Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20896
Total
1510
Critical
6356
High
6618
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-52964 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans The USB MIDI 2.0 endpoint parser has … | Jun 24, 2026 |
| CVE-2026-52963 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Bound MIDI endpoint descriptor scans snd_usbmidi_get_ms_info() validates the internal MIDIStreaming endpoint descriptor size … | Jun 24, 2026 |
| CVE-2026-52962 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in __ceph_setxattr() The old_blob in __ceph_setxattr() can store ci->i_xattrs.prealloc_blob value … | Jun 24, 2026 |
| CVE-2026-52961 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size The generic/642 test-case can reproduce … | Jun 24, 2026 |
| CVE-2026-52960 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ceph: put folios not suitable for writeback The batch holds references to the folios (see … | Jun 24, 2026 |
| CVE-2026-52959 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended … | Jun 24, 2026 |
| CVE-2026-52958 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmap_decode() When decoding osd_state and osd_weight from an incoming … | Jun 24, 2026 |
| CVE-2026-52957 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decode_choose_args() A message of type CEPH_MSG_OSD_MAP contains an OSD map … | Jun 24, 2026 |
| CVE-2026-52956 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in __ceph_x_decrypt() In __ceph_x_decrypt(), a part of the buffer p … | Jun 24, 2026 |
| CVE-2026-52955 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crush_decode() A message of type CEPH_MSG_OSD_MAP containing a crush … | Jun 24, 2026 |
| CVE-2026-52954 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decode_choose_args() A message of type CEPH_MSG_OSD_MAP contains an OSD … | Jun 24, 2026 |
| CVE-2026-52953 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU … | Jun 24, 2026 |
| CVE-2026-52952 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARN_ON in __iommu_group_set_domain_nofail() due to reset In __iommu_group_set_domain_internal(), concurrent domain attachments are rejected … | Jun 24, 2026 |
| CVE-2026-52951 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here … | Jun 24, 2026 |
| CVE-2026-52950 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed … | Jun 24, 2026 |
| CVE-2026-52949 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttm_bo_shrink() infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad … | Jun 24, 2026 |
| CVE-2026-52948 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl While fuzzing with Syzkaller, a persistent `schedule_timeout: … | Jun 24, 2026 |
| CVE-2026-52947 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove In qrtr_port_remove(), the socket reference … | Jun 24, 2026 |
| CVE-2026-52946 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling A SOFTIRQ-safe to SOFTIRQ-unsafe lock order deadlock … | Jun 24, 2026 |
| CVE-2026-52945 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Revert "wireguard: device: enable threaded NAPI" This reverts commit 933466fc50a8e4eb167acbd0d8ec96a078462e9c which is commit db9ae3b6b43c79b1ba87eea849fd65efa05b4b2e upstream. … | Jun 24, 2026 |
| CVE-2026-13164 | UNKNOWN | — | Missing Authentication for Critical Function (CWE-306) in the RegisterView (apps/accounts/views.py), exposed at POST /api/auth/register/, in MailerUp <1.0.1 allows a remote, unauthenticated attacker to self-register a … | Jun 24, 2026 |
| CVE-2026-56121 | CRITICAL | 9.8 | Feast before 0.63.0 contains an unsafe deserialization vulnerability that allows unauthenticated or unauthorized attackers to achieve remote code execution by sending a crafted gRPC request … | Jun 24, 2026 |
| CVE-2026-56119 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 24, 2026 |
| CVE-2026-56118 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jun 24, 2026 |
| CVE-2026-56111 | CRITICAL | 9.1 | Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESH_BED_LEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows … | Jun 24, 2026 |