Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12565
Total
848
Critical
3603
High
3938
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-31389 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also … | Apr 03, 2026 |
| CVE-2026-27124 | UNKNOWN | — | FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, while testing the GitHubProvider OAuth integration, which allows authentication to a FastMCP … | Apr 03, 2026 |
| CVE-2026-25118 | UNKNOWN | — | immich is a high performance self-hosted photo and video management solution. Prior to version 2.6.0, the Immich application is vulnerable to credential disclosure when a … | Apr 03, 2026 |
| CVE-2026-25044 | UNKNOWN | — | Budibase is an open-source low-code platform. Prior to version 3.33.4, the bash automation step executes user-provided commands using execSync without proper sanitization or validation. User … | Apr 03, 2026 |
| CVE-2026-25043 | MEDIUM | 5.3 | Budibase is an open-source low-code platform. Prior to version 3.23.25, a business logic vulnerability exists in Budibase’s password reset functionality due to the absence of … | Apr 03, 2026 |
| CVE-2026-23475 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller … | Apr 03, 2026 |
| CVE-2026-23474 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, … | Apr 03, 2026 |
| CVE-2026-23473 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: fix multishot recv missing EOF on wakeup race When a socket send and shutdown() … | Apr 03, 2026 |
| CVE-2026-23472 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when … | Apr 03, 2026 |
| CVE-2026-23471 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug When trying to do … | Apr 03, 2026 |
| CVE-2026-23470 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence The soft reset sequence is currently executed from … | Apr 03, 2026 |
| CVE-2026-23469 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether … | Apr 03, 2026 |
| CVE-2026-23468 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary … | Apr 03, 2026 |
| CVE-2026-23467 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe intel_dmc_update_dc6_allowed_count() oopses when DMC hasn't been … | Apr 03, 2026 |
| CVE-2026-23466 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug (drm_dev_enter), … | Apr 03, 2026 |
| CVE-2026-23465 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a conflicting inode If we log … | Apr 03, 2026 |
| CVE-2026-23464 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe() In mpfs_sys_controller_probe(), if of_get_mtd_device_by_node() fails, the function … | Apr 03, 2026 |
| CVE-2026-23463 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq When QMAN_FQ_FLAG_DYNAMIC_FQID is set, there's a race … | Apr 03, 2026 |
| CVE-2026-23462 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2cap_conn … | Apr 03, 2026 |
| CVE-2026-23461 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user After commit ab4eedb790ca ("Bluetooth: L2CAP: Fix corrupted list in … | Apr 03, 2026 |
| CVE-2026-23460 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect syzkaller reported a bug [1], and … | Apr 03, 2026 |
| CVE-2026-23459 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ip_tunnel: adapt iptunnel_xmit_stats() to NETDEV_PCPU_STAT_DSTATS Blamed commits forgot that vxlan/geneve use udp_tunnel[6]_xmit_skb() which call iptunnel_xmit_stats(). … | Apr 03, 2026 |
| CVE-2026-23458 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data for the … | Apr 03, 2026 |
| CVE-2026-23457 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length header with … | Apr 03, 2026 |
| CVE-2026-23456 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls … | Apr 03, 2026 |