CVE-2026-34757 LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure 10 hours ago
CVE-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile 10 hours ago
CVE-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix 10 hours ago
CVE-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile 10 hours ago
CVE-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls 10 hours ago
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function 10 hours ago
CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 10 hours ago
CVE-2026-35611 Addressable has a Regular Expression Denial of Service in Addressable templates 10 hours ago
CVE-2026-35093 Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins 10 hours ago
CVE-2026-34601 xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion 10 hours ago
CVE-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib 10 hours ago
CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. 10 hours ago
CVE-2025-14523 Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins) 10 hours ago
CVE-2026-33940 Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial 10 hours ago
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 10 hours ago
CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation 10 hours ago
CVE-2026-33941 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options 10 hours ago
CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block 10 hours ago
CVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input 10 hours ago
CVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation) 10 hours ago
CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation 10 hours ago
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` 10 hours ago
CVE-2025-30258 In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS." 10 hours ago
CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain 11 hours ago
CVE-2026-34480 Apache Log4j Core: Silent log event loss in XmlLayout due to unescaped XML 1.0 forbidden characters 11 hours ago
CVE-2026-34479 Apache Log4j 1 to Log4j 2 bridge: Silent log event loss in Log4j1XmlLayout due to unescaped XML 1.0 forbidden characters 11 hours ago
CVE-2026-34481 Apache Log4j JSON Template Layout: Improper serialization of non-finite floating-point values in JsonTemplateLayout 11 hours ago
CVE-2026-5460 Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3 11 hours ago
CVE-2026-5778 Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path. 11 hours ago
CVE-2026-5295 Stack Buffer Overflow in wolfSSL PKCS7 wc_PKCS7_DecryptOri() via Oversized OID 11 hours ago
CVE-2026-5503 out-of-bounds write in TLSX_EchChangeSNI via attacker-controlled publicName 11 hours ago
CVE-2026-5501 Improper Certificate Signature Verification in X.509 Chain Validation Allows Forged Leaf Certificates 11 hours ago
CVE-2026-5500 Improper Validation of AES-GCM Authentication Tag Length in PKCS#7 Envelope Allows Authentication Bypass 11 hours ago
CVE-2026-26184 Windows Projected File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27920 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27911 Windows User Interface Core Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27916 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32070 Windows Common Log File System Driver Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27922 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27925 Windows UPnP Device Host Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-32068 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32069 Windows Projected File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26178 Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26182 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26177 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26152 Microsoft Cryptographic Services Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32076 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32631 GitHub: CVE-2026-32631 'git clone' from manipulated repositories can leak NTLM hashes Tuesday April 14th, 2026
CVE-2026-21637 HackerOne: CVE-2026-21637 TLS PSK/ALPN Callback Exceptions Bypass Error Handlers Tuesday April 14th, 2026
CVE-2026-20928 Windows Recovery Environment Security Feature Bypass Vulnerability Tuesday April 14th, 2026
CVE-2026-26153 Windows Encrypted File System (EFS) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26176 Windows Client Side Caching driver (csc.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26159 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26168 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26172 Windows Push Notifications Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26173 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32074 Windows Projected File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32077 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-33099 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-33100 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-33103 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-33824 Windows Internet Key Exchange (IKE) Service Extensions Remote Code Execution Vulnerability Tuesday April 14th, 2026
CVE-2026-32214 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-32212 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-32187 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability - Rejected Tuesday April 14th, 2026
CVE-2026-32078 Windows Projected File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32086 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32088 Windows Biometric Service Security Feature Bypass Vulnerability Tuesday April 14th, 2026
CVE-2026-32091 Microsoft Brokering File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32150 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32163 Windows User Interface Core Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32164 Windows User Interface Core Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27914 Microsoft Management Console Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27907 Windows Storage Spaces Controller Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27908 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27915 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27917 Windows WFP NDIS Lightweight Filter Driver (wfplwfs.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27919 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27921 Windows TDI Translation Driver (tdx.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27927 Windows Projected File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26183 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27929 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32071 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability Tuesday April 14th, 2026
CVE-2026-32073 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32075 Windows UPnP Device Host Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32082 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32083 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26181 Microsoft Brokering File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32087 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26155 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-23653 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability Tuesday April 14th, 2026
CVE-2026-25184 Applocker Filter Driver (applockerfltr.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-23670 Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability Tuesday April 14th, 2026
CVE-2026-26160 Remote Desktop Licensing Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26161 Windows Sensor Data Service Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26167 Windows Push Notifications Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-26174 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-27926 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32089 Windows Speech Brokered Api Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32216 Windows Redirected Drive Buffering System Denial of Service Vulnerability Tuesday April 14th, 2026
CVE-2026-32219 Microsoft Brokering File System Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32221 Windows Graphics Component Remote Code Execution Vulnerability Tuesday April 14th, 2026
CVE-2026-32090 Windows Speech Brokered Api Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32224 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-33098 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-33116 .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability Tuesday April 14th, 2026
CVE-2026-32223 Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32158 Windows Push Notifications Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32159 Windows Push Notifications Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32160 Windows Push Notifications Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32165 Windows User Interface Core Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-20930 Windows Management Services Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32181 Connected User Experiences and Telemetry Service Denial of Service Vulnerability Tuesday April 14th, 2026
CVE-2026-32184 Microsoft High Performance Compute (HPC) Pack Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-32093 Windows Function Discovery Service (fdwsd.dll) Elevation of Privilege Vulnerability Tuesday April 14th, 2026
CVE-2026-28390 Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo Tuesday April 14th, 2026
CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization Tuesday April 14th, 2026
CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup Tuesday April 14th, 2026
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers Tuesday April 14th, 2026
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing Tuesday April 14th, 2026
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling Tuesday April 14th, 2026
CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library Tuesday April 14th, 2026
CVE-2025-69649 GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed. Tuesday April 14th, 2026
CVE-2025-69645 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file. Tuesday April 14th, 2026
CVE-2025-69652 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service. Tuesday April 14th, 2026
CVE-2025-69646 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis. Tuesday April 14th, 2026
CVE-2026-31428 netfilter: nfnetlink_log: fix uninitialized padding leak in NFULA_PAYLOAD Tuesday April 14th, 2026
CVE-2026-31421 net/sched: cls_fw: fix NULL pointer dereference on shared blocks Tuesday April 14th, 2026
CVE-2026-31426 ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() Tuesday April 14th, 2026
CVE-2026-31427 netfilter: nf_conntrack_sip: fix use of uninitialized rtp_addr in process_sdp Tuesday April 14th, 2026
CVE-2026-31422 net/sched: cls_flow: fix NULL pointer dereference on shared blocks Tuesday April 14th, 2026
CVE-2026-31424 netfilter: x_tables: restrict xt_check_match/xt_check_target extensions for NFPROTO_ARP Tuesday April 14th, 2026
CVE-2026-39856 osslsigncode has an Out-of-Bounds Read via Unvalidated Section Bounds in PE Page Hash Calculation Sunday April 12th, 2026
CVE-2026-39855 osslsigncode has an Integer Underflow in PE Page Hash Calculation Can Cause Out-of-Bounds Read Sunday April 12th, 2026
CVE-2026-39853 osslsigncode has a Stack Buffer Overflow via Unbounded Digest Copy During Signature Verification Sunday April 12th, 2026
CVE-2026-28390 Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo Sunday April 12th, 2026
CVE-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo Sunday April 12th, 2026
CVE-2026-34757 LIBPNG has a yse-after-free in png_set_PLTE, png_set_tRNS and png_set_hIST leading to corrupted chunk data and potential heap information disclosure Sunday April 12th, 2026
CVE-2026-35206 Helm Chart extraction output directory collapse via `Chart.yaml` name dot-segment Sunday April 12th, 2026
CVE-2026-40026 Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read Saturday April 11th, 2026
CVE-2026-4878 Libcap: libcap: privilege escalation via toctou race condition in cap_set_file() Saturday April 11th, 2026
CVE-2026-33810 Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 Saturday April 11th, 2026
CVE-2026-27140 Code execution vulnerability in SWIG code generation in cmd/go Saturday April 11th, 2026
CVE-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile Saturday April 11th, 2026
CVE-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix Saturday April 11th, 2026
CVE-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile Saturday April 11th, 2026
CVE-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls Saturday April 11th, 2026
CVE-2026-29181 OpenTelemetry-Go multi-value `baggage` header extraction causes excessive allocations (remote dos amplification) Saturday April 11th, 2026
CVE-2026-39882 OpenTelemetry-Go OTLP HTTP exporters read unbounded HTTP response bodies Saturday April 11th, 2026
CVE-2026-28390 Possible NULL Dereference When Processing CMS KeyTransportRecipientInfo Saturday April 11th, 2026
CVE-2026-28389 Possible NULL Dereference When Processing CMS KeyAgreeRecipientInfo Saturday April 11th, 2026
CVE-2026-35611 Addressable has a Regular Expression Denial of Service in Addressable templates Saturday April 11th, 2026
CVE-2026-28810 Predictable DNS Transaction IDs Enable Cache Poisoning in Built-in Resolver Saturday April 11th, 2026
CVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer Saturday April 11th, 2026
CVE-2026-39314 CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` Saturday April 11th, 2026
Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets Saturday April 11th, 2026
Chromium: CVE-2026-5915 Insufficient validation of untrusted input in WebML Saturday April 11th, 2026
Chromium: CVE-2026-5887 Insufficient validation of untrusted input in Downloads Saturday April 11th, 2026
Chromium: CVE-2026-5885 Insufficient validation of untrusted input in WebML Saturday April 11th, 2026
Chromium: CVE-2026-5884 Insufficient validation of untrusted input in Media Saturday April 11th, 2026
Chromium: CVE-2026-5879 Insufficient validation of untrusted input in ANGLE Saturday April 11th, 2026
CVE-2026-33119 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Friday April 10th, 2026
CVE-2026-23407 apparmor: fix missing bounds check on DEFAULT table in verify_dfa() Friday April 10th, 2026
CVE-2026-23405 apparmor: fix: limit the number of levels of policy namespaces Friday April 10th, 2026
CVE-2026-23404 apparmor: replace recursive profile removal with iterative approach Friday April 10th, 2026
CVE-2026-40026 Sleuth Kit ISO9660 SUSP Extension Reference Out-of-Bounds Read Friday April 10th, 2026
CVE-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection Friday April 10th, 2026
CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Thursday April 9th, 2026
CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input Thursday April 9th, 2026
CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers Thursday April 9th, 2026
CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group Thursday April 9th, 2026
CVE-2026-34445 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings. Thursday April 9th, 2026
CVE-2026-34446 ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load Thursday April 9th, 2026
CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276 Thursday April 9th, 2026
CVE-2026-35093 Libinput: libinput: unauthorized code execution and information disclosure through lua bytecode plugins Thursday April 9th, 2026
CVE-2026-39314 CUPS has an integer underflow in `_ppdCreateFromIPP` causes root cupsd crash via negative `job-password-supported` Thursday April 9th, 2026
CVE-2026-39316 CUPS has a use-after-free in `cupsdDeleteTemporaryPrinters` via dangling subscription pointer Thursday April 9th, 2026
CVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers Thursday April 9th, 2026
CVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network Thursday April 9th, 2026
CVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) Thursday April 9th, 2026
CVE-2026-34933 Avahi: Reachable assertion in `transport_flags_from_domain()` via conflicting publish flags crashes avahi-daemon Thursday April 9th, 2026
CVE-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions Wednesday April 8th, 2026
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack Wednesday April 8th, 2026
CVE-2026-29785 NATS Server panic via malicious compression on leafnode port Wednesday April 8th, 2026
CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image Wednesday April 8th, 2026
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys Wednesday April 8th, 2026
CVE-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection Wednesday April 8th, 2026
CVE-2026-34982 Vim modeline bypass via various options affects Vim < 9.2.0276 Wednesday April 8th, 2026
CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup Tuesday April 7th, 2026
CVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Tuesday April 7th, 2026
CVE-2026-23444 wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure Tuesday April 7th, 2026
CVE-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN Tuesday April 7th, 2026
CVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers Tuesday April 7th, 2026
CVE-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup Tuesday April 7th, 2026
CVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) Tuesday April 7th, 2026
CVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network Tuesday April 7th, 2026
CVE-2026-34591 Poetry Has Wheel Path Traversal Which Can Lead to Arbitrary File Write Tuesday April 7th, 2026
CVE-2026-3184 Util-linux: util-linux: access control bypass due to improper hostname canonicalization Tuesday April 7th, 2026
CVE-2026-31408 Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold Tuesday April 7th, 2026
CVE-2026-27456 util-linux: TOCTOU Race Condition in util-linux mount(8) - Loop Device Setup Sunday April 5th, 2026
CVE-2026-23468 drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Sunday April 5th, 2026
CVE-2026-23444 wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure Sunday April 5th, 2026
CVE-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations Sunday April 5th, 2026
CVE-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN Sunday April 5th, 2026
CVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers Sunday April 5th, 2026
CVE-2026-27447 OpenPrinting CUPS: Authorization bypass via case-insensitive group-member lookup Sunday April 5th, 2026
CVE-2026-34978 OpenPrinting CUPS: Path traversal in RSS notify-recipient-uri enables file write outside CacheDir/rss (and clobbering of job.cache) Sunday April 5th, 2026
CVE-2026-34980 OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network Sunday April 5th, 2026
CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input Friday April 3rd, 2026
CVE-2026-2100 P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters Friday April 3rd, 2026
CVE-2026-5107 FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control Friday April 3rd, 2026
CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers Friday April 3rd, 2026
CVE-2026-34073 cryptography has incomplete DNS name constraint enforcement on peer names Friday April 3rd, 2026
CVE-2026-33105 Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability Thursday April 2nd, 2026
CVE-2026-26135 Azure Custom Locations Resource Provider (RP) Elevation of Privilege Vulnerability Thursday April 2nd, 2026
CVE-2026-34043 Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects Thursday April 2nd, 2026
CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers Thursday April 2nd, 2026
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys Thursday April 2nd, 2026
CVE-2026-33750 brace-expansion: Zero-step sequence causes process hang and memory exhaustion Thursday April 2nd, 2026
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers Thursday April 2nd, 2026
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing Thursday April 2nd, 2026
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling Thursday April 2nd, 2026
CVE-2026-5107 FRRouting FRR EVPN Type-2 Route bgp_evpn.c process_type2_route access control Thursday April 2nd, 2026
CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely. Thursday April 2nd, 2026
CVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 Thursday April 2nd, 2026
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` Thursday April 2nd, 2026
CVE-2026-2436 Libsoup: libsoup: denial of service via use-after-free in soupserver during tls handshake Thursday April 2nd, 2026
CVE-2026-4897 Polkit: polkit: denial of service via unbounded input processing through standard input Thursday April 2nd, 2026
CVE-2026-2100 P11-kit: p11-kit: null dereference via c_derivekey with specific null parameters Thursday April 2nd, 2026
CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers Thursday April 2nd, 2026
CVE-2026-5119 Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment Thursday April 2nd, 2026
CVE-2026-5121 Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing Thursday April 2nd, 2026
CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image Thursday April 2nd, 2026
CVE-2026-4739 Integer overflow vulnerabilities in InsightSoftwareConsortium/ITK Thursday April 2nd, 2026
CVE-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib Thursday April 2nd, 2026
CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion Wednesday April 1st, 2026
CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers Wednesday April 1st, 2026
CVE-2026-33750 brace-expansion: Zero-step sequence causes process hang and memory exhaustion Wednesday April 1st, 2026
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers Wednesday April 1st, 2026
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing Wednesday April 1st, 2026
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling Wednesday April 1st, 2026
CVE-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions Wednesday April 1st, 2026
CVE-2024-35839 netfilter: bridge: replace physindev with physinif in nf_bridge_info Wednesday April 1st, 2026
CVE-2025-68822 Input: alps - fix use-after-free bugs caused by dev3_register_work Wednesday April 1st, 2026
CVE-2026-34043 Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects Wednesday April 1st, 2026
CVE-2026-4176 Perl versions from 5.9.4 before 5.40.4-RC1, from 5.41.0 before 5.42.2-RC1, from 5.43.0 before 5.43.9 contain a vulnerable version of Compress::Raw::Zlib Wednesday April 1st, 2026
CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers Wednesday April 1st, 2026
CVE-2026-23229 crypto: virtio - Add spinlock protection with virtqueue notification Tuesday March 31st, 2026
CVE-2026-23228 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() Tuesday March 31st, 2026
CVE-2026-23222 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly Tuesday March 31st, 2026
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress Tuesday March 31st, 2026
CVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 Tuesday March 31st, 2026
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` Tuesday March 31st, 2026
CVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function Tuesday March 31st, 2026
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks Tuesday March 31st, 2026
CVE-2025-68358 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() Tuesday March 31st, 2026
CVE-2026-33940 Handlebars.js has JavaScript Injection via AST Type Confusion when passing an object as dynamic partial Tuesday March 31st, 2026
CVE-2026-33937 Handlebars.js has JavaScript Injection via AST Type Confusion Tuesday March 31st, 2026
CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation Tuesday March 31st, 2026
CVE-2026-33916 Handlebars.js has Prototype Pollution Leading to XSS through Partial Template Injection Tuesday March 31st, 2026
CVE-2026-33941 Handlebars.js has JavaScript Injection in CLI Precompiler via Unescaped Names and Options Tuesday March 31st, 2026
CVE-2026-33938 Handlebars.js has JavaScript Injection via AST Type Confusion by tampering @partial-block Tuesday March 31st, 2026
CVE-2026-33542 Incus does not verify combined fingerprint when downloading images from simplestreams servers Tuesday March 31st, 2026
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys Tuesday March 31st, 2026
CVE-2026-33891 Forge has Denial of Service via Infinite Loop in BigInteger.modInverse() with Zero Input Tuesday March 31st, 2026
CVE-2026-33896 Forge has a basicConstraints bypass in its certificate chain verification (RFC 5280 violation) Tuesday March 31st, 2026
CVE-2026-33895 Forge has signature forgery in Ed25519 due to missing S > L check Tuesday March 31st, 2026
CVE-2026-33750 brace-expansion: Zero-step sequence causes process hang and memory exhaustion Tuesday March 31st, 2026
CVE-2026-0964 Libssh: improper sanitation of paths received from scp servers Tuesday March 31st, 2026
CVE-2026-0967 Libssh: libssh: denial of service via inefficient regular expression processing Tuesday March 31st, 2026
CVE-2026-0965 Libssh: libssh: denial of service via improper configuration file handling Tuesday March 31st, 2026
CVE-2026-33672 Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching Sunday March 29th, 2026
CVE-2026-23399 nf_tables: nft_dynset: fix possible stateful expression memleak in error path Sunday March 29th, 2026
CVE-2026-25645 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility function Sunday March 29th, 2026
CVE-2026-33636 LIBPNG has ARM NEON Palette Expansion Out-of-Bounds Read on AArch64 Sunday March 29th, 2026
CVE-2026-33416 LIBPNG has use-after-free via pointer aliasing in `png_set_tRNS` and `png_set_PLTE` Sunday March 29th, 2026
CVE-2026-3591 A stack use-after-return flaw in SIG(0) handling code may enable ACL bypass Sunday March 29th, 2026
CVE-2026-3119 Authenticated query containing a TKEY record may cause named to terminate unexpectedly Sunday March 29th, 2026
CVE-2026-33936 python-ecdsa: Denial of Service via improper DER length validation in crafted private keys Sunday March 29th, 2026
CVE-2026-32241 Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection Sunday March 29th, 2026
CVE-2026-1519 Excessive NSEC3 iterations cause high CPU load during insecure delegation validation Sunday March 29th, 2026
CVE-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions Saturday March 28th, 2026
CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources Saturday March 28th, 2026
CVE-2026-33343 etcd: Nested etcd transactions bypass RBAC authorization checks Saturday March 28th, 2026
CVE-2026-32187 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability Friday March 27th, 2026
CVE-2026-3547 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation Friday March 27th, 2026
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow Friday March 27th, 2026
CVE-2026-23227 drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free Friday March 27th, 2026
CVE-2026-27135 nghttp2 Denial of service: Assertion failure due to the missing state validation Friday March 27th, 2026
CVE-2026-23265 f2fs: fix to do sanity check on node footer in {read,write}_end_io Friday March 27th, 2026
CVE-2026-23267 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes Friday March 27th, 2026
CVE-2025-66413 Git for Windows leaks NTLM hash when cloning from an attacker-controlled server Friday March 27th, 2026
CVE-2026-3713 pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow Friday March 27th, 2026
CVE-2026-23327 cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() Friday March 27th, 2026
CVE-2026-23287 irqchip/sifive-plic: Fix frozen interrupt due to affinity setting Friday March 27th, 2026
