Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
21003
Total
1519
Critical
6392
High
6662
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-52932 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: xfrm: ipcomp: Free destination pages on acomp errors Move the out_free_req label up by a … | Jun 24, 2026 |
| CVE-2026-52931 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: tp_meter: avoid use of uninit sender vars batadv_tp_recv_ack() and batadv_tp_stop() are only valid for … | Jun 24, 2026 |
| CVE-2026-52930 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ipc/shm: serialize orphan cleanup with shm_nattch updates shm_destroy_orphaned() walks the shm idr under shm_ids(ns).rwsem, but … | Jun 24, 2026 |
| CVE-2026-52929 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADD_OUT_STREAMS is denied, SCTP only shrinks … | Jun 24, 2026 |
| CVE-2026-52928 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: af_unix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the … | Jun 24, 2026 |
| CVE-2026-52927 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix OOB read in compat_mtw_from_user Luxiao Xu says: The function compat_mtw_from_user() converts ebtables … | Jun 24, 2026 |
| CVE-2026-52926 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: clear current gateway during teardown batadv_gw_node_free() removes the gateway list entries during mesh teardown, … | Jun 24, 2026 |
| CVE-2026-52925 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: vrf: Fix a potential NPD when removing a port from a VRF RCU readers that … | Jun 24, 2026 |
| CVE-2026-52924 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctp_stream_update() is only invoked when the association is … | Jun 24, 2026 |
| CVE-2026-52923 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ipc: limit next_id allocation to the valid ID range The checkpoint/restore sysctl path can request … | Jun 24, 2026 |
| CVE-2026-52922 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: dat: handle forward allocation error batadv_dat_forward_data() calls pskb_copy_for_clone() to duplicate an skb for each … | Jun 24, 2026 |
| CVE-2026-52921 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: stop hash:* range iteration at end The following hash set variants: hash:ip,mark hash:ip,port … | Jun 24, 2026 |
| CVE-2026-52920 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_policy: fix strict mode inbound policy matching match_policy_in() walks sec_path entries from the last … | Jun 24, 2026 |
| CVE-2026-52919 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix tp_meter counter underflow during shutdown batadv_tp_sender_shutdown() unconditionally decrements the "sending" atomic counter. If … | Jun 24, 2026 |
| CVE-2026-52918 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize accept_q access bt_sock_poll() walks the accept queue without synchronization, while child teardown can … | Jun 24, 2026 |
| CVE-2026-52917 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: sctp: diag: reject stale associations in dump_one path The SCTP exact sock_diag lookup can hold … | Jun 24, 2026 |
| CVE-2026-52916 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: frag: disallow unicast fragment in fragment batadv_frag_skb_buffer() is called by batadv_batman_skb_recv() when a BATADV_UNICAST_FRAG … | Jun 24, 2026 |
| CVE-2026-52915 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_hbh: reject oversized option lists struct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors, but … | Jun 24, 2026 |
| CVE-2026-52914 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounting batman-adv keeps a running payload length for queued fragments … | Jun 24, 2026 |
| CVE-2026-52913 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: v: stop OGMv2 on disabled interface When a batadv_hard_iface is disabled, its mesh_iface pointer … | Jun 24, 2026 |
| CVE-2026-52912 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_queue: hold bridge skb->dev while queued br_pass_frame_up() rewrites skb->dev from the ingress port to … | Jun 24, 2026 |
| CVE-2026-9724 | MEDIUM | 4.3 | The MotorDesk plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or … | Jun 24, 2026 |
| CVE-2026-9721 | MEDIUM | 4.3 | The Book a Room Event Calendar plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9. This is … | Jun 24, 2026 |
| CVE-2026-9710 | HIGH | 7.7 | The Cornerstone WordPress plugin before 7.8.8 does not enforce capability checks on one of its CSS-preview request handlers, and exposes the nonce needed to call … | Jun 24, 2026 |
| CVE-2026-9709 | HIGH | 7.7 | The Cornerstone WordPress plugin before 7.8.9 does not enforce capability checks on one of its REST API routes, allowing any authenticated user to disclose the … | Jun 24, 2026 |