation via public cached pages and SESSION_SAVE_EVERY_REQUEST

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but `SESSION_SAVE_EVERY_REQUEST` is `True`. A remote attacker …

django | Remote | Information Disclosure
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
5.9 MEDIUM
CVE-2026-34956 — Openvswitch: open vswitch: denial of service via malformed ftp epasv command

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a…

Remote | Denial of Service
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
6.1 MEDIUM
CVE-2026-34002 — Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bo…

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling. An attacker with access to the X11 server can exploit …

| Memory Corruption
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
6.1 MEDIUM
CVE-2026-34000 — Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-b…

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and `XkbAddGeomKeyAlias` functions, allows an at…

| Information Disclosure
May 05, 2026 May 05, 2026
May 05, 2026
May 05, 2026
Showing 20 of 5683 Results