CVE-2026-23386 gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL Friday March 27th, 2026
CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Friday March 27th, 2026
CVE-2026-4645 Github.com/antchfx/xpath: xpath: denial of service via crafted boolean xpath expressions Friday March 27th, 2026
CVE-2026-4775 Libtiff: libtiff: arbitrary code execution or denial of service via signed integer overflow in tiff file processing Friday March 27th, 2026
CVE-2026-4647 Binutils: out-of-bounds read in xcoff relocation processing in gnu binutils bfd library Friday March 27th, 2026
CVE-2026-23397 nfnetlink_osf: validate individual option lengths in fingerprints Friday March 27th, 2026
CVE-2026-23004 dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() Friday March 27th, 2026
CVE-2025-71184 btrfs: fix NULL dereference on root when tracing inode eviction Friday March 27th, 2026
CVE-2025-71183 btrfs: always detect conflicting inodes when logging inode refs Friday March 27th, 2026
CVE-2025-71109 MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Friday March 27th, 2026
CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib Thursday March 26th, 2026
CVE-2025-66413 Git for Windows leaks NTLM hash when cloning from an attacker-controlled server Thursday March 26th, 2026
CVE-2026-27142 URLs in meta content attribute actions are not escaped in html/template Thursday March 26th, 2026
CVE-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http Thursday March 26th, 2026
CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 Thursday March 26th, 2026
CVE-2026-23284 net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup() Thursday March 26th, 2026
CVE-2026-23279 wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() Thursday March 26th, 2026
CVE-2026-23324 can: usb: etas_es58x: correctly anchor the urb in the read bulk callback Thursday March 26th, 2026
CVE-2026-23327 cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed() Thursday March 26th, 2026
CVE-2026-23293 net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled Thursday March 26th, 2026
CVE-2026-23310 bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded Thursday March 26th, 2026
CVE-2026-23347 can: usb: f81604: correctly anchor the urb in the read bulk callback Thursday March 26th, 2026
CVE-2026-23317 drm/vmwgfx: Return the correct value in vmw_translate_ptr functions Thursday March 26th, 2026
CVE-2026-23289 IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq() Thursday March 26th, 2026
CVE-2026-23395 Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ Thursday March 26th, 2026
CVE-2026-23381 net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled Thursday March 26th, 2026
CVE-2026-23300 net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop Thursday March 26th, 2026
CVE-2026-23336 wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() Thursday March 26th, 2026
CVE-2026-23287 irqchip/sifive-plic: Fix frozen interrupt due to affinity setting Thursday March 26th, 2026
CVE-2026-23291 nfc: pn533: properly drop the usb interface reference on disconnect Thursday March 26th, 2026
CVE-2026-23386 gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL Thursday March 26th, 2026
CVE-2026-23302 net: annotate data-races around sk->sk_{data_ready,write_space} Thursday March 26th, 2026
CVE-2026-23351 netfilter: nft_set_pipapo: split gc into unlink and reclaim phase Thursday March 26th, 2026
CVE-2026-23340 net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs Thursday March 26th, 2026
CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting Thursday March 26th, 2026
CVE-2026-23320 usb: gadget: f_ncm: align net_device lifecycle with bind/unbind Thursday March 26th, 2026
CVE-2026-23303 smb: client: Don't log plaintext credentials in cifs_set_cifscreds Thursday March 26th, 2026
CVE-2026-23334 can: usb: f81604: handle short interrupt urb messages properly Thursday March 26th, 2026
CVE-2026-23348 cxl: Fix race of nvdimm_bus object when creating nvdimm objects Thursday March 26th, 2026
CVE-2026-23307 can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message Thursday March 26th, 2026
CVE-2026-23383 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing Thursday March 26th, 2026
CVE-2026-23292 scsi: target: Fix recursive locking in __configfs_open_file() Thursday March 26th, 2026
CVE-2026-23390 tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow Thursday March 26th, 2026
CVE-2026-23368 net: phy: register phy led_triggers during probe to avoid AB-BA deadlock Thursday March 26th, 2026
CVE-2026-23318 ALSA: usb-audio: Use correct version for UAC3 header validation Thursday March 26th, 2026
CVE-2026-23325 wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Thursday March 26th, 2026
CVE-2026-23392 netfilter: nf_tables: release flowtable after rcu grace period on error Thursday March 26th, 2026
CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz Thursday March 26th, 2026
CVE-2026-23361 PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry Thursday March 26th, 2026
CVE-2026-23391 netfilter: xt_CT: drop pending enqueued packets on template removal Thursday March 26th, 2026
CVE-2026-23382 HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them Thursday March 26th, 2026
CVE-2026-23315 wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() Thursday March 26th, 2026
CVE-2026-23370 platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data Thursday March 26th, 2026
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow Thursday March 26th, 2026
CVE-2026-33186 gRPC-Go has an authorization bypass via missing leading slash in :path Thursday March 26th, 2026
CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure Wednesday March 25th, 2026
CVE-2026-0716 Libsoup: out-of-bounds read in libsoup websocket frame processing Wednesday March 25th, 2026
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences Wednesday March 25th, 2026
CVE-2026-27623 Valkey has Pre-Authentication DOS from malformed RESP request Wednesday March 25th, 2026
CVE-2025-13462 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling Wednesday March 25th, 2026
CVE-2026-2646 Heap buffer overflow in session parsing with wolfSSL_d2i_SSL_SESSION() function Wednesday March 25th, 2026
CVE-2026-3547 wolfSSL: out-of-bounds read (DoS) in ALPN parsing due to incomplete validation Wednesday March 25th, 2026
CVE-2026-2645 Acceptance of CertificateVerify Message before ClientKeyExchange in TLS 1.2 Wednesday March 25th, 2026
CVE-2026-1005 Integer underflow leads to out-of-bounds access in sniffer AES-GCM/CCM/ARIA-GCM decrypt path Wednesday March 25th, 2026
CVE-2026-3579 Non-constant time multiplication subroutine __muldi3 on RISC-V RV32I Wednesday March 25th, 2026
CVE-2026-4395 Heap-based buffer overflow in wc_ecc_import_x963_ex KCAPI path Wednesday March 25th, 2026
CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V Wednesday March 25th, 2026
CVE-2026-0819 Stack buffer overflow in PKCS7 SignedData encoding with custom signed attributes Wednesday March 25th, 2026
CVE-2026-2369 Libsoup: libsoup: buffer overread due to integer underflow when handling zero-length resources Wednesday March 25th, 2026
CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack Wednesday March 25th, 2026
CVE-2026-4424 Libarchive: libarchive: information disclosure via heap out-of-bounds read in rar archive processing Wednesday March 25th, 2026
CVE-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing Wednesday March 25th, 2026
CVE-2026-33055 tar-rs incorrectly ignores PAX size headers if header size is nonzero Wednesday March 25th, 2026
CVE-2026-33056 tar-rs: unpack_in can chmod arbitrary directories by following symlinks Wednesday March 25th, 2026
CVE-2026-25075 strongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer Underflow Wednesday March 25th, 2026
CVE-2026-4438 gethostbyaddr and gethostbyaddr_r return invalid DNS hostnames Wednesday March 25th, 2026
CVE-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response Wednesday March 25th, 2026
CVE-2026-4437 gethostbyaddr and gethostbyaddr_r may incorrectly handle DNS response Monday March 23rd, 2026
CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib Monday March 23rd, 2026
Chromium: CVE-2026-4451 Insufficient validation of untrusted input in Navigation Monday March 23rd, 2026
CVE-2026-27135 nghttp2 Denial of service: Assertion failure due to the missing state validation Saturday March 21st, 2026
CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback Saturday March 21st, 2026
CVE-2026-30922 pyasn1 Vulnerable to Denial of Service via Unbounded Recursion Saturday March 21st, 2026
CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection Saturday March 21st, 2026
CVE-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames Saturday March 21st, 2026
CVE-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header Saturday March 21st, 2026
CVE-2026-32766 astral-tokio-tar insufficiently validates PAX extensions during extraction Saturday March 21st, 2026
CVE-2026-23271 perf: Fix __perf_event_overflow() vs perf_remove_from_context() race Saturday March 21st, 2026
CVE-2026-23272 netfilter: nf_tables: unconditionally bump set->nelems before insertion Saturday March 21st, 2026
CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements Saturday March 21st, 2026
CVE-2026-23277 net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit Saturday March 21st, 2026
CVE-2026-23274 netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels Saturday March 21st, 2026
CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds Friday March 20th, 2026
CVE-2022-46456 NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. Friday March 20th, 2026
CVE-2006-10003 XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack Friday March 20th, 2026
CVE-2006-10002 XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes Friday March 20th, 2026
CVE-2026-23229 crypto: virtio - Add spinlock protection with virtqueue notification Friday March 20th, 2026
CVE-2026-23228 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() Friday March 20th, 2026
CVE-2026-23227 drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free Friday March 20th, 2026
CVE-2026-23222 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly Friday March 20th, 2026
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths Friday March 20th, 2026
CVE-2026-23171 bonding: fix use-after-free due to enslave fail after slave array update Friday March 20th, 2026
CVE-2026-23157 btrfs: do not strictly require dirty metadata threshold for metadata writepages Friday March 20th, 2026
CVE-2026-23126 netdevsim: fix a race issue related to the operation on bpf_bound_progs list Friday March 20th, 2026
CVE-2026-23110 scsi: core: Wake up the error handler when final completions race against each other Friday March 20th, 2026
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress Friday March 20th, 2026
CVE-2025-71227 wifi: mac80211: don't WARN for connections on invalid channels Friday March 20th, 2026
CVE-2026-27135 nghttp2 Denial of service: Assertion failure due to the missing state validation Friday March 20th, 2026
CVE-2026-23265 f2fs: fix to do sanity check on node footer in {read,write}_end_io Friday March 20th, 2026
CVE-2026-23268 apparmor: fix unprivileged local user can do privileged policy management Friday March 20th, 2026
CVE-2026-23267 f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes Friday March 20th, 2026
CVE-2026-23259 io_uring/rw: free potentially allocated iovec on cache put failure Friday March 20th, 2026
CVE-2025-71269 btrfs: do not free data reservation in fallback from inline due to -ENOSPC Friday March 20th, 2026
CVE-2026-23269 apparmor: validate DFA start states are in bounds in unpack_pdb Friday March 20th, 2026
CVE-2026-23253 media: dvb-core: fix wrong reinitialization of ringbuffer on reopen Friday March 20th, 2026
CVE-2026-26137 Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability Thursday March 19th, 2026
CVE-2026-4224 Stack overflow parsing XML with deeply nested DTD content models Thursday March 19th, 2026
CVE-2026-27448 pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback Thursday March 19th, 2026
CVE-2025-71265 fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata Thursday March 19th, 2026
CVE-2026-23246 wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration Thursday March 19th, 2026
CVE-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST Thursday March 19th, 2026
CVE-2025-71266 fs: ntfs3: check return value of indx_find to avoid infinite loop Thursday March 19th, 2026
CVE-2026-23245 net/sched: act_gate: snapshot parameters with RCU on replace Thursday March 19th, 2026
CVE-2026-23242 RDMA/siw: Fix potential NULL pointer dereference in header processing Thursday March 19th, 2026
CVE-2026-23233 f2fs: fix to avoid mapping wrong physical block for swapfile Thursday March 19th, 2026
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks Thursday March 19th, 2026
CVE-2026-23235 f2fs: fix out-of-bounds access in sysfs attribute read/write Thursday March 19th, 2026
CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain() Thursday March 19th, 2026
CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive Wednesday March 18th, 2026
CVE-2026-32249 NFA regex engine NULL pointer dereference affects Vim < 9.2.0137 Tuesday March 17th, 2026
CVE-2026-23069 vsock/virtio: fix potential underflow in virtio_transport_get_credit() Tuesday March 17th, 2026
CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib Tuesday March 17th, 2026
CVE-2026-4105 Systemd: systemd: privilege escalation via improper access control in registermachine d-bus method Tuesday March 17th, 2026
CVE-2026-2673 OpenSSL TLS 1.3 server may choose unexpected key agreement group Tuesday March 17th, 2026
CVE-2026-4111 Libarchive: infinite loop denial of service in rar5 decompression via archive_read_data() in libarchive Tuesday March 17th, 2026
CVE-2026-23942 SFTP root escape via component-agnostic prefix check in ssh_sftpd Tuesday March 17th, 2026
CVE-2026-23941 Request smuggling via first-wins Content-Length parsing in inets httpd Tuesday March 17th, 2026
CVE-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509 Saturday March 14th, 2026
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net Saturday March 14th, 2026
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences Saturday March 14th, 2026
CVE-2026-27171 zlib before 1.3.2 allows CPU consumption via crc32_combine64 and crc32_combine_gen64 because x2nmodp can do right shifts within a loop that has no termination condition. Saturday March 14th, 2026
CVE-2026-3381 Compress::Raw::Zlib versions through 2.219 for Perl use potentially insecure versions of zlib Saturday March 14th, 2026
CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability Friday March 13th, 2026
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability Friday March 13th, 2026
CVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Friday March 13th, 2026
CVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Friday March 13th, 2026
CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Friday March 13th, 2026
CVE-2026-0385 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Friday March 13th, 2026
CVE-2026-26030 GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable Thursday March 12th, 2026
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 Thursday March 12th, 2026
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 Thursday March 12th, 2026
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto Thursday March 12th, 2026
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http Thursday March 12th, 2026
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar Thursday March 12th, 2026
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509 Thursday March 12th, 2026
CVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Wednesday March 11th, 2026
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability Wednesday March 11th, 2026
CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. Wednesday March 11th, 2026
CVE-2026-3713 pnggroup libpng pnm2png pnm2png.c do_pnm2png heap-based overflow Wednesday March 11th, 2026
CVE-2026-27138 Panic in name constraint checking for malformed certificates in crypto/x509 Wednesday March 11th, 2026
CVE-2026-27142 URLs in meta content attribute actions are not escaped in html/template Wednesday March 11th, 2026
CVE-2025-69644 An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause objdump to enter an unbounded loop and produce endless output until manually interrupted. This issue affects versions prior to the upstream fix and allows a local attacker to cause excessive resource consumption by supplying a malicious input file. Wednesday March 11th, 2026
CVE-2025-69651 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dump_relocations returns early due to parsing errors, the internal all_relocations array may remain partially uninitialized. Later, process_got_section_contents() may attempt to free an invalid r_symbol pointer, triggering memory corruption checks in glibc and causing the program to terminate with SIGABRT. No evidence of further memory corruption or code execution was observed; the impact is limited to denial of service. Wednesday March 11th, 2026
CVE-2025-69649 GNU Binutils thru 2.46 readelf contains a null pointer dereference vulnerability when processing a crafted ELF binary with malformed header fields. During relocation processing, an invalid or null section pointer may be passed into display_relocations(), resulting in a segmentation fault (SIGSEGV) and abrupt termination. No evidence of memory corruption beyond the null pointer dereference, nor any possibility of code execution, was observed. Wednesday March 11th, 2026
CVE-2025-69645 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug information. A logic error in the handling of DWARF compilation units can result in an invalid offset_size value being used inside byte_get_little_endian, leading to an abort (SIGABRT). The issue was observed in binutils 2.44. A local attacker can trigger the crash by supplying a malicious input file. Wednesday March 11th, 2026
CVE-2025-69652 GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort (SIGABRT) when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in process_debug_info(), an invalid debug_info_p state may propagate into DWARF attribute parsing routines. When certain malformed attributes result in an unexpected data length of zero, byte_get_little_endian() triggers a fatal abort. No evidence of memory corruption or code execution was observed; the impact is limited to denial of service. Wednesday March 11th, 2026
CVE-2025-69650 GNU Binutils thru 2.46 readelf contains a double free vulnerability when processing a crafted ELF binary with malformed relocation data. During GOT relocation handling, dump_relocations may return early without initializing the all_relocations array. As a result, process_got_section_contents() may pass an uninitialized r_symbol pointer to free(), leading to a double free and terminating the program with SIGABRT. No evidence of exploitable memory corruption or code execution was observed; the impact is limited to denial of service. Wednesday March 11th, 2026
CVE-2025-69646 Binutils objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed DWARF debug_rnglists data. A logic error in the handling of the debug_rnglists header can cause objdump to repeatedly print the same warning message and fail to terminate, resulting in an unbounded logging loop until the process is interrupted. The issue was observed in binutils 2.44. A local attacker can exploit this vulnerability by supplying a malicious input file, leading to excessive CPU and I/O usage and preventing completion of the objdump analysis. Wednesday March 11th, 2026
CVE-2026-29786 node-tar: Hardlink Path Traversal via Drive-Relative Linkpath Wednesday March 11th, 2026
CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds Wednesday March 11th, 2026
CVE-2026-20967 System Center Operations Manager (SCOM) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25188 Windows Telephony Service Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-26114 Microsoft SharePoint Server Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-26111 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-26117 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-26030 GitHub: CVE-2026-26030 Microsoft Semantic Kernel InMemoryVectorStore filter functionality vulnerable Tuesday March 10th, 2026
CVE-2026-26141 Hybrid Worker Extension (Arc‑enabled Windows VMs) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-26148 Microsoft Azure AD SSH Login extension for Linux Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-26106 Microsoft SharePoint Server Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-23665 Linux Azure Diagnostic extension (LAD) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23654 GitHub: Zero Shot SCFoundation Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-25186 Windows Accessibility Infrastructure (ATBroker.exe) Information Disclosure Vulnerability Tuesday March 10th, 2026
CVE-2026-25189 Windows DWM Core Library Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24283 Multiple UNC Provider Kernel Driver Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24292 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24291 Windows Accessibility Infrastructure (ATBroker.exe) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24290 Windows Projected File System Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25180 Windows Graphics Component Information Disclosure Vulnerability Tuesday March 10th, 2026
CVE-2026-24288 Windows Mobile Broadband Driver Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-24282 Push message Routing Service Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23673 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23672 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23671 Windows Bluetooth RFCOM Protocol Driver Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23668 Windows Graphics Component Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-23660 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24293 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24295 Windows Device Association Service Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25173 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-25179 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25178 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-24296 Windows Device Association Service Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25176 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25174 Windows Extensible File Allocation Table Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25177 Active Directory Domain Services Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25172 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-25167 Microsoft Brokering File System Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-25166 Windows System Image Manager Assessment and Deployment Kit (ADK) Remote Code Execution Vulnerability Tuesday March 10th, 2026
CVE-2026-25165 Performance Counters for Windows Elevation of Privilege Vulnerability Tuesday March 10th, 2026
CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. Sunday March 8th, 2026
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock Saturday March 7th, 2026
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation Saturday March 7th, 2026
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability Friday March 6th, 2026
CVE-2026-26124 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Friday March 6th, 2026
CVE-2026-23651 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Friday March 6th, 2026
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability Friday March 6th, 2026
CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. Friday March 6th, 2026
CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine. Friday March 6th, 2026
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks Friday March 6th, 2026
CVE-2026-23651 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Thursday March 5th, 2026
CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability Thursday March 5th, 2026
CVE-2026-26124 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Thursday March 5th, 2026
CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability Thursday March 5th, 2026
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability Thursday March 5th, 2026
CVE-2024-24856 NULL pointer deference in acpi_db_convert_to_package of Linux acpi module Thursday March 5th, 2026
CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set() Thursday March 5th, 2026
CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems. Thursday March 5th, 2026
CVE-2026-0038 In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Thursday March 5th, 2026
CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2. Thursday March 5th, 2026
CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine. Thursday March 5th, 2026
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net Thursday March 5th, 2026
CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain() Thursday March 5th, 2026
CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks Thursday March 5th, 2026
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences Wednesday March 4th, 2026
CVE-2026-25541 Bytes is vulnerable to integer overflow in BytesMut::reserve Wednesday March 4th, 2026
CVE-2026-28420 Vim has Heap-based Buffer Overflow and OOB Read in :terminal Wednesday March 4th, 2026
CVE-2026-27965 Vitess users with backup storage access can gain unauthorized access to production deployment environments Wednesday March 4th, 2026
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Tuesday March 3rd, 2026
CVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. Tuesday March 3rd, 2026
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern Tuesday March 3rd, 2026
CVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. Tuesday March 3rd, 2026
CVE-2026-23224 erofs: fix UAF issue for file-backed mounts w/ directio option Tuesday March 3rd, 2026
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths Tuesday March 3rd, 2026
CVE-2026-23228 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() Tuesday March 3rd, 2026
CVE-2026-23222 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly Tuesday March 3rd, 2026
CVE-2026-1979 mruby JMPNOT-to-JMPIF Optimization vm.c mrb_vm_exec use after free Tuesday March 3rd, 2026
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore Sunday March 1st, 2026
CVE-2026-27571 nats-server websockets are vulnerable to pre-auth memory DoS Saturday February 28th, 2026
CVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. Saturday February 28th, 2026
CVE-2025-71237 nilfs2: Fix potential block overflow that cause system hang Saturday February 28th, 2026
CVE-2026-23220 ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths Saturday February 28th, 2026
CVE-2025-71229 wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() Saturday February 28th, 2026
CVE-2025-71235 scsi: qla2xxx: Delay module unload while fabric scan in progress Saturday February 28th, 2026
CVE-2026-23228 smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() Saturday February 28th, 2026
CVE-2026-23222 crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly Saturday February 28th, 2026
CVE-2026-23216 scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() Saturday February 28th, 2026
CVE-2025-68358 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() Saturday February 28th, 2026
CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack Saturday February 28th, 2026
