Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20806
Total
1504
Critical
6313
High
6591
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-53142 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/display: fix oops in suspend/shutdown without display The xe driver keeps track of whether to … | Jun 25, 2026 |
| CVE-2026-53141 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix global performance monitor reference counting In the SET_GLOBAL ioctl, v3d_perfmon_find() bumps the reference … | Jun 25, 2026 |
| CVE-2026-53140 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix vaddr leak when indirect CSD has zeroed workgroups v3d_rewrite_csd_job_wg_counts_from_indirect() maps both the indirect … | Jun 25, 2026 |
| CVE-2026-53139 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Skip CSD when it has zeroed workgroups A compute shader dispatch encodes its workgroup … | Jun 25, 2026 |
| CVE-2026-53138 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Bound VBIOS record-chain walk loops [Why & How] All record-chain walk loops in bios_parser.c … | Jun 25, 2026 |
| CVE-2026-53137 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size [Why & How] During HDCP 2.x … | Jun 25, 2026 |
| CVE-2026-53136 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Clamp VBIOS HDMI retimer register count to array size [Why & How] The VBIOS … | Jun 25, 2026 |
| CVE-2026-53135 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs [Why & How] dp_sdp_message_debugfs_write() dereferences … | Jun 25, 2026 |
| CVE-2026-53134 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_fib: fix stale stack leak via the OIFNAME register For NFT_FIB_RESULT_OIFNAME the destination register … | Jun 25, 2026 |
| CVE-2026-53133 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes >= 4G When the iommu is used the linearization … | Jun 25, 2026 |
| CVE-2026-53132 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential unbounded skb queue virtio_transport_inc_rx_pkt() checks vvs->rx_bytes + len > vvs->buf_alloc. virtio_transport_recv_enqueue() skips … | Jun 25, 2026 |
| CVE-2026-53131 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using eth_hdr() `ip6t_eui64`, `xt_mac`, the `bitmap:ip,mac`, `hash:ip,mac`, and `hash:mac` … | Jun 25, 2026 |
| CVE-2026-46752 | UNKNOWN | — | Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.0.4 through 2.15.0. Users are recommended to upgrade … | Jun 25, 2026 |
| CVE-2026-46751 | UNKNOWN | — | A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which fixes the … | Jun 25, 2026 |
| CVE-2026-45188 | UNKNOWN | — | Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.15.0. Users are recommended to upgrade to version 2.16.0, which … | Jun 25, 2026 |
| CVE-2026-41566 | UNKNOWN | — | Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: 2.8.0. Users are recommended to upgrade to version 2.16.0, … | Jun 25, 2026 |
| CVE-2026-56129 | MEDIUM | 5.5 | Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user … | Jun 25, 2026 |
| CVE-2026-12937 | HIGH | 7.5 | The Tourfic – AI Powered Travel Booking, Hotel Booking & Car Rental WordPress Plugin plugin for WordPress is vulnerable to generic SQL Injection via the … | Jun 25, 2026 |
| CVE-2026-9702 | HIGH | 7.5 | The InPost PL WordPress plugin before 1.9.1 does not verify that the request originates from the legitimate buyer before allowing the WooCommerce order parcel-locker destination … | Jun 25, 2026 |
| CVE-2026-5305 | HIGH | 8.8 | The Email Address Encoder WordPress plugin before 1.0.25, email-encoder-premium WordPress plugin before 0.3.12 does not properly handle email replacement, which could allow unauthenticated users to … | Jun 25, 2026 |
| CVE-2026-12490 | UNKNOWN | — | When a provide-xfr is given with a tls-auth-name, a secondary requesting a transfer should provide a client certificate with that name. However, no client certificate … | Jun 25, 2026 |
| CVE-2026-12246 | UNKNOWN | — | NSD version 4.14.0 introduced a bug where a specially crafted APL RR, with an adflength larger than permitted for the address family will overwrite the … | Jun 25, 2026 |
| CVE-2026-12245 | UNKNOWN | — | NSD from version 4.13.0 has a heap use-after-free bug in logging errors on TLS connections, causing a crash of the server process, which can be … | Jun 25, 2026 |
| CVE-2026-12244 | UNKNOWN | — | If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with … | Jun 25, 2026 |
| CVE-2026-10824 | MEDIUM | 6.5 | The Masteriyo LMS WordPress plugin before 2.2.1 does not perform authorization checks in a course-progress REST API controller, allowing unauthenticated users to read and permanently … | Jun 25, 2026 |