Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13551
Total
895
Critical
3928
High
4272
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-31400 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cache_request leak in cache_release When a reader's file descriptor is closed while in … | Apr 03, 2026 |
| CVE-2026-31399 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use … | Apr 03, 2026 |
| CVE-2026-31398 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by … | Apr 03, 2026 |
| CVE-2026-31397 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix use of NULL folio in move_pages_huge_pmd() move_pages_huge_pmd() handles UFFDIO_MOVE for both normal THPs … | Apr 03, 2026 |
| CVE-2026-31396 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening … | Apr 03, 2026 |
| CVE-2026-31395 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: bnxt_en: fix OOB access in DBG_BUF_PRODUCER async event handler The ASYNC_EVENT_CMPL_EVENT_ID_DBG_BUF_PRODUCER handler in bnxt_async_event_process() uses … | Apr 03, 2026 |
| CVE-2026-31394 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations ieee80211_chan_bw_change() iterates all stations and accesses link->reserved.oper … | Apr 03, 2026 |
| CVE-2026-31393 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access l2cap_information_rsp() checks that cmd_len covers the fixed … | Apr 03, 2026 |
| CVE-2026-31392 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 … | Apr 03, 2026 |
| CVE-2026-31391 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid … | Apr 03, 2026 |
| CVE-2026-31390 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xe_vm_madvise_ioctl When check_bo_args_are_sane() validation fails, jump to the new free_vmas … | Apr 03, 2026 |
| CVE-2026-31389 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also … | Apr 03, 2026 |
| CVE-2026-27124 | UNKNOWN | — | FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP … | Apr 03, 2026 |
| CVE-2026-25118 | UNKNOWN | — | immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a … | Apr 03, 2026 |
| CVE-2026-25044 | UNKNOWN | — | Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User … | Apr 03, 2026 |
| CVE-2026-25043 | MEDIUM | 5.3 | Budibase is an open-source low-code platform. Prior to version 3.23.25, a business logic vulnerability exists in Budibase’s password reset functionality due to the absence of … | Apr 03, 2026 |
| CVE-2026-23475 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller … | Apr 03, 2026 |
| CVE-2026-23474 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, … | Apr 03, 2026 |
| CVE-2026-23473 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown() … | Apr 03, 2026 |
| CVE-2026-23472 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when … | Apr 03, 2026 |
| CVE-2026-23471 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug When trying to do … | Apr 03, 2026 |
| CVE-2026-23470 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence The soft reset sequence is currently executed from … | Apr 03, 2026 |
| CVE-2026-23469 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether … | Apr 03, 2026 |
| CVE-2026-23468 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary … | Apr 03, 2026 |
| CVE-2026-23467 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe intel_dmc_update_dc6_allowed_count() oopses when DMC hasn't been … | Apr 03, 2026 |