CVE-2025-68223 drm/radeon: delete radeon_fence_process in is_signaled, no deadlock Saturday February 28th, 2026
CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings Saturday February 28th, 2026
CVE-2025-40005 spi: cadence-quadspi: Implement refcount to handle unbind during busy Saturday February 28th, 2026
CVE-2025-38162 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation Saturday February 28th, 2026
CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data. Saturday February 28th, 2026
CVE-2025-40082 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Saturday February 28th, 2026
CVE-2026-22999 net/sched: sch_qfq: do not free existing class in qfq_change_class() Saturday February 28th, 2026
CVE-2026-22998 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec Saturday February 28th, 2026
CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts Saturday February 28th, 2026
CVE-2026-22996 net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv Saturday February 28th, 2026
CVE-2026-22992 libceph: return the handler error from mon_handle_auth_done() Saturday February 28th, 2026
CVE-2026-22991 libceph: make free_choose_arg_map() resilient to partial allocation Saturday February 28th, 2026
CVE-2026-22990 libceph: replace overzealous BUG_ON in osdmap_apply_incremental() Saturday February 28th, 2026
CVE-2026-22984 libceph: prevent potential out-of-bounds reads in handle_auth_done() Saturday February 28th, 2026
CVE-2026-22982 net: mscc: ocelot: Fix crash when adding interface under a lag Saturday February 28th, 2026
CVE-2026-22977 net: sock: fix hardened usercopy panic in sock_recv_errqueue Saturday February 28th, 2026
CVE-2026-22976 net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset Saturday February 28th, 2026
CVE-2025-71163 dmaengine: idxd: fix device leaks on compat bind and unbind Saturday February 28th, 2026
CVE-2025-71160 netfilter: nf_tables: avoid chain re-validation if possible Saturday February 28th, 2026
CVE-2025-71154 net: usb: rtl8150: fix memory leak on usb_submit_urb() failure Saturday February 28th, 2026
CVE-2025-71150 ksmbd: Fix refcount leak when invalid session is found on session lookup Saturday February 28th, 2026
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Saturday February 28th, 2026
CVE-2025-68340 team: Move team device type change at the end of team_port_add Saturday February 28th, 2026
CVE-2025-68211 ksm: use range-walk function to jump over holes in scan_get_next_rmap_item Saturday February 28th, 2026
CVE-2025-40251 devlink: rate: Unset parent pointer in devl_rate_nodes_destroy Saturday February 28th, 2026
CVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). Saturday February 28th, 2026
CVE-2023-54207 HID: uclogic: Correct devm device reference for hidinput input_dev name Saturday February 28th, 2026
CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability Friday February 27th, 2026
CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability Friday February 27th, 2026
CVE-2026-27571 nats-server websockets are vulnerable to pre-auth memory DoS Friday February 27th, 2026
CVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., "^(a|a)*$") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. Friday February 27th, 2026
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore Friday February 27th, 2026
CVE-2026-27965 Vitess users with backup storage access can gain unauthorized access to production deployment environments Friday February 27th, 2026
CVE-2026-23225 sched/mmcid: Don't assume CID is CPU owned on mode switch Thursday February 26th, 2026
CVE-2026-23224 erofs: fix UAF issue for file-backed mounts w/ directio option Thursday February 26th, 2026
CVE-2026-23229 crypto: virtio - Add spinlock protection with virtqueue notification Thursday February 26th, 2026
CVE-2025-62878 Local Path Provisioner vulnerable to Path Traversal via parameters.pathPattern Thursday February 26th, 2026
CVE-2026-21863 Malformed Valkey Cluster bus message can lead to Remote DoS Thursday February 26th, 2026
CVE-2025-67733 Valkey Affected by RESP Protocol Injection via Lua error_reply Thursday February 26th, 2026
CVE-2025-61145 libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. Thursday February 26th, 2026
CVE-2025-61144 libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. Thursday February 26th, 2026
CVE-2025-61143 libtiff up to v4.7.1 was discovered to contain a NULL pointer dereference via the component libtiff/tif_open.c. Thursday February 26th, 2026
CVE-2021-20233 A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Thursday February 26th, 2026
CVE-2021-20225 A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Thursday February 26th, 2026
CVE-2026-26960 node-tar has Arbitrary File Read/Write via Hardlink Target Escape Through Symlink Chain in Extraction Wednesday February 25th, 2026
CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) Wednesday February 25th, 2026
CVE-2026-2739 This affects versions of the package bn.js before 5.2.3. Calling maskn(0) on any BN instance corrupts the internal state, causing toString(), divmod(), and other methods to enter an infinite loop, hanging the process indefinitely. Wednesday February 25th, 2026
CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse Wednesday February 25th, 2026
CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() Wednesday February 25th, 2026
CVE-2023-53543 vdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check Wednesday February 25th, 2026
CVE-2026-27199 Werkzeug safe_join() allows Windows special device names Wednesday February 25th, 2026
CVE-2025-71101 platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing Saturday February 21st, 2026
CVE-2025-68786 ksmbd: skip lock-range check on equal size to avoid size==0 underflow Saturday February 21st, 2026
CVE-2025-71105 f2fs: use global inline_xattr_slab instead of per-sb slab cache Saturday February 21st, 2026
CVE-2025-71064 net: hns3: using the num_tqps in the vf driver to apply for resources Saturday February 21st, 2026
CVE-2025-68817 ksmbd: fix use-after-free in ksmbd_tree_connect_put under concurrency Saturday February 21st, 2026
CVE-2025-71122 iommufd/selftest: Check for overflow in IOMMU_TEST_OP_ADD_RESERVED Saturday February 21st, 2026
CVE-2025-68819 media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() Saturday February 21st, 2026
CVE-2025-71143 clk: samsung: exynos-clkout: Assign .num before accessing .hws Saturday February 21st, 2026
CVE-2025-71109 MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Saturday February 21st, 2026
CVE-2025-71067 ntfs: set dummy blocksize to read boot_block when mounting Saturday February 21st, 2026
CVE-2025-61729 Excessive resource consumption when printing error string for host certificate validation in crypto/x509 Saturday February 21st, 2026
CVE-2025-71066 net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change Saturday February 21st, 2026
CVE-2025-71114 via_wdt: fix critical boot hang due to unnamed resource allocation Saturday February 21st, 2026
CVE-2025-68763 crypto: starfive - Correctly handle return of sg_nents_for_len Saturday February 21st, 2026
CVE-2025-58436 OpenPrinting CUPS slow client can halt cupsd, leading to a possible DoS attack Saturday February 21st, 2026
CVE-2025-68766 irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() Saturday February 21st, 2026
CVE-2025-68808 media: vidtv: initialize local pointers upon transfer of memory ownership Saturday February 21st, 2026
CVE-2025-68753 ALSA: firewire-motu: add bounds check in put_user loop for DSP events Saturday February 21st, 2026
CVE-2025-68781 usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal Saturday February 21st, 2026
CVE-2022-22576 An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S) IMAP(S) POP3(S) and LDAP(S) (openldap only). Saturday February 21st, 2026
CVE-2025-34468 libcoap Stack-Based Buffer Overflow in Address Resolution DoS or Potential RCE Saturday February 21st, 2026
CVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time. Saturday February 21st, 2026
CVE-2022-32206 curl < 7.84.0 supports "chained" HTTP compression algorithms meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb" makingcurl end up spending enormous amounts of allocated heap memory or trying toand returning out of memory errors. Saturday February 21st, 2026
CVE-2022-27782 libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However several TLS andSSH settings were left out from the configuration match checks making themmatch too easily. Saturday February 21st, 2026
CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation Saturday February 21st, 2026
CVE-2026-21860 Werkzeug safe_join() allows Windows special device names with compound extensions Saturday February 21st, 2026
CVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM Saturday February 21st, 2026
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Saturday February 21st, 2026
CVE-2025-21839 KVM: x86: Load DR6 with guest value only before entering .vcpu_run() loop Saturday February 21st, 2026
CVE-2025-15444 Crypt::Sodium::XS module versions prior to 0.000042, for Perl, include a vulnerable version of libsodium Saturday February 21st, 2026
CVE-2025-48637 In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Saturday February 21st, 2026
CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 Saturday February 21st, 2026
CVE-2020-36426 An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). Saturday February 21st, 2026
CVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed Saturday February 21st, 2026
CVE-2021-24119 In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. Saturday February 21st, 2026
CVE-2023-52969 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2. Saturday February 21st, 2026
CVE-2024-53208 Bluetooth: MGMT: Fix slab-use-after-free Read in set_powered_sync Saturday February 21st, 2026
CVE-2024-56595 jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree Saturday February 21st, 2026
CVE-2024-46751 btrfs: don't BUG_ON() when 0 reference count at btrfs_lookup_extent_info() Saturday February 21st, 2026
CVE-2024-49958 ocfs2: reserve space for inline xattr before attaching reflink tree Saturday February 21st, 2026
CVE-2024-46786 fscache: delete fscache_cookie_lru_timer when fscache exits to avoid UAF Saturday February 21st, 2026
CVE-2024-46755 wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() Saturday February 21st, 2026
CVE-2024-50008 wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() Saturday February 21st, 2026
CVE-2024-49954 static_call: Replace pointless WARN_ON() in static_call_module_notify() Saturday February 21st, 2026
CVE-2024-46732 drm/amd/display: Assign linear_pitch_alignment even for VM Saturday February 21st, 2026
CVE-2024-46784 net: mana: Fix error handling in mana_create_txq/rxq's NAPI cleanup Saturday February 21st, 2026
CVE-2024-46728 drm/amd/display: Check index for aux_rd_interval before using Saturday February 21st, 2026
CVE-2024-46746 HID: amd_sfh: free driver_data after destroying hid device Saturday February 21st, 2026
CVE-2024-8176 Libexpat: expat: improper restriction of xml entity expansion depth in libexpat Saturday February 21st, 2026
CVE-2024-53173 NFSv4.0: Fix a use-after-free problem in the asynchronous open() Saturday February 21st, 2026
CVE-2024-46680 Bluetooth: btnxpuart: Fix random crash seen while removing driver Saturday February 21st, 2026
CVE-2024-55549 xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue Saturday February 21st, 2026
CVE-2024-9407 Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction Saturday February 21st, 2026
CVE-2025-1767 This CVE only affects Kubernetes clusters that utilize the in-tree gitRepo volume to clone git repositories from other pods within the same node. Since the in-tree gitRepo volume feature has been deprecated and will not receive security updates upstream, any cluster still using this feature remains vulnerable. Saturday February 21st, 2026
CVE-2025-29768 Vim vulnerable to potential data loss with zip.vim and special crafted zip files Saturday February 21st, 2026
CVE-2024-45001 net: mana: Fix RX buf alloc_size alignment and atomic op panic Saturday February 21st, 2026
CVE-2024-46781 nilfs2: fix missing cleanup on rollforward recovery error Saturday February 21st, 2026
CVE-2024-46832 MIPS: cevt-r4k: Don't call get_c0_compare_int if timer irq is installed Saturday February 21st, 2026
CVE-2024-46757 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Saturday February 21st, 2026
CVE-2022-32207 When curl < 7.84.0 saves cookies alt-svc and hsts data to local files it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation it might accidentally *widen* the permissions for the target file leaving the updated file accessible to more users than intended. Saturday February 21st, 2026
CVE-2024-45003 vfs: Don't evict inode under the inode lru traversing context Saturday February 21st, 2026
CVE-2024-46759 hwmon: (adc128d818) Fix underflows seen when writing limit attributes Saturday February 21st, 2026
CVE-2022-27774 An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. Saturday February 21st, 2026
CVE-2024-46679 ethtool: check device is present when getting link settings Saturday February 21st, 2026
CVE-2022-27779 libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl's "cookie engine" can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain. Saturday February 21st, 2026
CVE-2024-45720 Apache Subversion: Command line argument injection on Windows platforms Saturday February 21st, 2026
CVE-2025-21861 mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize() Saturday February 21st, 2026
CVE-2024-46762 xen: privcmd: Fix possible access to a freed kirqfd instance Saturday February 21st, 2026
CVE-2022-27781 libcurl provides the `CURLOPT_CERTINFO` option to allow applications torequest details to be returned about a server's certificate chain.Due to an erroneous function a malicious server could make libcurl built withNSS get stuck in a never-ending busy-loop when trying to retrieve thatinformation. Saturday February 21st, 2026
CVE-2024-46838 userfaultfd: don't BUG_ON() if khugepaged yanks our page table Saturday February 21st, 2026
CVE-2024-50003 drm/amd/display: Fix system hang while resume with TBT monitor Saturday February 21st, 2026
CVE-2024-45005 KVM: s390: fix validity interception issue when gisa is switched off Saturday February 21st, 2026
CVE-2024-46836 usb: gadget: aspeed_udc: validate endpoint index for ast udc Saturday February 21st, 2026
CVE-2025-21847 ASoC: SOF: stream-ipc: Check for cstream nullity in sof_ipc_msg_data() Saturday February 21st, 2026
CVE-2024-11738 Rustls: rustls network-reachable panic in `acceptor::accept` Saturday February 21st, 2026
CVE-2024-46834 ethtool: fail closed if we can't get max channel used in indirection tables Saturday February 21st, 2026
CVE-2025-21866 powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC Saturday February 21st, 2026
CVE-2024-46760 wifi: rtw88: usb: schedule rx work after everything is set up Saturday February 21st, 2026
CVE-2024-44950 serial: sc16is7xx: fix invalid FIFO access with special register set Saturday February 21st, 2026
CVE-2024-46756 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Saturday February 21st, 2026
CVE-2022-27775 An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. Saturday February 21st, 2026
CVE-2024-46846 spi: rockchip: Resolve unbalanced runtime PM / system PM handling Saturday February 21st, 2026
CVE-2024-46758 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Saturday February 21st, 2026
CVE-2024-0133 NVIDIA Container Toolkit 1.16.1 or earlier contains a vulnerability in the default mode of operation allowing a specially crafted container image to create empty files on the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to data tampering. Saturday February 21st, 2026
CVE-2022-32208 When curl < 7.84.0 does FTP transfers secured by krb5 it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. Saturday February 21st, 2026
CVE-2025-21864 tcp: drop secpath at the same time as we currently drop dst Saturday February 21st, 2026
CVE-2022-27780 The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL making it a *different* URL usingthe wrong host name when it is later retrieved.For example a URL like `http://example.com%2F127.0.0.1/` would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters checks and more. Saturday February 21st, 2026
CVE-2024-46840 btrfs: clean up our handling of refs == 0 in snapshot delete Saturday February 21st, 2026
CVE-2024-31228 Denial-of-service due to unbounded pattern matching in Redis Saturday February 21st, 2026
CVE-2024-49974 NFSD: Limit the number of concurrent async COPY operations Saturday February 21st, 2026
CVE-2024-8926 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass) Saturday February 21st, 2026
CVE-2024-46735 ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() Saturday February 21st, 2026
CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure Saturday February 21st, 2026
CVE-2024-46796 smb: client: fix double put of @cfile in smb2_set_path_size() Saturday February 21st, 2026
CVE-2024-46841 btrfs: don't BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() Saturday February 21st, 2026
CVE-2024-49972 drm/amd/display: Deallocate DML memory if allocation fails Saturday February 21st, 2026
CVE-2024-9632 Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability Saturday February 21st, 2026
CVE-2024-8927 cgi.force_redirect configuration is bypassable due to the environment variable collision Saturday February 21st, 2026
CVE-2024-46743 of/irq: Prevent device address out-of-bounds read in interrupt map walk Saturday February 21st, 2026
CVE-2024-31449 Lua library commands may lead to stack overflow and RCE in Redis Saturday February 21st, 2026
CVE-2024-31227 Denial-of-service due to malformed ACL selectors in Redis Saturday February 21st, 2026
CVE-2024-47191 pam_oath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because in the context of PAM code running as root it mishandles usersfile access such as by calling fchown in the presence of a symlink. Saturday February 21st, 2026
CVE-2024-46742 smb/server: fix potential null-ptr-deref of lease_ctx_info in smb2_open() Saturday February 21st, 2026
CVE-2024-49946 ppp: do not assume bh is held in ppp_channel_bridge_input() Saturday February 21st, 2026
CVE-2024-9341 Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library Saturday February 21st, 2026
CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures Saturday February 21st, 2026
CVE-2024-46675 usb: dwc3: core: Prevent USB core invalid event buffer address access Saturday February 21st, 2026
CVE-2024-50002 static_call: Handle module init failure correctly in static_call_del_module() Saturday February 21st, 2026
CVE-2024-46791 can: mcp251x: fix deadlock if an interrupt occurs during mcp251x_open Saturday February 21st, 2026
CVE-2024-50084 net: microchip: vcap api: Fix memory leaks in vcap_api_encode_rule_test() Saturday February 21st, 2026
CVE-2024-46802 drm/amd/display: added NULL check at start of dc_validate_stream Saturday February 21st, 2026
CVE-2024-50085 mptcp: pm: fix UaF read in mptcp_pm_nl_rm_addr_or_subflow Saturday February 21st, 2026
CVE-2024-46749 Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() Saturday February 21st, 2026
CVE-2024-46811 drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box Saturday February 21st, 2026
CVE-2024-47554 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader Saturday February 21st, 2026
CVE-2024-46739 uio_hv_generic: Fix kernel NULL pointer dereference in hv_uio_rescind Saturday February 21st, 2026
CVE-2024-44966 binfmt_flat: Fix corruption when not offsetting data start Saturday February 21st, 2026
CVE-2024-46818 drm/amd/display: Check gpio_id before used as array index Saturday February 21st, 2026
CVE-2024-46726 drm/amd/display: Ensure index calculation will not overflow Saturday February 21st, 2026
CVE-2024-46738 VMCI: Fix use-after-free when removing resource in vmci_resource_remove() Saturday February 21st, 2026
CVE-2024-46804 drm/amd/display: Add array index check for hdcp ddc access Saturday February 21st, 2026
CVE-2024-46747 HID: cougar: fix slab-out-of-bounds Read in cougar_report_fixup Saturday February 21st, 2026
CVE-2013-4416 The Ocaml xenstored implementation (oxenstored) in Xen 4.1.x, 4.2.x, and 4.3.x allows local guest domains to cause a denial of service (domain shutdown) via a large message reply. Saturday February 21st, 2026
CVE-2024-46814 drm/amd/display: Check msg_id before processing transcation Saturday February 21st, 2026
CVE-2024-46724 drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number Saturday February 21st, 2026
CVE-2024-46706 tty: serial: fsl_lpuart: mark last busy before uart_add_one_port Saturday February 21st, 2026
CVE-2024-44963 btrfs: do not BUG_ON() when freeing tree block after error Saturday February 21st, 2026
CVE-2024-46711 mptcp: pm: fix ID 0 endp usage after multiple re-creations Saturday February 21st, 2026
CVE-2024-46695 selinuxsmack: don't bypass permissions check in inode_setsecctx hook Saturday February 21st, 2026
CVE-2024-8508 Unbounded name compression could lead to Denial of Service Saturday February 21st, 2026
CVE-2024-46707 KVM: arm64: Make ICC_*SGI*_EL1 undef in the absence of a vGICv3 Saturday February 21st, 2026
CVE-2024-46702 thunderbolt: Mark XDomain as unplugged when router is removed Saturday February 21st, 2026
CVE-2024-46810 drm/bridge: tc358767: Check if fully initialized before signalling HPD event via IRQ Saturday February 21st, 2026
CVE-2024-38588 ftrace: Fix possible use-after-free issue in ftrace_location() Saturday February 21st, 2026
CVE-2024-46803 drm/amdkfd: Check debug trap enable before write dbg_ev_file Saturday February 21st, 2026
CVE-2024-46864 x86/hyperv: fix kexec crash due to VP assist page corruption Saturday February 21st, 2026
CVE-2024-46863 ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item Saturday February 21st, 2026
CVE-2024-46859 platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses Saturday February 21st, 2026
CVE-2024-50005 mac802154: Fix potential RCU dereference issue in mac802154_scan_worker Saturday February 21st, 2026
CVE-2024-44947 fuse: Initialize beyond-EOF page contents before setting uptodate Saturday February 21st, 2026
CVE-2024-46687 btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() Saturday February 21st, 2026
CVE-2024-46686 smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() Saturday February 21st, 2026
CVE-2024-46685 pinctrl: single: fix potential NULL dereference in pcs_get_function() Saturday February 21st, 2026
CVE-2024-46847 mm: vmalloc: ensure vmap_block is initialised before adding to queue Saturday February 21st, 2026
CVE-2024-46831 net: microchip: vcap: Fix use-after-free error in kunit test Saturday February 21st, 2026
CVE-2024-46860 wifi: mt76: mt7921: fix NULL pointer access in mt7921_ipv6_addr_change Saturday February 21st, 2026
CVE-2024-39291 drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() Saturday February 21st, 2026
CVE-2024-46672 wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion Saturday February 21st, 2026
CVE-2024-38667 riscv: prevent pt_regs corruption for secondary idle threads Saturday February 21st, 2026
CVE-2024-45022 mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 Saturday February 21st, 2026
CVE-2023-52920 bpf: support non-r10 register spill/fill to/from stack in precision tracking Saturday February 21st, 2026
CVE-2024-50131 tracing: Consider the NULL character when validating the event length Saturday February 21st, 2026
CVE-2024-49955 ACPI: battery: Fix possible crash when unregistering a battery hook Saturday February 21st, 2026
CVE-2024-46822 arm64: acpi: Harden get_cpu_for_acpi_id() against missing CPU entry Saturday February 21st, 2026
CVE-2024-43882 exec: Fix ToCToU between perm check and set-uid/gid usage Saturday February 21st, 2026
CVE-2024-49959 jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error Saturday February 21st, 2026
CVE-2024-42311 hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() Saturday February 21st, 2026
CVE-2024-45028 mmc: mmc_test: Fix NULL dereference on allocation failure Saturday February 21st, 2026
CVE-2024-49968 ext4: filesystems without casefold feature cannot be mounted with siphash Saturday February 21st, 2026
CVE-2024-42308 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Saturday February 21st, 2026
CVE-2024-43819 kvm: s390: Reject memory region operations for ucontrol VMs Saturday February 21st, 2026
CVE-2024-44944 netfilter: ctnetlink: use helper function to calculate expect ID Saturday February 21st, 2026
CVE-2024-43871 devres: Fix memory leakage caused by driver API devm_free_percpu() Saturday February 21st, 2026
CVE-2023-7256 Double-free in libpcap before 1.10.5 with remote packet capture support. Saturday February 21st, 2026
CVE-2024-8006 NULL pointer dereference in libpcap before 1.10.5 with remote packet capture support Saturday February 21st, 2026
CVE-2024-33877 HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__conv_struct_opt in H5Tconv.c. Saturday February 21st, 2026
CVE-2024-33873 HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__scatter_mem in H5Dscatgath.c. Saturday February 21st, 2026
CVE-2024-32624 HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5T__ref_mem_setnull in H5Tref.c (called from H5T__conv_ref in H5Tconv.c) resulting in the corruption of the instruction pointer. Saturday February 21st, 2026
CVE-2024-26993 fs: sysfs: Fix reference leak in sysfs_break_active_protection() Saturday February 21st, 2026
CVE-2024-26951 wireguard: netlink: check for dangling peer via is_dead instead of empty list Saturday February 21st, 2026
CVE-2024-26961 mac802154: fix llsec key resources release in mac802154_llsec_key_del Saturday February 21st, 2026
CVE-2024-27000 serial: mxs-auart: add spinlock around changing cts state Saturday February 21st, 2026
CVE-2024-26965 clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays Saturday February 21st, 2026
CVE-2024-26966 clk: qcom: mmcc-apq8084: fix terminating of frequency table arrays Saturday February 21st, 2026
CVE-2024-20328 ClamAV VirusEvent File Processing Command Injection Vulnerability Saturday February 21st, 2026
CVE-2025-55319 Agentic AI and Visual Studio Code Remote Code Execution Vulnerability Friday February 20th, 2026
CVE-2023-6864 Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. Wednesday February 18th, 2026
CVE-2017-15042 An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires that, during SMTP, the PLAIN auth scheme must only be used on network connections secured with TLS. The original implementation of smtp.PlainAuth in Go 1.0 enforced this requirement, and it was documented to do so. In 2013, upstream issue #5184, this was changed so that the server may decide whether PLAIN is acceptable. The result is that if you set up a man-in-the-middle SMTP server that doesn't advertise STARTTLS and does advertise that PLAIN auth is OK, the smtp.PlainAuth implementation sends the username and password. Wednesday February 18th, 2026
CVE-2023-6856 The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. Wednesday February 18th, 2026
CVE-2025-24855 numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. Wednesday February 18th, 2026
CVE-2025-71118 ACPICA: Avoid walking the Namespace if start_node is NULL Wednesday February 18th, 2026
CVE-2025-71111 hwmon: (w83791d) Convert macros to functions to avoid TOCTOU Wednesday February 18th, 2026
CVE-2025-71136 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() Wednesday February 18th, 2026
CVE-2025-71116 libceph: make decode_pool() more resilient against corrupted osdmaps Wednesday February 18th, 2026
CVE-2017-1000097 On Darwin, user's trust preferences for root certificates were not honored. If the user had a root certificate loaded in their Keychain that was explicitly not trusted, a Go program would still verify a connection using that root certificate. Wednesday February 18th, 2026
CVE-2025-71069 f2fs: invalidate dentry cache on failed whiteout creation Wednesday February 18th, 2026
CVE-2025-68794 iomap: adjust read range correctly for non-block-aligned positions Wednesday February 18th, 2026
CVE-2025-71091 team: fix check for port enabled in team_queue_override_port_prio_changed() Wednesday February 18th, 2026
CVE-2025-68776 net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() Wednesday February 18th, 2026
CVE-2025-68797 char: applicom: fix NULL pointer dereference in ac_ioctl Wednesday February 18th, 2026
CVE-2025-68775 net/handshake: duplicate handshake cancellations leak socket Wednesday February 18th, 2026
CVE-2025-68777 Input: ti_am335x_tsc - fix off-by-one error in wire_order validation Wednesday February 18th, 2026
CVE-2025-68788 fsnotify: do not generate ACCESS/MODIFY events on child for special files Wednesday February 18th, 2026
CVE-2025-68774 hfsplus: fix missing hfs_bnode_get() in __hfs_bnode_create Wednesday February 18th, 2026
CVE-2025-68815 net/sched: ets: Remove drr class from the active list if it changes to strict Wednesday February 18th, 2026
CVE-2025-68773 spi: fsl-cpm: Check length parity before switching to 16 bit mode Wednesday February 18th, 2026
CVE-2025-68795 ethtool: Avoid overflowing userspace buffer on stats query Wednesday February 18th, 2026
CVE-2025-68818 scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" Wednesday February 18th, 2026
CVE-2025-71097 ipv4: Fix reference count leak when using error routes with nexthop objects Wednesday February 18th, 2026
CVE-2025-71075 scsi: aic94xx: fix use-after-free in device removal path Wednesday February 18th, 2026
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Wednesday February 18th, 2026
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Wednesday February 18th, 2026
CVE-2025-68772 f2fs: fix to avoid updating compression context during writeback Wednesday February 18th, 2026
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Wednesday February 18th, 2026
CVE-2025-68800 mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats Wednesday February 18th, 2026
CVE-2020-0569 Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. Wednesday February 18th, 2026
CVE-2020-14378 An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period. Wednesday February 18th, 2026
CVE-2025-12818 PostgreSQL libpq undersizes allocations, via integer wraparound Wednesday February 18th, 2026
CVE-2025-71073 Input: lkkbd - disable pending work before freeing device Wednesday February 18th, 2026
CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly Wednesday February 18th, 2026
CVE-2025-68778 btrfs: don't log conflicting inode if it's a dir moved in the current transaction Wednesday February 18th, 2026
CVE-2025-71079 net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write Wednesday February 18th, 2026
CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action Wednesday February 18th, 2026
CVE-2025-68806 ksmbd: fix buffer validation by including null terminator size in EA length Wednesday February 18th, 2026
CVE-2025-68796 f2fs: fix to avoid updating zero-sized extent in extent cache Wednesday February 18th, 2026
CVE-2025-71095 net: stmmac: fix the crash issue for zero copy XDP_TX action Wednesday February 18th, 2026
CVE-2025-40180 mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop Wednesday February 18th, 2026
CVE-2025-68822 Input: alps - fix use-after-free bugs caused by dev3_register_work Wednesday February 18th, 2026
CVE-2021-33503 An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component the authority regular expression exhibits catastrophic backtracking causing a denial of service if a URL were passed as a parameter or redirected to via an HTTP redirect. Wednesday February 18th, 2026
CVE-2025-68468 Avahi has a reachable assertion in lookup_multicast_callback Wednesday February 18th, 2026
CVE-2025-68276 Avahi has a reachable assertion in avahi_wide_area_scan_cache Wednesday February 18th, 2026
CVE-2022-42916 In curl before 7.86.0 the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be bypassed if the host name in the given URL uses IDN characters that get replaced with ASCII counterparts as part of the IDN conversion e.g. using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop of U+002E (.). The earliest affected version is 7.77.0 2021-05-26. Wednesday February 18th, 2026
CVE-2025-40168 smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). Wednesday February 18th, 2026
CVE-2026-22801 LIBPNG has an integer truncation causing heap buffer over-read in png_image_write_* Wednesday February 18th, 2026
CVE-2025-40164 usbnet: Fix using smp_processor_id() in preemptible code warnings Wednesday February 18th, 2026
CVE-2025-40149 tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock(). Wednesday February 18th, 2026
CVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set(). Wednesday February 18th, 2026
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock Wednesday February 18th, 2026
CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation Wednesday February 18th, 2026
CVE-2025-66471 urllib3 Streaming API improperly handles highly compressed data Wednesday February 18th, 2026
CVE-2025-60876 BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20). Wednesday February 18th, 2026
CVE-2025-68291 mptcp: Initialise rcv_mss before calling tcp_send_active_reset() in mptcp_do_fastclose(). Wednesday February 18th, 2026
CVE-2022-43680 In libexpat through 2.4.9 there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. Wednesday February 18th, 2026
CVE-2023-46343 In the Linux kernel before 6.5.9 there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. Wednesday February 18th, 2026
CVE-2023-51043 In the Linux kernel before 6.4.5 drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. Wednesday February 18th, 2026
CVE-2024-23850 In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1 there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. Wednesday February 18th, 2026
CVE-2024-0775 Kernel: use-after-free while changing the mount option in __ext4_remount leading Wednesday February 18th, 2026
CVE-2023-51042 In the Linux kernel before 6.4.12 amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. Wednesday February 18th, 2026
CVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. Wednesday February 18th, 2026
CVE-2024-23851 copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes and crash because of a missing param_kernel->data_size check. This is related to ctl_ioctl. Wednesday February 18th, 2026
CVE-2023-6531 Kernel: gc's deletion of an skb races with unix_stream_read_generic() leading to uaf Wednesday February 18th, 2026
CVE-2024-23849 In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1 there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison resulting in out-of-bounds access. Wednesday February 18th, 2026
CVE-2024-22705 An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled. Wednesday February 18th, 2026
CVE-2024-0607 Kernel: nf_tables: pointer math issue in nft_byteorder_eval() Wednesday February 18th, 2026
CVE-2023-51258 A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512. Wednesday February 18th, 2026
CVE-2024-0741 An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7. Wednesday February 18th, 2026
CVE-2023-49568 Maliciously crafted Git server replies can cause DoS on go-git clients Wednesday February 18th, 2026
CVE-2023-49569 Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients Wednesday February 18th, 2026
CVE-2024-0646 Kernel: ktls overwrites readonly memory pages when using function splice with a ktls socket as destination Wednesday February 18th, 2026
CVE-2024-0639 Kernel: potential deadlock on &net->sctp.addr_wq_lock leading to dos Wednesday February 18th, 2026
CVE-2024-0641 Kernel: deadlock leading to denial of service in tipc_crypto_key_revoke Wednesday February 18th, 2026
CVE-2024-0565 Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client Wednesday February 18th, 2026
CVE-2024-0562 Kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c Wednesday February 18th, 2026
CVE-2022-41717 Excessive memory growth in net/http and golang.org/x/net/http2 Wednesday February 18th, 2026
CVE-2022-29526 Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter the Faccessat function could incorrectly report that a file is accessible. Wednesday February 18th, 2026
CVE-2022-32149 Denial of service via crafted Accept-Language header in golang.org/x/text/language Wednesday February 18th, 2026
CVE-2020-22217 Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. Wednesday February 18th, 2026
CVE-2023-31147 Insufficient randomness in generation of DNS query IDs in c-ares Wednesday February 18th, 2026
CVE-2022-4904 A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the validity of the input string which allows a possible arbitrary length stack overflow. This issue may cause a denial of service or a limited impact on confidentiality and integrity. Wednesday February 18th, 2026
CVE-2021-44716 net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. Wednesday February 18th, 2026
CVE-2022-1941 Out of Memory issue in ProtocolBuffers for cpp and python Wednesday February 18th, 2026
CVE-2023-6915 Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c Wednesday February 18th, 2026
CVE-2023-6040 An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family) Wednesday February 18th, 2026
CVE-2020-18032 Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by loading a crafted file into the "lib/common/shapes.c" component. Wednesday February 18th, 2026
CVE-2023-46219 When saving HSTS data to an excessively long file name curl could end up removing all contents making subsequent requests using that file unaware of the HSTS status they should otherwise use. Wednesday February 18th, 2026
CVE-2023-24532 Incorrect calculation on P256 curves in crypto/internal/nistec Wednesday February 18th, 2026
CVE-2023-4807 POLY1305 MAC implementation corrupts XMM registers on Windows Wednesday February 18th, 2026
CVE-2020-21528 A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. Wednesday February 18th, 2026
CVE-2018-1129 A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master mimic luminous and jewel are believed to be vulnerable. Wednesday February 18th, 2026
CVE-2021-38191 An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread. Wednesday February 18th, 2026
CVE-2023-3600 During the worker lifecycle, a use-after-free condition could have occured, which could have led to a potentially exploitable crash. This vulnerability affects Firefox < 115.0.2, Firefox ESR < 115.0.2, and Thunderbird < 115.0.1. Wednesday February 18th, 2026
CVE-2020-15586 Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers as demonstrated by the httputil.ReverseProxy Handler because it reads a request body and writes a response at the same time. Wednesday February 18th, 2026
CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go Wednesday February 18th, 2026
CVE-2024-20963 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2024-20965 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2024-20969 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Wednesday February 18th, 2026
CVE-2019-11358 jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property it could extend the native Object.prototype. Wednesday February 18th, 2026
CVE-2024-20985 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2023-49292 Possible private key restoration in go package github.com/ecies/go Wednesday February 18th, 2026
CVE-2024-33601 nscd: netgroup cache may terminate daemon on memory allocation failure Wednesday February 18th, 2026
CVE-2024-20967 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H). Wednesday February 18th, 2026
CVE-2024-20981 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2025-21959 netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() Wednesday February 18th, 2026
CVE-2024-20973 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2023-37203 Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115. Wednesday February 18th, 2026
CVE-2024-20961 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2024-30251 Denial of service when trying to parse malformed POST requests in aiohttp Wednesday February 18th, 2026
CVE-2019-16168 In SQLite through 3.29.0 whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field aka a "severe division by zero in the query planner." Wednesday February 18th, 2026
CVE-2023-6246 Glibc: heap-based buffer overflow in __vsyslog_internal() Wednesday February 18th, 2026
CVE-2025-21996 drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() Wednesday February 18th, 2026
CVE-2024-20971 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2025-21969 Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd Wednesday February 18th, 2026
CVE-2024-20977 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2023-4911 Glibc: buffer overflow in ld.so leading to privilege escalation Wednesday February 18th, 2026
CVE-2018-19416 An issue was discovered in sysstat 12.1.1. The remap_struct function in sa_common.c has an out-of-bounds read during a memmove call, as demonstrated by sadf. Wednesday February 18th, 2026
CVE-2022-48619 An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. Wednesday February 18th, 2026
CVE-2025-31344 The giflib open-source component has a buffer overflow vulnerability Wednesday February 18th, 2026
CVE-2023-4527 Glibc: stack read overflow in getaddrinfo in no-aaaa mode Wednesday February 18th, 2026
CVE-2022-2585 It was discovered that when exec'ing from a non-leader thread armed POSIX CPU timers would be left on a list but freed leading to a use-after-free. Wednesday February 18th, 2026
CVE-2022-42915 curl before 7.86.0 has a double free. If curl is told to use an HTTP proxy for a transfer with a non-HTTP(S) URL it sets up the connection to the remote server by issuing a CONNECT request to the proxy and then tunnels the rest of the protocol through. An HTTP proxy might refuse this request (HTTP proxies often only allow outgoing connections to specific port numbers like 443 for HTTPS) and instead return a non-200 status code to the client. Due to flaws in the error/cleanup handling this could trigger a double free in curl if one of the following schemes were used in the URL for the transfer: dict gopher gophers ldap ldaps rtmp rtmps or telnet. The earliest affected version is 7.77.0. Wednesday February 18th, 2026
CVE-2010-4756 The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632. Wednesday February 18th, 2026
CVE-2023-3772 Kernel: xfrm: null pointer dereference in xfrm_update_ae_params() Wednesday February 18th, 2026
CVE-2019-14203 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_mount_reply. Wednesday February 18th, 2026
CVE-2023-48161 Buffer Overflow vulnerability in GifLib Project GifLib v.5.2.1 allows a local attacker to obtain sensitive information via the DumpSCreen2RGB function in gif2rgb.c Wednesday February 18th, 2026
CVE-2023-3773 Kernel: xfrm: out-of-bounds read of xfrma_mtimer_thresh nlattr Wednesday February 18th, 2026
CVE-2022-46457 NASM v2.16 was discovered to contain a segmentation violation in the component ieee_write_file at /output/outieee.c. Wednesday February 18th, 2026
CVE-2023-45857 An issue discovered in Axios 1.5.1 inadvertently reveals the confidential XSRF-TOKEN stored in cookies by including it in the HTTP header X-XSRF-TOKEN for every request made to any host allowing attackers to view sensitive information. Wednesday February 18th, 2026
CVE-2024-57256 An integer overflow in ext4fs_read_symlink in Das U-Boot before 2025.01-rc1 occurs for zalloc (adding one to an le32 variable) via a crafted ext4 filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. Wednesday February 18th, 2026
CVE-2024-32884 gix-transport indirect code execution via malicious username Wednesday February 18th, 2026
CVE-2023-39742 giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. Wednesday February 18th, 2026
CVE-2024-50082 blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race Wednesday February 18th, 2026
CVE-2019-16707 Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx. Wednesday February 18th, 2026
CVE-2018-20505 SQLite 3.25.2 when queries are run on a table with a malformed PRIMARY KEY allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). Wednesday February 18th, 2026
CVE-2019-14193 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with an unvalidated length at nfs_readlink_reply, in the "if" block after calculating the new path length. Wednesday February 18th, 2026
CVE-2022-28506 There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45. Wednesday February 18th, 2026
CVE-2022-24999 qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload in the query string of the URL that is used to visit the application, such as a[__proto__]=b&a[__proto__]&a[length]=100000000. The fix was backported to qs 6.9.7, 6.8.3, 6.7.3, 6.6.1, 6.5.3, 6.4.1, 6.3.3, and 6.2.4 (and therefore Express 4.17.3, which has "deps: qs@6.9.7" in its release description, is not vulnerable). Wednesday February 18th, 2026
CVE-2025-38348 wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback() Wednesday February 18th, 2026
CVE-2020-10941 Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. Wednesday February 18th, 2026
CVE-2023-45237 Use of a Weak PseudoRandom Number Generator in EDK II Network Package Wednesday February 18th, 2026
CVE-2019-18222 The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks. Wednesday February 18th, 2026
CVE-2025-38307 ASoC: Intel: avs: Verify content returned by parse_int_array() Wednesday February 18th, 2026
CVE-2023-42365 A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. Wednesday February 18th, 2026
CVE-2022-4968 netplan leaks the private key of wireguard to local users. Wednesday February 18th, 2026
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions jQuery only deems the input to be HTML if it explicitly starts with the '<' character limiting exploitability only to attackers who can control the beginning of a string which is far less common. Wednesday February 18th, 2026
CVE-2025-38274 fpga: fix potential null pointer deref in fpga_mgr_test_img_load_sgt() Wednesday February 18th, 2026
CVE-2022-33967 squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution. Wednesday February 18th, 2026
CVE-2023-42364 A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function. Wednesday February 18th, 2026
CVE-2022-45410 When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect of negating SameSite cookie protections. This was addressed in the spec and then in browsers. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. Wednesday February 18th, 2026
CVE-2025-38300 crypto: sun8i-ce-cipher - fix error handling in sun8i_ce_cipher_prepare() Wednesday February 18th, 2026
CVE-2025-27810 Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays. Wednesday February 18th, 2026
CVE-2025-60753 An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash). Wednesday February 18th, 2026
CVE-2022-27536 Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic. Wednesday February 18th, 2026
CVE-2024-50613 libsndfile through 1.2.2 has a reachable assertion, that may lead to application exit, in mpeg_l3_encode.c mpeg_l3_encoder_close. Wednesday February 18th, 2026
CVE-2023-42366 A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159. Wednesday February 18th, 2026
CVE-2025-53547 Helm Chart Dependency Updating With Malicious Chart.yaml Content And Symlink Can Lead To Code Execution Wednesday February 18th, 2026
CVE-2019-14197 An issue was discovered in Das U-Boot through 2019.07. There is a read of out-of-bounds data at nfs_read_reply. Wednesday February 18th, 2026
CVE-2025-21666 vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] Wednesday February 18th, 2026
CVE-2024-50614 TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. Wednesday February 18th, 2026
CVE-2024-3447 Qemu: sdhci: heap buffer overflow in sdhci_write_dataport() Wednesday February 18th, 2026
CVE-2023-24540 Improper handling of JavaScript whitespace in html/template Wednesday February 18th, 2026
CVE-2025-38257 s390/pkey: Prevent overflow in size calculation for memdup_user() Wednesday February 18th, 2026
CVE-2020-36475 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. Wednesday February 18th, 2026
CVE-2024-50615 TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef. Wednesday February 18th, 2026
CVE-2020-36477 An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though). Wednesday February 18th, 2026
CVE-2023-6816 Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer Wednesday February 18th, 2026
CVE-2023-28154 Webpack 5 before 5.76.0 does not avoid cross-realm object access. ImportParserPlugin.js mishandles the magic comment feature. An attacker who controls a property of an untrusted object can obtain access to the real global object. Wednesday February 18th, 2026
CVE-2025-38259 ASoC: codecs: wcd9335: Fix missing free of regulator supplies Wednesday February 18th, 2026
CVE-2025-37944 wifi: ath12k: Fix invalid entry fetch in ath12k_dp_mon_srng_process Wednesday February 18th, 2026
CVE-2010-0291 The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess." Wednesday February 18th, 2026
CVE-2011-4969 Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag. Wednesday February 18th, 2026
CVE-2022-33103 Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). Wednesday February 18th, 2026
CVE-2023-45283 Insecure parsing of Windows paths with a \??\ prefix in path/filepath Wednesday February 18th, 2026
CVE-2025-37943 wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi Wednesday February 18th, 2026
CVE-2025-38249 ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() Wednesday February 18th, 2026
CVE-2020-36424 An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values. Wednesday February 18th, 2026
CVE-2024-42073 mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems Wednesday February 18th, 2026
CVE-2025-37921 vxlan: vnifilter: Fix unlocked deletion of default FDB entry Wednesday February 18th, 2026
CVE-2023-45853 MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename comment or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version and exposes the applicable MiniZip code through its compress API. Wednesday February 18th, 2026
CVE-2024-26881 net: hns3: fix kernel crash when 1588 is received on HIP08 devices Wednesday February 18th, 2026
CVE-2024-42066 drm/xe: Fix potential integer overflow in page size calculation Wednesday February 18th, 2026
CVE-2024-43841 wifi: virt_wifi: avoid reporting connection success with wrong SSID Wednesday February 18th, 2026
CVE-2024-31755 cJSON v1.7.17 was discovered to contain a segmentation violation which can trigger through the second parameter of function cJSON_SetValuestring at cJSON.c. Wednesday February 18th, 2026
CVE-2025-38245 atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister(). Wednesday February 18th, 2026
CVE-2024-42040 Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses. Wednesday February 18th, 2026
CVE-2025-37936 perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value. Wednesday February 18th, 2026
CVE-2024-49983 ext4: drop ppath from ext4_ext_replay_update_ex() to avoid double-free Wednesday February 18th, 2026
CVE-2024-42068 bpf: Take return from set_memory_ro() into account with bpf_prog_lock_ro() Wednesday February 18th, 2026
CVE-2025-64436 KubeVirt Excessive Role Permissions Could Enable Unauthorized VMI Migrations Between Nodes Wednesday February 18th, 2026
CVE-2025-23144 backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() Wednesday February 18th, 2026
CVE-2024-57911 iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer Wednesday February 18th, 2026
CVE-2019-14200 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: rpc_lookup_reply. Wednesday February 18th, 2026
CVE-2024-50067 uprobe: avoid out-of-bounds memory access of fetching args Wednesday February 18th, 2026
CVE-2025-37973 wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Wednesday February 18th, 2026
CVE-2025-38258 mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write Wednesday February 18th, 2026
CVE-2019-14198 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv3 case. Wednesday February 18th, 2026
CVE-2024-26882 net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() Wednesday February 18th, 2026
CVE-2025-37758 ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() Wednesday February 18th, 2026
CVE-2025-38248 bridge: mcast: Fix use-after-free during router port configuration Wednesday February 18th, 2026
CVE-2024-42074 ASoC: amd: acp: add a null check for chip_pdev structure Wednesday February 18th, 2026
CVE-2024-32650 Rustls vulnerable to an infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input Wednesday February 18th, 2026
CVE-2022-30790 Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552. Wednesday February 18th, 2026
CVE-2025-37998 openvswitch: Fix unsafe attribute parsing in output_userspace() Wednesday February 18th, 2026
CVE-2025-38244 smb: client: fix potential deadlock when reconnecting channels Wednesday February 18th, 2026
CVE-2023-28155 The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS or HTTPS to HTTP). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. Wednesday February 18th, 2026
CVE-2025-22079 ocfs2: validate l_tree_depth to avoid out-of-bounds access Wednesday February 18th, 2026
CVE-2024-57798 drm/dp_mst: Ensure mst_primary pointer is valid in drm_dp_mst_handle_up_req() Wednesday February 18th, 2026
CVE-2019-14192 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call. Wednesday February 18th, 2026
CVE-2023-26136 Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized. Wednesday February 18th, 2026
CVE-2025-37915 net_sched: drr: Fix double list add in class with netem as child qdisc Wednesday February 18th, 2026
CVE-2025-38260 btrfs: handle csum tree error with rescue=ibadroots correctly Wednesday February 18th, 2026
CVE-2024-49962 ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() Wednesday February 18th, 2026
CVE-2023-44270 An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment. Wednesday February 18th, 2026
CVE-2021-38578 Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize. Wednesday February 18th, 2026
CVE-2025-37742 jfs: Fix uninit-value access of imap allocated in the diMount() function Wednesday February 18th, 2026
CVE-2025-48367 Redis DoS Vulnerability due to bad connection error handling Wednesday February 18th, 2026
CVE-2024-26913 drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue Wednesday February 18th, 2026
CVE-2020-36478 An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL algorithm parameters entry looks identical to an array of REAL (size zero) and thus the certificate is considered valid. However, if the parameters do not match in any way, then the certificate should be considered invalid. Wednesday February 18th, 2026
CVE-2024-48875 btrfs: don't take dev_replace rwsem on task already holding it Wednesday February 18th, 2026
CVE-2024-49985 i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume Wednesday February 18th, 2026
CVE-2025-32023 Redis allows out of bounds writes in hyperloglog commands leading to RCE Wednesday February 18th, 2026
CVE-2023-39323 Arbitrary code execution during build via line directives in cmd/go Wednesday February 18th, 2026
CVE-2024-57257 A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with deep symlink nesting. Wednesday February 18th, 2026
CVE-2024-26907 RDMA/mlx5: Fix fortify source warning while accessing Eth segment Wednesday February 18th, 2026
CVE-2024-26909 soc: qcom: pmic_glink_altmode: fix drm bridge use-after-free Wednesday February 18th, 2026
CVE-2025-38237 media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() Wednesday February 18th, 2026
CVE-2023-0330 Qemu: lsi53c895a: dma reentrancy issue leads to stack overflow Wednesday February 18th, 2026
CVE-2025-37803 udmabuf: fix a buf size overflow issue during udmabuf creation Wednesday February 18th, 2026
CVE-2024-50015 ext4: dax: fix overflowing extents beyond inode size when partially writing Wednesday February 18th, 2026
CVE-2024-42069 net: mana: Fix possible double free in error handling path Wednesday February 18th, 2026
CVE-2025-27809 Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname. Wednesday February 18th, 2026
CVE-2025-37810 usb: dwc3: gadget: check that event count does not exceed event buffer length Wednesday February 18th, 2026
CVE-2025-5987 Libssh: invalid return code for chacha20 poly1305 with openssl backend Wednesday February 18th, 2026
CVE-2024-42064 drm/amd/display: Skip pipe if the pipe idx not set properly Wednesday February 18th, 2026
CVE-2023-45142 OpenTelemetry-Go Contrib has DoS vulnerability in otelhttp due to unbound cardinality metrics Wednesday February 18th, 2026
CVE-2019-14194 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_read_reply when calling store_block in the NFSv2 case. Wednesday February 18th, 2026
CVE-2025-37891 ALSA: ump: Fix buffer overflow at UMP SysEx message conversion Wednesday February 18th, 2026
CVE-2024-42070 netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers Wednesday February 18th, 2026
CVE-2019-14201 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_lookup_reply. Wednesday February 18th, 2026
CVE-2025-38104 drm/amdgpu: Replace Mutex with Spinlock for RLCG register access to avoid Priority Inversion in SRIOV Wednesday February 18th, 2026
CVE-2025-38184 tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer Wednesday February 18th, 2026
CVE-2023-39319 Improper handling of special tags within script contexts in html/template Wednesday February 18th, 2026
CVE-2024-49991 drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Wednesday February 18th, 2026
CVE-2024-42228 drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc Wednesday February 18th, 2026
CVE-2019-14199 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an *udp_packet_handler call. Wednesday February 18th, 2026
CVE-2025-23135 RISC-V: KVM: Teardown riscv specific bits after kvm_exit Wednesday February 18th, 2026
CVE-2025-68756 block: Use RCU in blk_mq_[un]quiesce_tagset() instead of set->tag_list_lock Wednesday February 18th, 2026
CVE-2025-21649 net: hns3: fix kernel crash when 1588 is sent on HIP08 devices Wednesday February 18th, 2026
CVE-2024-26903 Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security Wednesday February 18th, 2026
CVE-2024-57258 Integer overflows in memory allocation in Das U-Boot before 2025.01-rc1 occur for a crafted squashfs filesystem via sbrk, via request2size, or because ptrdiff_t is mishandled on x86_64. Wednesday February 18th, 2026
CVE-2025-38227 media: vidtv: Terminating the subsequent process of initialization failure Wednesday February 18th, 2026
CVE-2024-42077 ocfs2: fix DIO failure due to insufficient transaction credits Wednesday February 18th, 2026
CVE-2024-26898 aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts Wednesday February 18th, 2026
CVE-2023-51781 An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. Wednesday February 18th, 2026
CVE-2024-57926 drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err Wednesday February 18th, 2026
CVE-2024-57259 sqfs_search_dir in Das U-Boot before 2025.01-rc1 exhibits an off-by-one error and resultant heap memory corruption for squashfs directory listing because the path separator is not considered in a size calculation. Wednesday February 18th, 2026
CVE-2025-23140 misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error Wednesday February 18th, 2026
CVE-2024-26901 do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak Wednesday February 18th, 2026
CVE-2025-61099 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the opaque_info_detail function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LS Update packet. Wednesday February 18th, 2026
CVE-2023-51782 An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. Wednesday February 18th, 2026
CVE-2025-68759 wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() Wednesday February 18th, 2026
CVE-2025-38214 fbdev: Fix fb_set_var to prevent null-ptr-deref in fb_videomode_to_var Wednesday February 18th, 2026
CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog Wednesday February 18th, 2026
CVE-2023-45285 Command 'go get' may unexpectedly fallback to insecure git in cmd/go Wednesday February 18th, 2026
CVE-2025-22124 md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb Wednesday February 18th, 2026
CVE-2024-49767 Werkzeug possible resource exhaustion when parsing file data in forms Wednesday February 18th, 2026
CVE-2025-68765 mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() Wednesday February 18th, 2026
CVE-2025-38220 ext4: only dirty folios when data journaling regular files Wednesday February 18th, 2026
CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load Wednesday February 18th, 2026
CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects Wednesday February 18th, 2026
CVE-2024-3096 PHP function password_verify can erroneously return true when argument contains NUL Wednesday February 18th, 2026
CVE-2025-0840 GNU Binutils objdump.c disassemble_bytes stack-based overflow Wednesday February 18th, 2026
CVE-2025-68764 NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags Wednesday February 18th, 2026
CVE-2025-61104 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_unknown_tlv function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2021-28216 BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. Wednesday February 18th, 2026
CVE-2025-38190 atm: Revert atm_account_tx() if copy_from_iter_full() fails. Wednesday February 18th, 2026
CVE-2024-2756 __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix Wednesday February 18th, 2026
CVE-2023-45287 Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel Wednesday February 18th, 2026
CVE-2025-22064 netfilter: nf_tables: don't unregister hook when table is dormant Wednesday February 18th, 2026
CVE-2022-46392 An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. Wednesday February 18th, 2026
CVE-2024-11187 Many records in the additional section cause CPU exhaustion Wednesday February 18th, 2026
CVE-2025-38219 f2fs: prevent kernel warning due to negative i_nlink from corrupted image Wednesday February 18th, 2026
CVE-2025-61100 FRRouting/frr from v2.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the ospf_opaque_lsa_dump function at ospf_opaque.c. This vulnerability allows attackers to cause a Denial of Service (DoS) under specific malformed LSA conditions. Wednesday February 18th, 2026
CVE-2024-57255 An integer overflow in sqfs_resolve_symlink in Das U-Boot before 2025.01-rc1 occurs via a crafted squashfs filesystem with an inode size of 0xffffffff, resulting in a malloc of zero and resultant memory overwrite. Wednesday February 18th, 2026
CVE-2025-37800 driver core: fix potential NULL pointer dereference in dev_uevent() Wednesday February 18th, 2026
CVE-2024-1874 Command injection via array-ish $command parameter of proc_open() Wednesday February 18th, 2026
CVE-2025-61101 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_rmt_itf_addr function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2024-45339 Vulnerability when creating log files in github.com/golang/glog Wednesday February 18th, 2026
CVE-2024-50602 An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Wednesday February 18th, 2026
CVE-2025-69277 libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. Wednesday February 18th, 2026
CVE-2025-39862 wifi: mt76: mt7915: fix list corruption after hardware restart Wednesday February 18th, 2026
CVE-2025-38185 atm: atmtcp: Free invalid length skb in atmtcp_c_send(). Wednesday February 18th, 2026
CVE-2024-6505 Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss Wednesday February 18th, 2026
CVE-2023-6683 Qemu: vnc: null pointer dereference in qemu_clipboard_request() Wednesday February 18th, 2026
CVE-2025-23141 KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses Wednesday February 18th, 2026
CVE-2025-38222 ext4: inline: fix len overflow in ext4_prepare_inline_data Wednesday February 18th, 2026
CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object Wednesday February 18th, 2026
CVE-2023-3341 A stack exhaustion flaw in control channel code may cause named to terminate unexpectedly Wednesday February 18th, 2026
CVE-2020-36422 An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable. Wednesday February 18th, 2026
CVE-2024-31584 Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp. Wednesday February 18th, 2026
CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow related to the snippet feature. Wednesday February 18th, 2026
CVE-2023-45284 Incorrect detection of reserved device names on Windows in path/filepath Wednesday February 18th, 2026
CVE-2025-21907 mm: memory-failure: update ttu flag inside unmap_poisoned_folio Wednesday February 18th, 2026
CVE-2025-23157 media: venus: hfi_parser: add check to avoid out of bound access Wednesday February 18th, 2026
CVE-2023-6337 Vault May be Vulnerable to a Denial of Service Through Memory Exhaustion When Handling Large HTTP Requests Wednesday February 18th, 2026
CVE-2024-38595 net/mlx5: Fix peer devlink set for SF representor devlink port Wednesday February 18th, 2026
CVE-2025-38232 NFSD: fix race between nfsd registration and exports_proc Wednesday February 18th, 2026
CVE-2024-26602 sched/membarrier: reduce the ability to hammer on sys_membarrier Wednesday February 18th, 2026
CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences Wednesday February 18th, 2026
CVE-2025-37988 fix a couple of races in MNT_TREE_BENEATH handling by do_move_mount() Wednesday February 18th, 2026
CVE-2025-23084 A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory. On Windows, a path that does not start with the file separator is treated as relative to the current directory. This vulnerability affects Windows users of `path.join` API. Wednesday February 18th, 2026
CVE-2021-44732 Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. Wednesday February 18th, 2026
CVE-2023-42363 A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. Wednesday February 18th, 2026
CVE-2025-38181 calipso: Fix null-ptr-deref in calipso_req_{set,del}attr(). Wednesday February 18th, 2026
CVE-2024-3177 Bypassing mountable secrets policy imposed by the ServiceAccount admission plugin Wednesday February 18th, 2026
CVE-2023-4580 Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Wednesday February 18th, 2026
CVE-2024-49920 drm/amd/display: Check null pointers before multiple uses Wednesday February 18th, 2026
CVE-2020-36425 An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. Wednesday February 18th, 2026
CVE-2024-45341 Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 Wednesday February 18th, 2026
CVE-2025-38182 ublk: santizize the arguments from userspace when adding a device Wednesday February 18th, 2026
CVE-2024-58098 bpf: track changes_pkt_data property for global functions Wednesday February 18th, 2026
CVE-2022-3650 A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump and dump privileged information. Wednesday February 18th, 2026
CVE-2023-3978 Improper rendering of text nodes in golang.org/x/net/html Wednesday February 18th, 2026
CVE-2023-29400 Improper handling of empty HTML attributes in html/template Wednesday February 18th, 2026
CVE-2022-30767 nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. Wednesday February 18th, 2026
CVE-2025-37739 f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks() Wednesday February 18th, 2026
CVE-2025-38183 net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() Wednesday February 18th, 2026
CVE-2023-0664 A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system. Wednesday February 18th, 2026
CVE-2025-37805 sound/virtio: Fix cancel_sync warnings on uninitialized work_structs Wednesday February 18th, 2026
CVE-2025-38231 nfsd: Initialize ssc before laundromat_work to prevent NULL dereference Wednesday February 18th, 2026
CVE-2024-57254 An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem. Wednesday February 18th, 2026
CVE-2024-0752 A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122. Wednesday February 18th, 2026
CVE-2025-61105 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_link_info function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2024-27316 Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames Wednesday February 18th, 2026
CVE-2022-25881 This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server when that server reads the cache policy from the request using this library. Wednesday February 18th, 2026
CVE-2024-49930 wifi: ath11k: fix array out-of-bound access in SoC stats Wednesday February 18th, 2026
CVE-2024-39495 greybus: Fix use-after-free bug in gb_interface_release due to race condition. Wednesday February 18th, 2026
CVE-2025-38201 netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Wednesday February 18th, 2026
CVE-2025-61102 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2022-34835 In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function. Wednesday February 18th, 2026
CVE-2024-31744 In Jasper 4.2.2 the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability allowing attackers to cause a denial of service attack through a specific image file. Wednesday February 18th, 2026
CVE-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go Wednesday February 18th, 2026
CVE-2024-45336 Sensitive headers incorrectly sent after cross-domain redirect in net/http Wednesday February 18th, 2026
CVE-2025-38200 i40e: fix MMIO write access to an invalid page in i40e_clear_hw Wednesday February 18th, 2026
CVE-2025-37787 net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Wednesday February 18th, 2026
CVE-2022-25883 Versions of the package semver before 7.5.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range when untrusted user data is provided as a range. Wednesday February 18th, 2026
CVE-2025-61107 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted LSA Update packet. Wednesday February 18th, 2026
CVE-2024-1737 BIND's database will be slow if a very large number of RRs exist at the same name Wednesday February 18th, 2026
CVE-2019-14204 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_umountall_reply. Wednesday February 18th, 2026
CVE-2025-37881 usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() Wednesday February 18th, 2026
CVE-2022-2795 Processing large delegations may severely degrade resolver performance Wednesday February 18th, 2026
CVE-2021-28211 A heap overflow in LzmaUefiDecompressGetInfo function in EDK II. Wednesday February 18th, 2026
CVE-2025-61106 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_pref_pref_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2024-49924 fbdev: pxafb: Fix possible use after free in pxafb_task() Wednesday February 18th, 2026
CVE-2023-28321 An improper certificate validation vulnerability exists in curl Wednesday February 18th, 2026
CVE-2017-7718 hw/display/cirrus_vga_rop.h in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions. Wednesday February 18th, 2026
CVE-2024-45025 fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE Wednesday February 18th, 2026
CVE-2024-49894 drm/amd/display: Fix index out of bounds in degamma hardware format translation Wednesday February 18th, 2026
CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown Wednesday February 18th, 2026
CVE-2025-61103 FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the show_vty_ext_link_lan_adj_sid function at ospf_ext.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted OSPF packet. Wednesday February 18th, 2026
CVE-2025-38140 dm: limit swapping tables for devices with zone write plugs Wednesday February 18th, 2026
CVE-2023-29932 llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand Wednesday February 18th, 2026
CVE-2022-2879 Unbounded memory consumption when reading headers in archive/tar Wednesday February 18th, 2026
CVE-2025-37841 pm: cpupower: bench: Prevent NULL dereference on malloc failure Wednesday February 18th, 2026
CVE-2024-39496 btrfs: zoned: fix use-after-free due to race with dev replace Wednesday February 18th, 2026
CVE-2024-45026 s390/dasd: fix error recovery leading to data corruption on ESE devices Wednesday February 18th, 2026
CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer Wednesday February 18th, 2026
CVE-2025-38162 netfilter: nft_set_pipapo: prevent overflow in lookup table allocation Wednesday February 18th, 2026
CVE-2024-49931 wifi: ath12k: fix array out-of-bound access in SoC stats Wednesday February 18th, 2026
CVE-2019-14196 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfs_lookup_reply. Wednesday February 18th, 2026
CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable Wednesday February 18th, 2026
CVE-2025-38125 net: stmmac: make sure that ptp_rate is not 0 before configuring EST Wednesday February 18th, 2026
CVE-2020-36476 An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. Wednesday February 18th, 2026
CVE-2022-49043 xmlXIncludeAddNode in xinclude.c in libxml2 before 2.11.0 has a use-after-free. Wednesday February 18th, 2026
CVE-2024-49867 btrfs: wait for fixup workers before stopping cleaner kthread during umount Wednesday February 18th, 2026
CVE-2025-68724 crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id Wednesday February 18th, 2026
CVE-2024-45015 drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() Wednesday February 18th, 2026
CVE-2025-23158 media: venus: hfi: add check to handle incorrect queue size Wednesday February 18th, 2026
CVE-2024-10846 Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop Wednesday February 18th, 2026
CVE-2019-14202 An issue was discovered in Das U-Boot through 2019.07. There is a stack-based buffer overflow in this nfs_handler reply helper function: nfs_readlink_reply. Wednesday February 18th, 2026
CVE-2024-46674 usb: dwc3: st: fix probed platform device ref count on probe error path Wednesday February 18th, 2026
CVE-2025-0395 When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. Wednesday February 18th, 2026
CVE-2024-4076 Assertion failure when serving both stale cache data and authoritative zone content Wednesday February 18th, 2026
CVE-2019-14195 An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with unvalidated length at nfs_readlink_reply in the "else" block after calculating the new path length. Wednesday February 18th, 2026
CVE-2025-50182 urllib3 does not control redirects in browsers and Node.js Wednesday February 18th, 2026
CVE-2023-24536 Excessive resource consumption in net/http, net/textproto and mime/multipart Wednesday February 18th, 2026
CVE-2022-2880 Incorrect sanitization of forwarded query parameters in net/http/httputil Wednesday February 18th, 2026
CVE-2024-45021 memcg_write_event_control(): fix a user-triggerable oops Wednesday February 18th, 2026
CVE-2024-31583 Pytorch before version v2.2.0 was discovered to contain a use-after-free vulnerability in torch/csrc/jit/mobile/interpreter.cpp. Wednesday February 18th, 2026
CVE-2025-3416 Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch` Wednesday February 18th, 2026
CVE-2021-41772 Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field. Wednesday February 18th, 2026
CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup Wednesday February 18th, 2026
CVE-2024-49981 media: venus: fix use after free bug in venus_remove due to race condition Wednesday February 18th, 2026
CVE-2024-22653 yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasm_section_bcs_append function at section.c. Wednesday February 18th, 2026
CVE-2025-68379 RDMA/rxe: Fix null deref on srq->rq.queue after resize failure Wednesday February 18th, 2026
CVE-2024-3817 HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches Wednesday February 18th, 2026
CVE-2021-42836 GJSON before 1.9.3 allows a ReDoS (regular expression denial of service) attack. Wednesday February 18th, 2026
CVE-2024-11218 Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile Wednesday February 18th, 2026
CVE-2025-39746 wifi: ath10k: shutdown driver when hardware is unreliable Wednesday February 18th, 2026
CVE-2025-68363 bpf: Check skb->transport_header is set in bpf_skb_check_mtu Wednesday February 18th, 2026
CVE-2025-49179 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension Wednesday February 18th, 2026
CVE-2024-31580 PyTorch before v2.2.0 was discovered to contain a heap buffer overflow vulnerability in the component /runtime/vararg_functions.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. Wednesday February 18th, 2026
CVE-2025-37957 KVM: SVM: Forcibly leave SMM mode on SHUTDOWN interception Wednesday February 18th, 2026
CVE-2025-68740 ima: Handle error code returned by ima_filter_rule_match() Wednesday February 18th, 2026
CVE-2024-44940 fou: remove warn in gue_gro_receive on unsupported protocol Wednesday February 18th, 2026
CVE-2024-35790 usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group Wednesday February 18th, 2026
CVE-2025-49175 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors Wednesday February 18th, 2026
CVE-2025-23090 Rejected reason: This CVE record has been withdrawn due to a duplicate entry CVE-2025-23083. Wednesday February 18th, 2026
CVE-2025-68358 btrfs: fix racy bitfield write in btrfs_clear_space_info_full() Wednesday February 18th, 2026
CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration Wednesday February 18th, 2026
CVE-2025-21948 HID: appleir: Fix potential NULL dereference at raw event handle Wednesday February 18th, 2026
CVE-2024-49989 drm/amd/display: fix double free issue during amdgpu module unload Wednesday February 18th, 2026
CVE-2025-49176 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension Wednesday February 18th, 2026
CVE-2022-41715 Memory exhaustion when compiling regular expressions in regexp/syntax Wednesday February 18th, 2026
CVE-2025-49178 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore Wednesday February 18th, 2026
CVE-2024-32487 less through 653 allows OS command execution via a newline character in the name of a file because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names such as the files extracted from an untrusted archive. Exploitation also requires the LESSOPEN environment variable but this is set by default in many common cases. Wednesday February 18th, 2026
CVE-2024-42259 drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Wednesday February 18th, 2026
CVE-2025-39764 netfilter: ctnetlink: remove refcounting in expectation dumpers Wednesday February 18th, 2026
CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509 Wednesday February 18th, 2026
CVE-2025-68725 bpf: Do not let BPF test infra emit invalid GSO types to stack Wednesday February 18th, 2026
CVE-2025-21844 smb: client: Add check for next_buffer in receive_encrypted_standard() Wednesday February 18th, 2026
CVE-2024-21171 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2025-37754 drm/i915/huc: Fix fence not released on early probe errors Wednesday February 18th, 2026
CVE-2025-21923 HID: hid-steam: Fix use-after-free when detaching device Wednesday February 18th, 2026
CVE-2025-49180 Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension Wednesday February 18th, 2026
CVE-2025-38377 rose: fix dangling neighbour pointers in rose_rt_device_down() Wednesday February 18th, 2026
CVE-2025-68742 bpf: Fix invalid prog->stats access when update_effective_progs fails Wednesday February 18th, 2026
CVE-2023-39318 Improper handling of HTML-like comments in script contexts in html/template Wednesday February 18th, 2026
CVE-2024-6608 It was possible to move the cursor using pointerlock from an iframe. This allowed moving the cursor outside of the viewport and the Firefox window. This vulnerability affects Firefox < 128 and Thunderbird < 128. Wednesday February 18th, 2026
CVE-2024-45590 body-parser vulnerable to denial of service when url encoding is enabled Wednesday February 18th, 2026
CVE-2024-9042 This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below. Wednesday February 18th, 2026
CVE-2019-14249 dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attackers to cause a denial of service Wednesday February 18th, 2026
CVE-2025-37793 ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe() Wednesday February 18th, 2026
CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size Wednesday February 18th, 2026
CVE-2025-21857 net/sched: cls_api: fix error handling causing NULL dereference Wednesday February 18th, 2026
CVE-2020-28163 libdwarf before 20201201 allows a dwarf_print_lines.c NULL pointer dereference and application crash via a DWARF5 line-table header that has an invalid FORM for a pathname. Wednesday February 18th, 2026
CVE-2025-39707 drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities Wednesday February 18th, 2026
CVE-2025-54566 hw/pci/pcie_sriov.c in QEMU through 10.0.3 has a migration state inconsistency, a related issue to CVE-2024-26327. Wednesday February 18th, 2026
CVE-2025-58187 Quadratic complexity when checking name constraints in crypto/x509 Wednesday February 18th, 2026
CVE-2025-21928 HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() Wednesday February 18th, 2026
CVE-2024-43800 serve-static affected by template injection that can lead to XSS Wednesday February 18th, 2026
CVE-2025-21854 sockmap, vsock: For connectible sockets allow only connected Wednesday February 18th, 2026
CVE-2020-27545 libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. Wednesday February 18th, 2026
CVE-2022-27664 In net/http in Go before 1.18.6 and 1.19.x before 1.19.1 attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. Wednesday February 18th, 2026
CVE-2025-68347 ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events Wednesday February 18th, 2026
CVE-2024-6610 Form validation popups could capture escape key presses. Therefore, spamming form validation messages could be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox < 128 and Thunderbird < 128. Wednesday February 18th, 2026
CVE-2025-54567 hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF Enable bit write mask, a related issue to CVE-2024-26327. Wednesday February 18th, 2026
CVE-2025-6069 HTMLParser quadratic complexity when processing malformed inputs Wednesday February 18th, 2026
CVE-2016-8681 The _dwarf_get_abbrev_for_code function in dwarf_util.c in libdwarf 20161001 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) by calling the dwarfdump command on a crafted file. Wednesday February 18th, 2026
CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal Wednesday February 18th, 2026
CVE-2024-26596 net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events Wednesday February 18th, 2026
CVE-2023-51257 An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code. Wednesday February 18th, 2026
CVE-2025-68744 bpf: Free special fields when update [lru_,]percpu_hash maps Wednesday February 18th, 2026
CVE-2023-52576 x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() Wednesday February 18th, 2026
CVE-2024-50028 thermal: core: Reference count the zone in thermal_zone_get_by_id() Wednesday February 18th, 2026
CVE-2024-35195 Requests `Session` object does not verify requests after making first request with verify=False Wednesday February 18th, 2026
CVE-2024-43799 send vulnerable to template injection that can lead to XSS Wednesday February 18th, 2026
CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability Wednesday February 18th, 2026
CVE-2023-24538 Backticks not treated as string delimiters in html/template Wednesday February 18th, 2026
CVE-2022-2995 Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. Wednesday February 18th, 2026
CVE-2025-54090 Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64 Wednesday February 18th, 2026
CVE-2025-50181 urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation Wednesday February 18th, 2026
CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() Wednesday February 18th, 2026
CVE-2024-49904 drm/amdgpu: add list empty check to avoid null pointer issue Wednesday February 18th, 2026
CVE-2025-38191 ksmbd: fix null pointer dereference in destroy_previous_session Wednesday February 18th, 2026
CVE-2025-22045 x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs Wednesday February 18th, 2026
CVE-2025-61723 Quadratic complexity when parsing some invalid inputs in encoding/pem Wednesday February 18th, 2026
CVE-2025-21919 sched/fair: Fix potential memory corruption in child_cfs_rq_on_list Wednesday February 18th, 2026
CVE-2025-23266 NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service. Wednesday February 18th, 2026
CVE-2025-37995 module: ensure that kobject_put() is safe for module type kobjects Wednesday February 18th, 2026
CVE-2024-47702 bpf: Fail verification for sign-extension of packet data/data_end/data_meta Wednesday February 18th, 2026
CVE-2025-38202 bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() Wednesday February 18th, 2026
CVE-2024-36965 remoteproc: mediatek: Make sure IPI buffer fits in L2TCM Wednesday February 18th, 2026
CVE-2022-27651 A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities enabling an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. This has the potential to impact confidentiality and integrity. Wednesday February 18th, 2026
CVE-2022-48303 GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump Wednesday February 18th, 2026
CVE-2024-26648 drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay() Wednesday February 18th, 2026
CVE-2025-38215 fbdev: Fix do_register_framebuffer to prevent null-ptr-deref in fb_videomode_to_var Wednesday February 18th, 2026
CVE-2025-21951 bus: mhi: host: pci_generic: Use pci_try_reset_function() to avoid deadlock Wednesday February 18th, 2026
CVE-2022-46175 JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). The `parse` method of the JSON5 library before and including versions 1.0.1 and 2.2.1 does not restrict parsing of keys named `__proto__` allowing specially crafted strings to pollute the prototype of the resulting object. This vulnerability pollutes the prototype of the object returned by `JSON5.parse` and not the global Object prototype which is the commonly understood definition of Prototype Pollution. However polluting the prototype of a single object can have significant security impact for an application if the object is later used in trusted operations. This vulnerability could allow an attacker to set arbitrary and unexpected keys on the object returned from `JSON5.parse`. The actual impact will depend on how applications utilize the returned object and how they filter unwanted keys but could include denial of service cross-site scripting elevation Wednesday February 18th, 2026
CVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. Wednesday February 18th, 2026
CVE-2025-39721 crypto: qat - flush misc workqueue during device shutdown Wednesday February 18th, 2026
CVE-2025-23142 sctp: detect and prevent references to a freed transport in sendmsg Wednesday February 18th, 2026
CVE-2024-0340 Kernel: information disclosure in vhost/vhost.c:vhost_new_msg() Wednesday February 18th, 2026
CVE-2024-35854 mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash Wednesday February 18th, 2026
CVE-2025-3360 Glibc: glib prior to 2.82.5 is vulnerable to integer overflow and buffer under-read when parsing a very long invalid iso 8601 timestamp with g_date_time_new_from_iso8601(). Wednesday February 18th, 2026
CVE-2025-21865 gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). Wednesday February 18th, 2026
CVE-2025-40914 Perl CryptX before version 0.087 contains a dependency that may be susceptible to an integer overflow Wednesday February 18th, 2026
CVE-2022-27649 A flaw was found in Podman where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs. Wednesday February 18th, 2026
CVE-2024-6603 In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128. Wednesday February 18th, 2026
CVE-2025-39711 media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls Wednesday February 18th, 2026
CVE-2025-7783 Usage of unsafe random function in form-data for choosing boundary Wednesday February 18th, 2026
CVE-2024-4778 Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 126. Wednesday February 18th, 2026
CVE-2023-6129 POLY1305 MAC implementation corrupts vector registers on PowerPC Wednesday February 18th, 2026
CVE-2022-30629 Session tickets lack random ticket_age_add in crypto/tls Wednesday February 18th, 2026
CVE-2024-57896 btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount Wednesday February 18th, 2026
CVE-2024-28085 wall in util-linux through 2.40 often installed with setgid tty permissions allows escape sequences to be sent to other users' terminals through argv. (Specifically escape sequences received from stdin are blocked but escape sequences received from argv are not blocked.) There may be plausible scenarios where this leads to account takeover. Wednesday February 18th, 2026
CVE-2021-3602 An information disclosure flaw was found in Buildah when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials). Wednesday February 18th, 2026
CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto Wednesday February 18th, 2026
CVE-2025-37830 cpufreq: scmi: Fix null-ptr-deref in scmi_cpufreq_get_rate() Wednesday February 18th, 2026
CVE-2024-35878 of: module: prevent NULL pointer dereference in vsnprintf() Wednesday February 18th, 2026
CVE-2024-6612 CSP violations generated links in the console tab of the developer tools, pointing to the violating resource. This caused a DNS prefetch which leaked that a CSP violation happened. This vulnerability affects Firefox < 128 and Thunderbird < 128. Wednesday February 18th, 2026
CVE-2025-68345 ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() Wednesday February 18th, 2026
CVE-2023-24534 Excessive memory allocation in net/http and net/textproto Wednesday February 18th, 2026
CVE-2025-7395 Domain Name Validation Bypass with Apple Native Certificate Validation Wednesday February 18th, 2026
CVE-2023-42821 github.com/gomarkdown/markdown Out-of-bounds Read while parsing citations Wednesday February 18th, 2026
CVE-2025-38211 RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction Wednesday February 18th, 2026
CVE-2025-37772 RDMA/cma: Fix workqueue crash in cma_netevent_work_handler Wednesday February 18th, 2026
CVE-2024-35869 smb: client: guarantee refcounted children from parent session Wednesday February 18th, 2026
CVE-2025-68362 wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() Wednesday February 18th, 2026
CVE-2025-6021 Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2 Wednesday February 18th, 2026
CVE-2024-57892 ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv Wednesday February 18th, 2026
CVE-2024-49890 drm/amd/pm: ensure the fw_info is not null before using it Wednesday February 18th, 2026
CVE-2025-7394 In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() documentation in OpenSSL calls out not being safe for use with fork() without first calling RAND_poll(), an additional code change was also made in wolfSSL to make RAND_bytes() behave similar to OpenSSL after a fork() call without calling RAND_poll(). Now the Hash-DRBG used gets reseeded after detecting running in a new process. If making use of RAND_bytes() and calling fork() we recommend updating to the latest version of wolfSSL. Thanks to Per Allansson from Appgate for the report. Wednesday February 18th, 2026
CVE-2023-47100 In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. Wednesday February 18th, 2026
CVE-2025-37781 i2c: cros-ec-tunnel: defer probe if parent EC is not present Wednesday February 18th, 2026
CVE-2025-68354 regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex Wednesday February 18th, 2026
CVE-2024-57801 net/mlx5e: Skip restore TC rules for vport rep without loaded flag Wednesday February 18th, 2026
CVE-2024-49892 drm/amd/display: Initialize get_bytes_per_element's default to 1 Wednesday February 18th, 2026
CVE-2023-31486 HTTP::Tiny before 0.083 a Perl core module since 5.13.9 and available standalone on CPAN has an insecure default TLS configuration where users must opt in to verify certificates. Wednesday February 18th, 2026
CVE-2025-38352 posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() Wednesday February 18th, 2026
CVE-2025-37930 drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill() Wednesday February 18th, 2026
CVE-2023-51780 An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. Wednesday February 18th, 2026
CVE-2025-68349 NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid Wednesday February 18th, 2026
CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http Wednesday February 18th, 2026
CVE-2025-21490 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2025-38204 jfs: fix array-index-out-of-bounds read in add_missing_indices Wednesday February 18th, 2026
CVE-2025-49794 Libxml: heap use after free (uaf) leads to denial of service (dos) Wednesday February 18th, 2026
CVE-2019-16276 Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Wednesday February 18th, 2026
CVE-2024-57887 drm: adv7511: Fix use-after-free in adv7533_attach_dsi() Wednesday February 18th, 2026
CVE-2022-35409 An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. Wednesday February 18th, 2026
CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. Wednesday February 18th, 2026
CVE-2025-38351 KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush Wednesday February 18th, 2026
CVE-2021-33198 In Go before 1.15.13 and 1.16.x before 1.16.5 there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method. Wednesday February 18th, 2026
CVE-2025-37819 irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() Wednesday February 18th, 2026
CVE-2025-68371 scsi: smartpqi: Fix device resources accessed after device removal Wednesday February 18th, 2026
CVE-2025-38230 jfs: validate AG parameters in dbMount() to prevent crashes Wednesday February 18th, 2026
CVE-2023-49295 quic-go's path validation mechanism can cause denial of service Wednesday February 18th, 2026
CVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation Wednesday February 18th, 2026
CVE-2025-40913 Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow Wednesday February 18th, 2026
CVE-2019-16910 Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.) Wednesday February 18th, 2026
CVE-2025-37963 arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users Wednesday February 18th, 2026
CVE-2025-22870 HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net Wednesday February 18th, 2026
CVE-2018-10906 In fuse before versions 2.9.8 and 3.x before 3.2.5 fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system accessible by other users and trick them into accessing files on that file system possibly causing Denial of Service or other unspecified effects. Wednesday February 18th, 2026
CVE-2020-25576 An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. Wednesday February 18th, 2026
CVE-2025-38213 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2024-21646 Azure IoT Platform Device SDK Remote Code Execution Vulnerability Wednesday February 18th, 2026
CVE-2024-30261 Undici's fetch with integrity option is too lax when algorithm is specified but hash value is in incorrect Wednesday February 18th, 2026
CVE-2025-38575 ksmbd: use aead_request_free to match aead_request_alloc Wednesday February 18th, 2026
CVE-2025-32386 Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination Wednesday February 18th, 2026
CVE-2025-53605 The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::coded_input_stream::CodedInputStream::skip_group parsing of unknown fields in untrusted input. Wednesday February 18th, 2026
CVE-2023-41361 An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version. Wednesday February 18th, 2026
CVE-2024-43893 serial: core: check uartclk for zero to avoid divide by zero Wednesday February 18th, 2026
CVE-2025-47268 ping in iputils before 20250602 allows a denial of service Wednesday February 18th, 2026
CVE-2025-2784 Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content Wednesday February 18th, 2026
CVE-2024-40647 Unintentional exposure of environment variables to subprocesses in sentry-sdk Wednesday February 18th, 2026
CVE-2025-58185 Parsing DER payload can cause memory exhaustion in encoding/asn1 Wednesday February 18th, 2026
CVE-2025-38194 jffs2: check that raw node were preallocated before writing summary Wednesday February 18th, 2026
CVE-2024-50049 drm/amd/display: Check null pointer before dereferencing se Wednesday February 18th, 2026
CVE-2025-37798 codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() Wednesday February 18th, 2026
CVE-2024-32465 Git's protections for cloning untrusted repositories can be bypassed Wednesday February 18th, 2026
CVE-2023-46752 An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data leading to a crash. Wednesday February 18th, 2026
CVE-2015-2158 Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service Wednesday February 18th, 2026
CVE-2024-56770 net/sched: netem: account for backlog updates from child qdisc Wednesday February 18th, 2026
CVE-2025-38198 fbcon: Make sure modelist not set on unregistered console Wednesday February 18th, 2026
CVE-2025-32053 Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() Wednesday February 18th, 2026
CVE-2023-47235 An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed because the presence of EOR does not lead to a treat-as-withdraw outcome. Wednesday February 18th, 2026
CVE-2022-2588 It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Wednesday February 18th, 2026
CVE-2020-28367 Arbitrary code execution via the go command with cgo in cmd/go Wednesday February 18th, 2026
CVE-2024-47699 nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() Wednesday February 18th, 2026
CVE-2021-43666 A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. Wednesday February 18th, 2026
CVE-2025-5351 Libssh: double free vulnerability in libssh key export functions Wednesday February 18th, 2026
CVE-2024-2494 Libvirt: negative g_new0 length can lead to unbounded memory allocation Wednesday February 18th, 2026
CVE-2023-47234 An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes). Wednesday February 18th, 2026
CVE-2022-2586 It was discovered that a nft object or expression could reference a nft set on a different nft table leading to a use-after-free once that table was deleted. Wednesday February 18th, 2026
CVE-2025-37884 bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Wednesday February 18th, 2026
CVE-2024-47734 bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave() Wednesday February 18th, 2026
CVE-2024-26930 scsi: qla2xxx: Fix double free of the ha->vp_map pointer Wednesday February 18th, 2026
CVE-2024-53213 net: usb: lan78xx: Fix double free issue with interrupt buffer allocation Wednesday February 18th, 2026
CVE-2023-6992 Memory corruption issues is Cloudflare zlib implementation Wednesday February 18th, 2026
CVE-2023-46753 An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes e.g. one with only an unknown transit attribute. Wednesday February 18th, 2026
CVE-2024-6611 A nested iframe, triggering a cross-site navigation, could send SameSite=Strict or Lax cookies. This vulnerability affects Firefox < 128 and Thunderbird < 128. Wednesday February 18th, 2026
CVE-2024-49868 btrfs: fix a NULL pointer dereference when failed to start a new trasacntion Wednesday February 18th, 2026
CVE-2025-5372 Libssh: incorrect return code handling in ssh_kdf() in libssh Wednesday February 18th, 2026
CVE-2025-37776 ksmbd: fix use-after-free in smb_break_all_levII_oplock() Wednesday February 18th, 2026
CVE-2024-28835 Gnutls: potential crash during chain building/verification Wednesday February 18th, 2026
CVE-2024-54680 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-32051 Libsoup: segmentation fault when parsing malformed data uri Wednesday February 18th, 2026
CVE-2024-25177 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an unsinking of IR_FSTORE for NULL metatable, which leads to Denial of Service (DoS). Wednesday February 18th, 2026
CVE-2025-47912 Insufficient validation of bracketed IPv6 hostnames in net/url Wednesday February 18th, 2026
CVE-2018-14040 In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attributeIn Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute Wednesday February 18th, 2026
CVE-2024-43894 drm/client: fix null pointer dereference in drm_client_modeset_probe Wednesday February 18th, 2026
CVE-2024-32020 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will Wednesday February 18th, 2026
CVE-2024-28834 Gnutls: vulnerable to minerva side-channel information leak Wednesday February 18th, 2026
CVE-2025-21991 x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Wednesday February 18th, 2026
CVE-2021-20286 A flaw was found in libnbd 1.7.3. An assertion failure in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service. Wednesday February 18th, 2026
CVE-2025-38713 hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() Wednesday February 18th, 2026
CVE-2025-38174 thunderbolt: Do not double dequeue a configuration request Wednesday February 18th, 2026
CVE-2025-50081 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2021-45707 An issue was discovered in the nix crate 0.16.0 and later before 0.20.2 0.21.x before 0.21.2 and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. Wednesday February 18th, 2026
CVE-2025-23016 FastCGI fcgi2 (aka fcgi) 2.x through 2.4.4 has an integer overflow (and resultant heap-based buffer overflow) via crafted nameLen or valueLen values in data to the IPC socket. This occurs in ReadParams in fcgiapp.c. Wednesday February 18th, 2026
CVE-2024-23722 In Fluent Bit 2.1.8 through 2.2.1 a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly. Wednesday February 18th, 2026
CVE-2024-49854 block bfq: fix uaf for accessing waker_bfqq after splitting Wednesday February 18th, 2026
CVE-2024-26785 iommufd: Fix protection fault in iommufd_test_syz_conv_iova Wednesday February 18th, 2026
CVE-2019-11834 cJSON before 1.7.11 allows out-of-bounds access related to \x00 in a string literal. Wednesday February 18th, 2026
CVE-2024-27018 netfilter: br_netfilter: skip conntrack input hook for promisc packets Wednesday February 18th, 2026
CVE-2022-34038 Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability. Wednesday February 18th, 2026
CVE-2025-29087 In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concat_ws() SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string (e.g., 2MB or more), an integer overflow occurs in calculating the size of the result buffer, and thus malloc may not allocate enough memory. Wednesday February 18th, 2026
CVE-2025-68336 locking/spinlock/debug: Fix data-race in do_raw_write_lock Wednesday February 18th, 2026
CVE-2022-4415 A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting. Wednesday February 18th, 2026
CVE-2024-26789 crypto: arm64/neonbs - fix out-of-bounds access on short input Wednesday February 18th, 2026
CVE-2022-23772 Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption. Wednesday February 18th, 2026
CVE-2025-37905 firmware: arm_scmi: Balance device refcount when destroying devices Wednesday February 18th, 2026
CVE-2023-26159 Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site potentially leading to information disclosure phishing attacks or other security breaches. Wednesday February 18th, 2026
CVE-2021-32923 HashiCorp Vault and Vault Enterprise allowed the renewal of nearly-expired token leases and dynamic secret leases (specifically those within 1 second of their maximum TTL) which caused them to be incorrectly treated as non-expiring during subsequent use. Fixed in 1.5.9 1.6.5 and 1.7.2. Wednesday February 18th, 2026
CVE-2025-38704 rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access Wednesday February 18th, 2026
CVE-2025-6199 Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder Wednesday February 18th, 2026
CVE-2019-11835 cJSON before 1.7.11 allows out-of-bounds access related to multiline comments. Wednesday February 18th, 2026
CVE-2025-7519 Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write Wednesday February 18th, 2026
CVE-2023-49993 Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow Wednesday February 18th, 2026
CVE-2023-41913 strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. Wednesday February 18th, 2026
CVE-2024-36969 drm/amd/display: Fix division by zero in setup_dsc_config Wednesday February 18th, 2026
CVE-2024-26987 mm/memory-failure: fix deadlock when hugetlb_optimize_vmemmap is enabled Wednesday February 18th, 2026
CVE-2024-47701 ext4: avoid OOB when system.data xattr changes underneath the filesystem Wednesday February 18th, 2026
CVE-2024-34459 An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c. Wednesday February 18th, 2026
CVE-2023-50711 `serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access Wednesday February 18th, 2026
CVE-2023-49992 Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow via the function RemoveEnding at dictionary.c. Wednesday February 18th, 2026
CVE-2025-68337 jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted Wednesday February 18th, 2026
CVE-2024-11235 Reference counting in php_request_shutdown causes Use-After-Free Wednesday February 18th, 2026
CVE-2024-56786 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2024-30204 In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. Wednesday February 18th, 2026
CVE-2024-22189 QUIC's Connection ID Mechanism vulnerable to Memory Exhaustion Attack Wednesday February 18th, 2026
CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. Wednesday February 18th, 2026
CVE-2024-36478 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Wednesday February 18th, 2026
CVE-2024-4773 When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126. Wednesday February 18th, 2026
CVE-2023-49994 Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c. Wednesday February 18th, 2026
CVE-2025-38170 arm64/fpsimd: Discard stale CPU state when handling SME traps Wednesday February 18th, 2026
CVE-2022-45639 OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line. Wednesday February 18th, 2026
CVE-2024-53203 usb: typec: fix potential array underflow in ucsi_ccg_sync_control() Wednesday February 18th, 2026
CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state Wednesday February 18th, 2026
CVE-2018-1000215 Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service Wednesday February 18th, 2026
CVE-2023-49991 Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c. Wednesday February 18th, 2026
CVE-2022-0778 Infinite loop in BN_mod_sqrt() reachable when parsing certificates Wednesday February 18th, 2026
CVE-2024-32021 Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory Wednesday February 18th, 2026
CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar Wednesday February 18th, 2026
CVE-2024-47696 RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency Wednesday February 18th, 2026
CVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow Wednesday February 18th, 2026
CVE-2024-56784 drm/amd/display: Adding array index check to prevent memory corruption Wednesday February 18th, 2026
CVE-2024-57872 scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove() Wednesday February 18th, 2026
CVE-2024-25178 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240314 have an out-of-bounds read in the stack-overflow handler in lj_state.c. Wednesday February 18th, 2026
CVE-2025-38113 ACPI: CPPC: Fix NULL pointer dereference when nosmp is used Wednesday February 18th, 2026
CVE-2025-21993 iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() Wednesday February 18th, 2026
CVE-2025-38703 drm/xe: Make dma-fences compliant with the safe access rules Wednesday February 18th, 2026
CVE-2024-49982 aoe: fix the potential use-after-free problem in more places Wednesday February 18th, 2026
CVE-2007-6109 Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function as demonstrated via a certain "emacs -batch -eval" command line. Wednesday February 18th, 2026
CVE-2024-4775 An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. *Note:* This issue only affects the application when the profiler is running. This vulnerability affects Firefox < 126. Wednesday February 18th, 2026
CVE-2025-37914 net_sched: ets: Fix double list add in class with netem as child qdisc Wednesday February 18th, 2026
CVE-2025-38062 genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie Wednesday February 18th, 2026
CVE-2024-30260 Undici's Proxy-Authorization header not cleared on cross-origin redirect for dispatch request stream pipeline Wednesday February 18th, 2026
CVE-2024-47691 f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread() Wednesday February 18th, 2026
CVE-2023-7104 SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow Wednesday February 18th, 2026
CVE-2025-38160 clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() Wednesday February 18th, 2026
CVE-2024-26836 platform/x86: think-lmi: Fix password opcode ordering for workstations Wednesday February 18th, 2026
CVE-2024-4770 When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Wednesday February 18th, 2026
CVE-2025-32387 Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow Wednesday February 18th, 2026
CVE-2024-5642 Buffer overread when using an empty list with SSLContext.set_npn_protocols() Wednesday February 18th, 2026
CVE-2022-28737 There's a possible overflow in handle_image() when shim tries to load and execute crafted EFI executables Wednesday February 18th, 2026
CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit Wednesday February 18th, 2026
CVE-2023-51764 Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address allowing bypass of an SPF protection mechanism. This occurs because Postfix supports . but some other popular e-mail servers do not. To prevent attack variants (by always disallowing without ) a different solution is required such as the smtpd_forbid_bare_newline=yes option with a Postfix minimum version of 3.5.23 3.6.13 3.7.9 3.8.4 or 3.9. Wednesday February 18th, 2026
CVE-2024-49992 drm/stm: Avoid use-after-free issues with crtc and plane Wednesday February 18th, 2026
CVE-2024-25176 LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c. Wednesday February 18th, 2026
CVE-2025-21867 bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() Wednesday February 18th, 2026
CVE-2023-50966 erlang-jose (aka JOSE for Erlang and Elixir) through 1.11.6 allow attackers to cause a denial of service (CPU consumption) via a large p2c (aka PBES2 Count) value in a JOSE header. Wednesday February 18th, 2026
CVE-2024-37371 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. Wednesday February 18th, 2026
CVE-2025-27363 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. Wednesday February 18th, 2026
CVE-2025-7339 on-headers vulnerable to http response header manipulation Wednesday February 18th, 2026
CVE-2025-38103 HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() Wednesday February 18th, 2026
CVE-2024-49969 drm/amd/display: Fix index out of bounds in DCN30 color transformation Wednesday February 18th, 2026
CVE-2023-51714 An issue was discovered in the HTTP2 implementation in Qt before 5.15.17 6.x before 6.2.11 6.3.x through 6.5.x before 6.5.4 and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. Wednesday February 18th, 2026
CVE-2024-47739 padata: use integer wrap around to prevent deadlock on seq_nr overflow Wednesday February 18th, 2026
CVE-2025-21941 drm/amd/display: Fix null check for pipe_ctx->plane_state in resource_build_scaling_params Wednesday February 18th, 2026
CVE-2024-31852 LLVM before 18.1.3 generates code in which the LR register can be overwritten without data being saved to the stack and thus there can sometimes be an exploitable error in the flow of control. This affects the ARM backend and can be demonstrated with Clang. NOTE: the vendor perspective is "we don't have strong objections for a CVE to be created ... It does seem that the likelihood of this miscompile enabling an exploit remains very low because the miscompile resulting in this JOP gadget is such that the function is most likely to crash on most valid inputs to the function. So if this function is covered by any testing the miscompile is most likely to be discovered before the binary is shipped to production." Wednesday February 18th, 2026
CVE-2024-58083 KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() Wednesday February 18th, 2026
CVE-2025-38145 soc: aspeed: Add NULL check in aspeed_lpc_enable_snoop() Wednesday February 18th, 2026
CVE-2025-37878 perf/core: Fix WARN_ON(!ctx) in __free_event() for partial init Wednesday February 18th, 2026
CVE-2025-58754 Axios is vulnerable to DoS attack through lack of data size check Wednesday February 18th, 2026
CVE-2024-37370 In MIT Kerberos 5 (aka krb5) before 1.21.3 an attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token causing the unwrapped token to appear truncated to the application. Wednesday February 18th, 2026
CVE-2025-38039 net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled Wednesday February 18th, 2026
CVE-2023-30589 The llhttp parser in the http module in Node v20.2.0 does not strictly use the CRLF sequence to delimit HTTP requests. This can lead to HTTP Request Smuggling (HRS). The CR character (without LF) is sufficient to delimit HTTP header fields in the llhttp parser. According to RFC7230 section 3 only the CRLF sequence should delimit each header-field. This impacts all Node.js active versions: v16 v18 and v20 Wednesday February 18th, 2026
CVE-2024-36013 Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() Wednesday February 18th, 2026
CVE-2025-68324 scsi: imm: Fix use-after-free bug caused by unfinished delayed work Wednesday February 18th, 2026
CVE-2025-38149 net: phy: clear phydev->devlink when the link is deleted Wednesday February 18th, 2026
CVE-2024-56626 ksmbd: fix Out-of-Bounds Write in ksmbd_vfs_stream_write Wednesday February 18th, 2026
CVE-2024-50061 i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition Wednesday February 18th, 2026
CVE-2022-34169 Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets Wednesday February 18th, 2026
CVE-2023-6546 Kernel: gsm multiplexing race condition leads to privilege escalation Wednesday February 18th, 2026
CVE-2023-4504 OpenPrinting CUPS/libppd Postscript Parsing Heap Overflow Wednesday February 18th, 2026
CVE-2025-27152 Possible SSRF and Credential Leakage via Absolute URL in axios Requests Wednesday February 18th, 2026
CVE-2024-6257 HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation Wednesday February 18th, 2026
CVE-2025-38136 usb: renesas_usbhs: Reorder clock handling and power management in probe Wednesday February 18th, 2026
CVE-2021-46023 An Untrusted Pointer Dereference was discovered in function mrb_vm_exec in mruby before 3.1.0-rc. The vulnerability causes a segmentation fault and application crash. Wednesday February 18th, 2026
CVE-2022-46146 Prometheus Exporter Toolkit vulnerable to basic authentication bypass Wednesday February 18th, 2026
CVE-2023-5115 Ansible: malicious role archive can cause ansible-galaxy to overwrite arbitrary files Wednesday February 18th, 2026
CVE-2023-52971 MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan. Wednesday February 18th, 2026
CVE-2025-7546 GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write Wednesday February 18th, 2026
CVE-2025-38029 kasan: avoid sleepable page allocation from atomic context Wednesday February 18th, 2026
CVE-2024-29040 Fapi Verify Quote: Does not detect if quote was not generated by TPM Wednesday February 18th, 2026
CVE-2025-38122 gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO Wednesday February 18th, 2026
CVE-2023-34241 CUPS vulnerable to use-after-free in cupsdAcceptClient() Wednesday February 18th, 2026
CVE-2021-38190 An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count. Wednesday February 18th, 2026
CVE-2022-35256 The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. Wednesday February 18th, 2026
CVE-2025-37951 drm/v3d: Add job to pending list if the reset was skipped Wednesday February 18th, 2026
CVE-2023-52284 Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have an "double free or corruption" error for a valid WebAssembly module because push_pop_frame_ref_offset is mishandled. Wednesday February 18th, 2026
CVE-2021-33195 Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers and thus a return value may contain an unsafe injection (e.g. XSS) that does not conform to the RFC1035 format. Wednesday February 18th, 2026
CVE-2024-38540 bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq Wednesday February 18th, 2026
CVE-2023-52733 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-37804 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-68296 drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup Wednesday February 18th, 2026
CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes Wednesday February 18th, 2026
CVE-2024-47730 crypto: hisilicon/qm - inject error before stopping queue Wednesday February 18th, 2026
CVE-2025-12058 Vulnerability in Keras Model.load_model Leading to Arbitrary Local File Loading and SSRF Wednesday February 18th, 2026
CVE-2025-21887 ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up Wednesday February 18th, 2026
CVE-2025-38097 espintcp: remove encap socket caching to avoid reference leak Wednesday February 18th, 2026
CVE-2025-38042 dmaengine: ti: k3-udma-glue: Drop skip_fdq argument from k3_udma_glue_reset_rx_chn Wednesday February 18th, 2026
CVE-2024-41184 In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1 an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. Wednesday February 18th, 2026
CVE-2023-34411 The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid Wednesday February 18th, 2026
CVE-2025-53906 Vim has path traversal issue with zip.vim and special crafted zip archives Wednesday February 18th, 2026
CVE-2025-38110 net/mdiobus: Fix potential out-of-bounds clause 45 read/write access Wednesday February 18th, 2026
CVE-2022-26691 A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina macOS Monterey 12.3 macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. Wednesday February 18th, 2026
CVE-2025-21943 gpio: aggregator: protect driver attr handlers against module unload Wednesday February 18th, 2026
CVE-2024-47672 wifi: iwlwifi: mvm: don't wait for tx queues if firmware is dead Wednesday February 18th, 2026
CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH Wednesday February 18th, 2026
CVE-2025-37972 Input: mtk-pmic-keys - fix possible null pointer dereference Wednesday February 18th, 2026
CVE-2023-0778 A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system. Wednesday February 18th, 2026
CVE-2024-40725 Apache HTTP Server: source code disclosure with handlers configured via AddType Wednesday February 18th, 2026
CVE-2016-3959 The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certificates or SSH server libraries. Wednesday February 18th, 2026
CVE-2022-31394 Hyperium Hyper before 0.14.19 does not allow for customization of the max_header_list_size method in the H2 third-party software allowing attackers to perform HTTP2 attacks. Wednesday February 18th, 2026
CVE-2024-12905 An Improper Link Resolution Before File Access ("Link Following") and Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal"). This vulnerability occurs when extracting a maliciously crafted tar file, which can result in unauthorized file writes or overwrites outside the intended extraction directory. The issue is associated with index.js in the tar-fs package. This issue affects tar-fs: from 0.0.0 before 1.16.4, from 2.0.0 before 2.1.2, from 3.0.0 before 3.0.8. Wednesday February 18th, 2026
CVE-2025-53905 Vim has path traversial issue with tar.vim and special crafted tar files Wednesday February 18th, 2026
CVE-2022-1708 A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution and it is read in a manner where the entire file corresponding to the output of the command is read in. Thus if the output of the command is large it is possible to exhaust the memory or the disk space of the node when CRI-O reads the output of the command. The highest threat from this vulnerability is system availability. Wednesday February 18th, 2026
CVE-2025-38115 net_sched: sch_sfq: fix a potential crash on gso_skb handling Wednesday February 18th, 2026
CVE-2024-56766 mtd: rawnand: fix double free in atmel_pmecc_create_user() Wednesday February 18th, 2026
CVE-2024-46748 cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT Wednesday February 18th, 2026
CVE-2019-19317 lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. Wednesday February 18th, 2026
CVE-2022-0811 A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed. Wednesday February 18th, 2026
CVE-2024-49895 drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation Wednesday February 18th, 2026
CVE-2025-37833 net/niu: Niu requires MSIX ENTRY_DATA fields touch before entry reads Wednesday February 18th, 2026
CVE-2023-46118 Denial of Service by publishing large messages over the HTTP API Wednesday February 18th, 2026
CVE-2025-38163 f2fs: fix to do sanity check on sbi->total_valid_block_count Wednesday February 18th, 2026
CVE-2023-42467 QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately. Wednesday February 18th, 2026
CVE-2024-57978 media: imx-jpeg: Fix potential error pointer dereference in detach_pm() Wednesday February 18th, 2026
CVE-2019-10906 In Pallets Jinja before 2.10.1 str.format_map allows a sandbox escape. Wednesday February 18th, 2026
CVE-2025-38135 serial: Fix potential null-ptr-deref in mlb_usio_probe() Wednesday February 18th, 2026
CVE-2024-51741 Redis allows denial-of-service due to malformed ACL selectors Wednesday February 18th, 2026
CVE-2025-50079 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2023-3354 Improper i/o watch removal in tls handshake can lead to remote unauthenticated denial of service Wednesday February 18th, 2026
CVE-2025-37976 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-38155 wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() Wednesday February 18th, 2026
CVE-2019-19076 A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consumption) aka CID-78beef629fd9. NOTE: This has been argued as not a valid vulnerability. The upstream commit 78beef629fd9 was reverted Wednesday February 18th, 2026
CVE-2024-57981 usb: xhci: Fix NULL pointer dereference on certain command aborts Wednesday February 18th, 2026
CVE-2024-49977 net: stmmac: Fix zero-division error when disabling tc cbs Wednesday February 18th, 2026
CVE-2023-3301 Triggerable assertion due to race condition in hot-unplug Wednesday February 18th, 2026
CVE-2019-19926 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. Wednesday February 18th, 2026
CVE-2025-50080 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-48615 Null Pointer Dereference vulnerability in libarchive 3.7.6 and earlier when running program bsdtar in function header_pax_extension at rchive_read_support_format_tar.c:1844:8. Wednesday February 18th, 2026
CVE-2023-3255 Qemu: vnc: infinite loop in inflate_buffer() leads to denial of service Wednesday February 18th, 2026
CVE-2014-10402 An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401. Wednesday February 18th, 2026
CVE-2024-44952 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-21711 net/rose: prevent integer overflows in rose_setsockopt() Wednesday February 18th, 2026
CVE-2025-37958 mm/huge_memory: fix dereferencing invalid pmd migration entry Wednesday February 18th, 2026
CVE-2025-50078 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2014-8991 pip 1.3 through 1.5.6 allows local users to cause a denial of service (prevention of package installation) by creating a /tmp/pip-build-* file for another user. Wednesday February 18th, 2026
CVE-2024-41011 drm/amdkfd: don't allow mapping the MMIO HDP page with large pages Wednesday February 18th, 2026
CVE-2024-49996 cifs: Fix buffer overflow when parsing NFS reparse points Wednesday February 18th, 2026
CVE-2025-1734 Streams HTTP wrapper does not fail for headers with invalid name and no colon Wednesday February 18th, 2026
CVE-2022-3171 Memory handling vulnerability in ProtocolBuffers Java core and lite Wednesday February 18th, 2026
CVE-2025-38117 Bluetooth: MGMT: Protect mgmt_pending list with its own lock Wednesday February 18th, 2026
CVE-2024-36968 Bluetooth: L2CAP: Fix div-by-zero in l2cap_le_flowctl_init() Wednesday February 18th, 2026
CVE-2025-50091 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2023-0465 Invalid certificate policies in leaf certificates are silently ignored Wednesday February 18th, 2026
CVE-2023-1544 Qemu: pvrdma: out-of-bounds read in pvrdma_ring_next_elem_read() Wednesday February 18th, 2026
CVE-2025-23133 wifi: ath11k: update channel list in reg notifier instead reg worker Wednesday February 18th, 2026
CVE-2024-25580 An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17 6.x before 6.2.12 6.3.x through 6.5.x before 6.5.5 and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file. Wednesday February 18th, 2026
CVE-2022-48841 ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats() Wednesday February 18th, 2026
CVE-2025-50101 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2025-38111 net/mdiobus: Fix potential out-of-bounds read/write access Wednesday February 18th, 2026
CVE-2024-36972 af_unix: Update unix_sk(sk)->oob_skb under sk_receive_queue lock. Wednesday February 18th, 2026
CVE-2021-43565 The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. Wednesday February 18th, 2026
CVE-2025-1861 Stream HTTP wrapper truncates redirect location to 1024 bytes Wednesday February 18th, 2026
CVE-2024-29018 External DNS requests from 'internal' networks could lead to data exfiltration Wednesday February 18th, 2026
CVE-2025-38129 page_pool: Fix use-after-free in page_pool_recycle_in_ring Wednesday February 18th, 2026
CVE-2025-39790 bus: mhi: host: Detect events pointing to unexpected TREs Wednesday February 18th, 2026
CVE-2024-56606 af_packet: avoid erroring out after sock_init_data() in packet_create() Wednesday February 18th, 2026
CVE-2025-50097 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2024-45619 Libopensc: incorrect handling length of buffers or files in libopensc Wednesday February 18th, 2026
CVE-2025-38153 net: usb: aqc111: fix error handling of usbnet read calls Wednesday February 18th, 2026
CVE-2025-1736 Stream HTTP wrapper header check might omit basic auth header Wednesday February 18th, 2026
CVE-2025-50100 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-58007 soc: qcom: socinfo: Avoid out of bounds read of serial number Wednesday February 18th, 2026
CVE-2024-49879 drm: omapdrm: Add missing check for alloc_ordered_workqueue Wednesday February 18th, 2026
CVE-2024-1013 Unixodbc: out of bounds stack write due to pointer-to-integer types conversion Wednesday February 18th, 2026
CVE-2024-45002 rtla/osnoise: Prevent NULL dereference in error handling Wednesday February 18th, 2026
CVE-2025-1219 libxml streams use wrong content-type header when requesting a redirected resource Wednesday February 18th, 2026
CVE-2025-38131 coresight: prevent deactivate active config while enabling the config Wednesday February 18th, 2026
CVE-2025-50094 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-28849 Proxy-Authorization header kept across hosts in follow-redirects Wednesday February 18th, 2026
CVE-2024-50045 netfilter: br_netfilter: fix panic with metadata_dst skb Wednesday February 18th, 2026
CVE-2025-37977 scsi: ufs: exynos: Disable iocc if dma-coherent property isn't set Wednesday February 18th, 2026
CVE-2025-39742 RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() Wednesday February 18th, 2026
CVE-2024-44997 net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() Wednesday February 18th, 2026
CVE-2025-1217 Header parser of http stream wrapper does not handle folded headers Wednesday February 18th, 2026
CVE-2025-50092 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2023-3338 Crash due to a null pointer dereference in the dn_nsp_send function Wednesday February 18th, 2026
CVE-2025-37968 iio: light: opt3001: fix deadlock due to concurrent flag access Wednesday February 18th, 2026
CVE-2025-38159 wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Wednesday February 18th, 2026
CVE-2025-21743 usbnet: ipheth: fix possible overflow in DPE length check Wednesday February 18th, 2026
CVE-2024-44995 net: hns3: fix a deadlock problem when config TC during resetting Wednesday February 18th, 2026
CVE-2025-39761 wifi: ath12k: Decrement TID on RX peer frag setup error handling Wednesday February 18th, 2026
CVE-2024-39473 ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension Wednesday February 18th, 2026
CVE-2021-3611 A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. A malicious guest could use this flaw to crash the QEMU process on the host resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. This flaw affects QEMU versions prior to 7.0.0. Wednesday February 18th, 2026
CVE-2025-50086 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2025-30219 RabbitMQ has XSS Vulnerability in an Error Message in Management UI Wednesday February 18th, 2026
CVE-2024-49877 ocfs2: fix possible null-ptr-deref in ocfs2_set_buffer_uptodate Wednesday February 18th, 2026
CVE-2025-21744 wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() Wednesday February 18th, 2026
CVE-2024-2496 Libvirt: null pointer dereference in udevconnectlistallinterfaces() Wednesday February 18th, 2026
CVE-2021-20255 A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host resulting in a denial of service. The highest threat from this vulnerability is to system availability. Wednesday February 18th, 2026
CVE-2024-58093 PCI/ASPM: Fix link state exit during switch upstream function removal Wednesday February 18th, 2026
CVE-2025-38142 hwmon: (asus-ec-sensors) check sensor index in read_string() Wednesday February 18th, 2026
CVE-2025-2312 cifs.upcall makes an upcall to the wrong namespace in containerized environments Wednesday February 18th, 2026
CVE-2025-50082 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2025-21745 blk-cgroup: Fix class @block_class's subsystem refcount leakage Wednesday February 18th, 2026
CVE-2022-4899 A vulnerability was found in zstd v1.4.10 where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun. Wednesday February 18th, 2026
CVE-2024-56642 tipc: Fix use-after-free of kernel socket in cleanup_bearer(). Wednesday February 18th, 2026
CVE-2022-30594 The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. Wednesday February 18th, 2026
CVE-2024-47712 wifi: wilc1000: fix potential RCU dereference issue in wilc_parse_join_bss_param Wednesday February 18th, 2026
CVE-2025-38173 crypto: marvell/cesa - Handle zero-length skcipher requests Wednesday February 18th, 2026
CVE-2023-27043 The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. Wednesday February 18th, 2026
CVE-2023-6597 An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1 3.11.7 3.10.13 3.9.18 and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. Wednesday February 18th, 2026
CVE-2025-50083 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2023-39130 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c. Wednesday February 18th, 2026
CVE-2025-21789 LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Wednesday February 18th, 2026
CVE-2024-39484 mmc: davinci: Don't strip remove function when driver is builtin Wednesday February 18th, 2026
CVE-2024-26814 vfio/fsl-mc: Block calling interrupt handler without trigger Wednesday February 18th, 2026
CVE-2023-6507 Groups not dropped before running subprocess when using empty 'extra_groups' parameter Wednesday February 18th, 2026
CVE-2025-37984 crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() Wednesday February 18th, 2026
CVE-2025-50087 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2023-39129 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c. Wednesday February 18th, 2026
CVE-2024-39476 md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING Wednesday February 18th, 2026
CVE-2025-38148 net: phy: mscc: Fix memory leak when using one step timestamping Wednesday February 18th, 2026
CVE-2025-39751 ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Wednesday February 18th, 2026
CVE-2022-40898 An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. Wednesday February 18th, 2026
CVE-2024-50046 NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() Wednesday February 18th, 2026
CVE-2024-56599 wifi: ath10k: avoid NULL pointer error during sdio remove Wednesday February 18th, 2026
CVE-2025-50093 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2025-38157 wifi: ath9k_htc: Abort software beacon handling if disabled Wednesday February 18th, 2026
CVE-2023-25584 Out of bounds read in parse_module function in bfd/vms-alpha.c Wednesday February 18th, 2026
CVE-2023-52340 The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily e.g. leading to a denial of service (network is unreachable errors) when IPv6 packets are sent in a loop via a raw socket. Wednesday February 18th, 2026
CVE-2023-46136 Werkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning Wednesday February 18th, 2026
CVE-2023-25588 Field `the_bfd` of `asymbol` is uninitialized in function `bfd_mach_o_get_synthetic_symtab` Wednesday February 18th, 2026
CVE-2024-39475 fbdev: savage: Handle err return when savagefb_check_var failed Wednesday February 18th, 2026
CVE-2025-50085 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-49863 vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() Wednesday February 18th, 2026
CVE-2025-38118 Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete Wednesday February 18th, 2026
CVE-2021-27291 In pygments 1.1+ fixed in 2.7.4 the lexers used to parse programming languages rely heavily on regular expressions. Some of the regular expressions have exponential or cubic worst-case complexity and are vulnerable to ReDoS. By crafting malicious input an attacker can cause a denial of service. Wednesday February 18th, 2026
CVE-2024-21890 The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For example: ``` --allow-fs-read=/home/node/.ssh/*.pub ``` will ignore `pub` and give access to everything after `.ssh/`. This misleading documentation affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued the permission model is an experimental feature of Node.js. Wednesday February 18th, 2026
CVE-2022-47673 An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. Wednesday February 18th, 2026
CVE-2024-39483 KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked Wednesday February 18th, 2026
CVE-2025-50098 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2023-52917 ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() Wednesday February 18th, 2026
CVE-2021-20270 An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file as demonstrated by input that only contains the "exception" keyword. Wednesday February 18th, 2026
CVE-2025-38099 Bluetooth: Disable SCO support if READ_VOICE_SETTING is unsupported/broken Wednesday February 18th, 2026
CVE-2021-45480 An issue was discovered in the Linux kernel before 5.15.11. There is a memory leak in the __rds_conn_create() function in net/rds/connection.c in a certain combination of circumstances. Wednesday February 18th, 2026
CVE-2024-22025 A vulnerability in Node.js has been identified allowing for a Denial of Service (DoS) attack through resource exhaustion when using the fetch() function to retrieve content from an untrusted URL. The vulnerability stems from the fact that the fetch() function in Node.js always decodes Brotli making it possible for an attacker to cause resource exhaustion when fetching content from an untrusted URL. An attacker controlling the URL passed into fetch() can exploit this vulnerability to exhaust memory potentially leading to process termination depending on the system configuration. Wednesday February 18th, 2026
CVE-2022-47696 An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols. Wednesday February 18th, 2026
CVE-2023-49083 cryptography vulnerable to NULL-dereference when loading PKCS7 certificates Wednesday February 18th, 2026
CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing Wednesday February 18th, 2026
CVE-2024-44990 bonding: fix null pointer deref in bond_ipsec_offload_ok Wednesday February 18th, 2026
CVE-2025-50104 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-50041 i40e: Fix macvlan leak by synchronizing access to mac_filter_hash Wednesday February 18th, 2026
CVE-2025-38102 VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify Wednesday February 18th, 2026
CVE-2022-28391 BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively the attacker could choose to change the terminal's colors. Wednesday February 18th, 2026
CVE-2023-25585 Field `file_table` of `struct module *module` is uninitialized Wednesday February 18th, 2026
CVE-2025-38098 drm/amd/display: Don't treat wb connector as physical in create_validate_stream_for_sink Wednesday February 18th, 2026
CVE-2024-39485 media: v4l: async: Properly re-initialise notifier entry in unregister Wednesday February 18th, 2026
CVE-2024-47713 wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() Wednesday February 18th, 2026
CVE-2025-50084 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2023-39128 GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c. Wednesday February 18th, 2026
CVE-2023-25193 hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. Wednesday February 18th, 2026
CVE-2025-38161 RDMA/mlx5: Fix error flow upon firmware failure for RQ destruction Wednesday February 18th, 2026
CVE-2023-5870 Postgresql: role pg_signal_backend can signal certain superuser processes. Wednesday February 18th, 2026
CVE-2024-45006 xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration Wednesday February 18th, 2026
CVE-2024-50033 slip: make slhc_remember() more robust against malicious packets Wednesday February 18th, 2026
CVE-2025-50096 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-39474 mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL Wednesday February 18th, 2026
CVE-2010-4226 cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitrary files via a symlink within an RPM package archive. Wednesday February 18th, 2026
CVE-2025-38126 net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping Wednesday February 18th, 2026
CVE-2024-0684 Coreutils: heap overflow in split --line-bytes with very long lines Wednesday February 18th, 2026
CVE-2024-47705 block: fix potential invalid pointer dereference in blk_add_partition Wednesday February 18th, 2026
CVE-2025-53023 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Wednesday February 18th, 2026
CVE-2025-27219 In the CGI gem before 0.4.2 for Ruby, the CGI::Cookie.parse method in the CGI library contains a potential Denial of Service (DoS) vulnerability. The method does not impose any limit on the length of the raw cookie value it processes. This oversight can lead to excessive resource consumption when parsing extremely large cookies. Wednesday February 18th, 2026
CVE-2024-43897 net: drop bad gso csum_start and offset in virtio_net_hdr Wednesday February 18th, 2026
CVE-2023-44488 VP9 in libvpx before 1.13.1 mishandles widths leading to a crash related to encoding. Wednesday February 18th, 2026
CVE-2012-2677 Integer overflow in the ordered_malloc function in boost/pool/pool.hpp in Boost Pool Wednesday February 18th, 2026
CVE-2016-2781 chroot in GNU coreutils when used with --userspec allows local users to escape to the parent session via a crafted TIOCSTI ioctl call which pushes characters to the terminal's input buffer. Wednesday February 18th, 2026
CVE-2025-38092 ksmbd: use list_first_entry_or_null for opinfo_get_list() Wednesday February 18th, 2026
CVE-2024-55553 In FRRouting (FRR) all routes are re-validated if the total size of an update received via RTR exceeds the internal socket's buffer size Wednesday February 18th, 2026
CVE-2024-47707 ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() Wednesday February 18th, 2026
CVE-2024-22017 setuid() does not affect libuv's internal io_uring operations if initialized before the call to setuid(). This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid(). This vulnerability affects all users using version greater or equal than Node.js 18.18.0 Node.js 20.4.0 and Node.js 21. Wednesday February 18th, 2026
CVE-2024-45506 HAProxy 2.9.x before 2.9.10 3.0.x before 3.0.4 and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions as exploited in the wild in 2024. Wednesday February 18th, 2026
CVE-2025-50102 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). Wednesday February 18th, 2026
CVE-2024-39472 xfs: fix log recovery buffer allocation for the legacy h_size fixup Wednesday February 18th, 2026
CVE-2023-46218 This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk` even though `co.uk` is listed as a PSL domain. Wednesday February 18th, 2026
CVE-2025-38091 drm/amd/display: check stream id dml21 wrapper to get plane_id Wednesday February 18th, 2026
CVE-2025-39788 scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE Wednesday February 18th, 2026
CVE-2025-21614 go-git clients vulnerable to DoS via maliciously crafted Git server replies Wednesday February 18th, 2026
CVE-2024-1441 Libvirt: off-by-one error in udevlistinterfacesbystatus() Wednesday February 18th, 2026
CVE-2024-49913 drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream Wednesday February 18th, 2026
CVE-2025-6170 Libxml2: stack buffer overflow in xmllint interactive shell command handling Wednesday February 18th, 2026
CVE-2024-52560 fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr() Wednesday February 18th, 2026
CVE-2025-50099 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2025-39745 rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels Wednesday February 18th, 2026
CVE-2025-32463 Sudo before 1.9.17p1 allows local users to obtain root access Wednesday February 18th, 2026
CVE-2022-47085 An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs. Wednesday February 18th, 2026
CVE-2023-52696 powerpc/powernv: Add a null pointer check in opal_powercap_init() Wednesday February 18th, 2026
CVE-2025-50077 Vulnerability in the MySQL Server product of Oracle MySQL Wednesday February 18th, 2026
CVE-2024-47718 wifi: rtw88: always wait for both firmware loading attempts Wednesday February 18th, 2026
CVE-2024-28757 libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). Wednesday February 18th, 2026
CVE-2025-21779 KVM: x86: Reject Hyper-V's SEND_IPI hypercalls if local APIC isn't in-kernel Wednesday February 18th, 2026
CVE-2024-44971 net: dsa: bcm_sf2: Fix a possible memory leak in bcm_sf2_mdio_register() Wednesday February 18th, 2026
CVE-2025-32462 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL Wednesday February 18th, 2026
CVE-2024-56769 media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg Wednesday February 18th, 2026
CVE-2025-49809 mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries. Wednesday February 18th, 2026
CVE-2024-43849 soc: qcom: pdr: protect locator_addr with the main mutex Wednesday February 18th, 2026
CVE-2023-51385 In ssh in OpenSSH before 9.6 OS command injection might occur if a user name or host name has shell metacharacters and this name is referenced by an expansion token in certain situations. For example an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. Wednesday February 18th, 2026
CVE-2025-21776 USB: hub: Ignore non-compliant devices with too many configs or interfaces Wednesday February 18th, 2026
CVE-2021-20197 There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar objcopy strip ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users) an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. Wednesday February 18th, 2026
CVE-2022-43551 A vulnerability exists in curl <7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However the HSTS mechanism could be bypassed if the host name in the given URL first uses IDN characters that get replaced to ASCII counterparts as part of the IDN conversion. Like using the character UTF-8 U+3002 (IDEOGRAPHIC FULL STOP) instead of the common ASCII full stop (U+002E) `.`. Then in a subsequent request it does not detect the HSTS state and makes a clear text transfer. Because it would store the info IDN encoded but look for it IDN decoded. Wednesday February 18th, 2026
CVE-2023-51384 In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constraints are only applied to the first key even if a PKCS#11 token returns multiple keys. Wednesday February 18th, 2026
CVE-2025-21785 arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array Wednesday February 18th, 2026
CVE-2007-2768 OpenSSH when using OPIE (One-Time Passwords in Everything) for PAM allows remote attackers to determine the existence of certain user accounts which displays a different response if the user account exists and is configured to use one-time passwords (OTP) a similar issue to CVE-2007-2243. Wednesday February 18th, 2026
CVE-2024-28180 Go JOSE vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) Wednesday February 18th, 2026
CVE-2025-52496 Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery. Wednesday February 18th, 2026
CVE-2024-56767 dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset Wednesday February 18th, 2026
CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX Wednesday February 18th, 2026
CVE-2024-58071 team: prevent adding a device which is already a team device lower Wednesday February 18th, 2026
CVE-2023-4535 Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys Wednesday February 18th, 2026
CVE-2024-39936 An issue was discovered in HTTP2 in Qt before 5.15.18 6.x before 6.2.13 6.3.x through 6.5.x before 6.5.7 and 6.6.x through 6.7.x before 6.7.3. Code to make security-relevant decisions about an established connection may execute too early because the encrypted() signal has not yet been emitted and processed.. Wednesday February 18th, 2026
CVE-2023-23914 A cleartext transmission of sensitive information vulnerability exists in curl Wednesday February 18th, 2026
CVE-2024-58069 rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read Wednesday February 18th, 2026
CVE-2023-40661 Opensc: multiple memory issues with pkcs15-init (enrollment tool) Wednesday February 18th, 2026
CVE-2024-50044 Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change Wednesday February 18th, 2026
CVE-2024-44931 gpio: prevent potential speculation leaks in gpio_device_get_desc() Wednesday February 18th, 2026
CVE-2025-27516 Jinja sandbox breakout through attr filter selecting format method Wednesday February 18th, 2026
CVE-2023-40660 Opensc: potential pin bypass when card tracks its own login state Wednesday February 18th, 2026
CVE-2024-56739 rtc: check if __rtc_read_time was successful in rtc_timer_do_work() Wednesday February 18th, 2026
CVE-2025-52939 Potential heap-buffer overflow vulnerability in NotepadNext Wednesday February 18th, 2026
CVE-2023-2977 A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. Wednesday February 18th, 2026
CVE-2023-27538 An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However two SSH settings were omitted from the configuration check allowing them to match easily potentially leading to the reuse of an inappropriate connection. Wednesday February 18th, 2026
CVE-2024-58063 wifi: rtlwifi: fix memory leaks and invalid access at probe error path Wednesday February 18th, 2026
CVE-2024-43204 Apache HTTP Server: SSRF with mod_headers setting Content-Type header Wednesday February 18th, 2026
CVE-2025-38090 drivers/rapidio/rio_cm.c: prevent possible heap overwrite Wednesday February 18th, 2026
CVE-2020-26160 jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check. Wednesday February 18th, 2026
CVE-2024-56757 Bluetooth: btusb: mediatek: add intf release flow when usb disconnect Wednesday February 18th, 2026
CVE-2023-41915 OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. Wednesday February 18th, 2026
CVE-2025-38089 sunrpc: handle SVC_GARBAGE during svc auth processing as auth error Wednesday February 18th, 2026
CVE-2021-32292 An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit. Wednesday February 18th, 2026
CVE-2024-57834 media: vidtv: Fix a null-ptr-deref in vidtv_mux_stop_thread Wednesday February 18th, 2026
CVE-2024-21896 The permission model protects itself against path traversal attacks by calling path.resolve() on any paths given by the user. If the path is to be treated as a Buffer the implementation uses Buffer.from() to obtain a Buffer from the result of path.resolve(). By monkey-patching Buffer internals namely Buffer.prototype.utf8Write the application can modify the result of path.resolve() which leads to a path traversal vulnerability. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued the permission model is an experimental feature of Node.js. Wednesday February 18th, 2026
CVE-2023-27535 An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However certain FTP settings such as CURLOPT_FTP_ACCOUNT CURLOPT_FTP_ALTERNATIVE_TO_USER CURLOPT_FTP_SSL_CCC and CURLOPT_USE_SSL were not included in the configuration match checks causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer potentially allowing unauthorized access to sensitive information. Wednesday February 18th, 2026
CVE-2024-58076 clk: qcom: gcc-sm6350: Add missing parent_map for two clocks Wednesday February 18th, 2026
CVE-2025-23048 Apache HTTP Server: mod_ssl access control bypass with session resumption Wednesday February 18th, 2026
CVE-2025-38088 powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap Wednesday February 18th, 2026
CVE-2025-27220 In the CGI gem before 0.4.2 for Ruby, a Regular Expression Denial of Service (ReDoS) vulnerability exists in the Util#escapeElement method. Wednesday February 18th, 2026
CVE-2024-21891 Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects all users using the experimental permission model in Node.js 20 and Node.js 21. Please note that at the time this CVE was issued the permission model is an experimental feature of Node.js. Wednesday February 18th, 2026
CVE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType Wednesday February 18th, 2026
CVE-2024-47706 block bfq: fix possible UAF for bfqq->bic with merge chain Wednesday February 18th, 2026
CVE-2024-58052 drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table Wednesday February 18th, 2026
CVE-2024-24758 Proxy-Authorization header not cleared on cross-origin redirect in fetch in Undici Wednesday February 18th, 2026
CVE-2024-43914 md/raid5: avoid BUG_ON() while continue reshape after reassembling Wednesday February 18th, 2026
CVE-2024-56548 hfsplus: don't query the device logical block size multiple times Wednesday February 18th, 2026
CVE-2024-56741 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Wednesday February 18th, 2026
CVE-2025-52555 CephFS Permission Escalation Vulnerability in Ceph Fuse mounted FS Wednesday February 18th, 2026
CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g. for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly other timing attacks against keystroke entry could occur. Wednesday February 18th, 2026
CVE-2020-24347 njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. Wednesday February 18th, 2026
CVE-2022-30631 Stack exhaustion when reading certain archives in compress/gzip Wednesday February 18th, 2026
CVE-2024-42289 scsi: qla2xxx: During vport delete send async logout explicitly Wednesday February 18th, 2026
CVE-2023-38546 This flaw allows an attacker to insert cookies at will into a running program using libcurl if the specific series of conditions are met. libcurl performs transfers. In its API an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program usin Wednesday February 18th, 2026
CVE-2025-38086 net: ch9200: fix uninitialised access during mii_nway_restart Wednesday February 18th, 2026
CVE-2024-36387 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 Wednesday February 18th, 2026
CVE-2024-56765 powerpc/pseries/vas: Add close() callback in vas_vm_ops struct Wednesday February 18th, 2026
CVE-2025-6395 Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite() Wednesday February 18th, 2026
CVE-2023-50495 NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). Wednesday February 18th, 2026
CVE-2025-39732 wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() Wednesday February 18th, 2026
CVE-2025-21700 net: sched: Disallow replacing of child qdisc from one parent to another Wednesday February 18th, 2026
CVE-2024-26948 drm/amd/display: Add a dc_state NULL check in dc_state_release Wednesday February 18th, 2026
CVE-2022-46456 NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. Wednesday February 18th, 2026
CVE-2024-37298 Potential memory exhaustion attack due to sparse slice deserialization Wednesday February 18th, 2026
CVE-2025-27221 In the URI gem before 1.0.3 for Ruby, the URI handling methods (URI.join, URI#merge, URI#+) have an inadvertent leakage of authentication credentials because userinfo is retained even after changing the host. Wednesday February 18th, 2026
CVE-2022-24921 regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows stack exhaustion via a deeply nested expression. Wednesday February 18th, 2026
CVE-2025-39731 f2fs: vm_unmap_ram() may be called from an invalid context Wednesday February 18th, 2026
CVE-2025-38084 mm/hugetlb: unshare page tables during VMA split, not before Wednesday February 18th, 2026
CVE-2025-48924 Apache Commons Lang, Apache Commons Lang: ClassUtils.getClass(...) can throw a StackOverflowError on very long inputs Wednesday February 18th, 2026
CVE-2023-27533 A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform option negotiation without the application's intent. This vulnerability could be exploited if an application allows user input thereby enabling attackers to execute arbitrary code on the system. Wednesday February 18th, 2026
CVE-2025-21780 drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() Wednesday February 18th, 2026
CVE-2016-9841 inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic Wednesday February 18th, 2026
CVE-2025-9566 Podman: podman kube play command may overwrite host files Wednesday February 18th, 2026
CVE-2024-56746 fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() Wednesday February 18th, 2026
CVE-2024-50058 serial: protect uart_port_dtr_rts() in uart_shutdown() too Wednesday February 18th, 2026
CVE-2020-28362 Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. Wednesday February 18th, 2026
CVE-2024-24791 Denial of service due to improper 100-continue handling in net/http Wednesday February 18th, 2026
CVE-2025-1735 pgsql extension does not check for errors during escaping Wednesday February 18th, 2026
CVE-2025-57052 cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters. Wednesday February 18th, 2026
CVE-2025-21761 openvswitch: use RCU protection in ovs_vport_cmd_fill_info() Wednesday February 18th, 2026
CVE-2024-2313 If kernel headers need to be extracted bpftrace will attempt to load them from a temporary directory. An unprivileged attacker could use this to force bcc to load compromised linux headers. Linux distributions which provide kernel headers by default are not affected by default. Wednesday February 18th, 2026
CVE-2023-27534 A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user. Wednesday February 18th, 2026
CVE-2025-5455 Possible denial of service when passing malformed data in a URL to qDecodeDataUrl Wednesday February 18th, 2026
CVE-2025-6491 NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix Wednesday February 18th, 2026
CVE-2025-21794 HID: hid-thrustmaster: fix stack-out-of-bounds read in usb_check_int_endpoints() Wednesday February 18th, 2026
CVE-2024-53150 ALSA: usb-audio: Fix out of bounds reads when finding clock sources Wednesday February 18th, 2026
CVE-2024-50059 ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition Wednesday February 18th, 2026
CVE-2025-21722 nilfs2: do not force clear folio if buffer is referenced Wednesday February 18th, 2026
CVE-2019-10638 In the Linux kernel before 5.1.7 a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g. UDP and ICMP). When such traffic is sent to multiple destination IP addresses it is possible to obtain hash collisions (of indices to the counter array) and thereby obtain the hashing key (via enumeration). An attack may be conducted by hosting a crafted web page that uses WebRTC or gQUIC to force UDP traffic to attacker-controlled IP addresses. Wednesday February 18th, 2026
CVE-2023-52434 smb: client: fix potential OOBs in smb2_parse_contexts() Wednesday February 18th, 2026
CVE-2016-9840 inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic Wednesday February 18th, 2026
CVE-2024-45310 runc can be confused to create empty files/directories on the host Wednesday February 18th, 2026
CVE-2024-26582 net: tls: fix use-after-free with partial reads and async decrypt Wednesday February 18th, 2026
CVE-2023-27536 An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed. Wednesday February 18th, 2026
CVE-2023-46853 In Memcached before 1.6.22 an off-by-one error exists when processing proxy requests in proxy mode if \n is used instead of \r\n. Wednesday February 18th, 2026
CVE-2024-11584 cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands. Wednesday February 18th, 2026
CVE-2024-26928 smb: client: fix potential UAF in cifs_debug_files_proc_show() Wednesday February 18th, 2026
CVE-2025-39713 media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() Wednesday February 18th, 2026
CVE-2024-26585 tls: fix race between tx work scheduling and socket close Wednesday February 18th, 2026
CVE-2023-46852 In Memcached before 1.6.22 a buffer overflow exists when processing multiget requests in proxy mode if there are many spaces after the "get" substring. Wednesday February 18th, 2026
CVE-2024-49907 drm/amd/display: Check null pointers before using dc->clk_mgr Wednesday February 18th, 2026
CVE-2024-6174 When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration. Wednesday February 18th, 2026
CVE-2023-28938 Uncontrolled resource consumption in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a priviledged user to potentially enable denial of service via local access. Wednesday February 18th, 2026
CVE-2021-22918 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo(). Wednesday February 18th, 2026
CVE-2024-46981 Redis' Lua library commands may lead to remote code execution Wednesday February 18th, 2026
CVE-2025-32990 Gnutls: vulnerability in gnutls certtool template parsing Wednesday February 18th, 2026
CVE-2023-28736 Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. Wednesday February 18th, 2026
CVE-2023-52979 squashfs: harden sanity check in squashfs_read_xattr_id_table Wednesday February 18th, 2026
CVE-2022-23806 Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x before 1.17.7 can incorrectly return true in situations with a big.Int value that is not a valid field element. Wednesday February 18th, 2026
CVE-2025-21729 wifi: rtw89: fix race between cancel_hw_scan and hw_scan completion Wednesday February 18th, 2026
CVE-2024-57975 btrfs: do proper folio cleanup when run_delalloc_nocow() failed Wednesday February 18th, 2026
CVE-2020-25657 A flaw was found in all released versions of m2crypto where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality. Wednesday February 18th, 2026
CVE-2024-26982 Squashfs: check the inode number is not the invalid value of zero Wednesday February 18th, 2026
CVE-2024-28110 Go SDK for CloudEvents's use of WithRoundTripper to create a Client leaks credentials Wednesday February 18th, 2026
CVE-2022-43552 A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET curl would use a heap-allocated struct after it had been freed in its transfer shutdown code path. Wednesday February 18th, 2026
CVE-2016-9179 It was found that Lynx doesn't parse the authority component of the URL correctly Wednesday February 18th, 2026
CVE-2025-4563 Nodes can bypass dynamic resource allocation authorization checks Wednesday February 18th, 2026
CVE-2024-46729 drm/amd/display: Fix incorrect size calculation for loop Wednesday February 18th, 2026
CVE-1999-0817 Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet. Wednesday February 18th, 2026
CVE-2025-4598 Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump Wednesday February 18th, 2026
CVE-2024-53103 hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer Wednesday February 18th, 2026
CVE-2025-25724 list_item_verbose in tar/util.c in libarchive through 3.7.7 does not check an strftime return value, which can lead to a denial of service or unspecified other impact via a crafted TAR archive that is read with a verbose value of 2. For example, the 100-byte buffer may not be sufficient for a custom locale. Wednesday February 18th, 2026
CVE-2022-33099 An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. Wednesday February 18th, 2026
CVE-2025-21753 btrfs: fix use-after-free when attempting to join an aborted transaction Wednesday February 18th, 2026
CVE-2023-27537 A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads but there was no indication of this fact in the documentation. Due to missing mutexes or thread locks two threads sharing the same HSTS data could end up doing a double-free or use-after-free. Wednesday February 18th, 2026
CVE-2024-27308 Mio's tokens for named pipes may be delivered after deregistration Wednesday February 18th, 2026
CVE-2024-3567 Qemu-kvm: net: assertion failure in update_sctp_checksum() Wednesday February 18th, 2026
CVE-2025-21739 scsi: ufs: core: Fix use-after free in init error and remove paths Wednesday February 18th, 2026
CVE-2024-53156 wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() Wednesday February 18th, 2026
CVE-2021-40633 A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or denial of service via a gif format file. Wednesday February 18th, 2026
CVE-2017-14867 Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. Wednesday February 18th, 2026
CVE-2022-28805 singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code. Wednesday February 18th, 2026
CVE-2015-8472 Buffer overflow in libpng allows remote attackers to cause a denial of service Wednesday February 18th, 2026
CVE-2023-23916 An allocation of resources without limits or throttling vulnerability exists in curl Wednesday February 18th, 2026
CVE-2023-45322 libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when memory allocations fail." Wednesday February 18th, 2026
CVE-2023-6693 Qemu: virtio-net: stack buffer overflow in virtio_net_flush_tx() Wednesday February 18th, 2026
CVE-2023-3750 Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service Wednesday February 18th, 2026
CVE-2026-0102 Microsoft Edge (Chromium-based) Defense in Depth Vulnerability Tuesday February 17th, 2026
CVE-2026-21517 Windows App for Mac Installer Elevation of Privilege Vulnerability Friday February 13th, 2026
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability Wednesday February 11th, 2026
CVE-2026-21243 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Tuesday February 10th, 2026
CVE-2026-21238 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21241 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21237 Windows Subsystem for Linux Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21251 Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21256 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability Tuesday February 10th, 2026
CVE-2023-2804 Red Hat, Inc. CVE-2023-2804: Heap Based Overflow libjpeg-turbo Tuesday February 10th, 2026
CVE-2026-21517 Windows App for Mac Installer Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2024-30098 Windows Cryptographic Services Security Feature Bypass Vulnerability Tuesday February 10th, 2026
CVE-2016-9535 MITRE CVE-2016-9535: LibTIFF Heap Buffer Overflow Vulnerability Tuesday February 10th, 2026
CVE-2025-2884 Cert CC: CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation Tuesday February 10th, 2026
CVE-2026-21257 GitHub Copilot and Visual Studio Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21519 Desktop Window Manager Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21518 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability Tuesday February 10th, 2026
CVE-2026-21246 Windows Graphics Component Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21242 Windows Subsystem for Linux Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21235 Windows Graphics Component Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21516 GitHub Copilot for Jetbrains Remote Code Execution Vulnerability Tuesday February 10th, 2026
CVE-2026-21236 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21234 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-23655 Microsoft ACI Confidential Containers Information Disclosure Vulnerability Tuesday February 10th, 2026
CVE-2026-21525 Windows Remote Access Connection Manager Denial of Service Vulnerability Tuesday February 10th, 2026
CVE-2026-21523 GitHub Copilot and Visual Studio Code Remote Code Execution Vulnerability Tuesday February 10th, 2026
CVE-2026-21537 Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability Tuesday February 10th, 2026
CVE-2026-21522 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-21533 Windows Remote Desktop Services Elevation of Privilege Vulnerability Tuesday February 10th, 2026
CVE-2026-0391 Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability Thursday February 5th, 2026
Chromium: CVE-2026-1504 Inappropriate implementation in Background Fetch API Friday January 30th, 2026
CVE-2026-20960 PowerApps Desktop Client Remote Code Execution Vulnerability Thursday January 29th, 2026
CVE-2026-20805 Desktop Window Manager Information Disclosure Vulnerability Tuesday January 27th, 2026
CVE-2026-24304 Azure Resource Manager Elevation of Privilege Vulnerability Thursday January 22nd, 2026
CVE-2026-21221 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Tuesday January 20th, 2026
CVE-2026-20943 Microsoft Office Click-To-Run Remote Code Execution Vulnerability Tuesday January 20th, 2026
CVE-2026-20830 Capability Access Management Service (camsvc) Elevation of Privilege Vulnerability Tuesday January 20th, 2026
CVE-2026-20943 Microsoft Office Click-To-Run Remote Code Execution Vulnerability Tuesday January 20th, 2026
CVE-2026-20805 Desktop Window Manager Information Disclosure Vulnerability Tuesday January 20th, 2026
Chromium: CVE-2026-0903 Insufficient validation of untrusted input in Downloads Friday January 16th, 2026
CVE-2026-21223 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability Friday January 16th, 2026