Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10648
Total
723
Critical
3075
High
3393
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-41070 | CRITICAL | 10.0 | openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to before version … | May 08, 2026 |
| CVE-2026-34354 | HIGH | 7.4 | Akamai Guardicore Platform Agent (GPA) and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an IPC socket … | May 08, 2026 |
| CVE-2026-29975 | UNKNOWN | — | lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser (lwjson_stream.c). The end-of-string detection logic incorrectly identifies escaped quote characters by only … | May 08, 2026 |
| CVE-2026-29974 | UNKNOWN | — | An issue was discovered in kosma minmea 0.3.0. The minmea_scan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. … | May 08, 2026 |
| CVE-2026-29972 | UNKNOWN | — | nanoMODBUS through v1.22.0 has a stack-based buffer overflow in recv_read_registers_res() in nanomodbus.c. When a client calls nmbs_read_holding_registers() or nmbs_read_input_registers(), the library writes register data from … | May 08, 2026 |
| CVE-2026-44500 | MEDIUM | 5.3 | ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network version 6.0.0, … | May 08, 2026 |
| CVE-2026-44498 | UNKNOWN | — | ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit … | May 08, 2026 |
| CVE-2026-44497 | UNKNOWN | — | ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0 and prior to zebra-script version 6.0.0, the fix for CVE-2026-41583 introduced … | May 08, 2026 |
| CVE-2026-43475 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT This resolves the follow splat and lock-up … | May 08, 2026 |
| CVE-2026-43474 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: fs: init flags_valid before calling vfs_fileattr_get syzbot reported a uninit-value bug in [1]. Similar to … | May 08, 2026 |
| CVE-2026-43473 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Add NULL checks when resetting request and reply queues The driver encountered a … | May 08, 2026 |
| CVE-2026-43472 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: unshare: fix unshare_fs() handling There's an unpleasant corner case in unshare(2), when we have a … | May 08, 2026 |
| CVE-2026-43471 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix possible NULL pointer dereference in ufshcd_add_command_trace() The kernel log indicates a … | May 08, 2026 |
| CVE-2026-43470 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir If we found an alias … | May 08, 2026 |
| CVE-2026-43469 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: xprtrdma: Decrement re_receiving on the early exit paths In the event that rpcrdma_post_recvs() fails to … | May 08, 2026 |
| CVE-2026-43468 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix deadlock between devlink lock and esw->wq esw->work_queue executes esw_functions_changed_event_handler -> esw_vfs_changed_event_handler and acquires … | May 08, 2026 |
| CVE-2026-43467 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix crash when moving to switchdev mode When moving to switchdev mode when the … | May 08, 2026 |
| CVE-2026-43466 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix DMA FIFO desync on error CQE SQ recovery In case of a TX … | May 08, 2026 |
| CVE-2026-43465 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify … | May 08, 2026 |
| CVE-2026-43464 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: RX, Fix XDP multi-buf frag counting for legacy RQ XDP multi-buf programs can modify … | May 08, 2026 |
| CVE-2026-43463 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpc_kernel_lookup_peer() rxrpc_kernel_lookup_peer() can also return error pointers … | May 08, 2026 |
| CVE-2026-43462 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: net: spacemit: Fix error handling in emac_tx_mem_map() The DMA mappings were leaked on mapping error. … | May 08, 2026 |
| CVE-2026-43461 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: Fix DMA mapping error handling Fix three bugs in aml_sfc_dma_buffer_setup() error paths: … | May 08, 2026 |
| CVE-2026-43460 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix double-free in remove() callback The driver uses devm_spi_register_controller() for registration, which automatically … | May 08, 2026 |
| CVE-2026-43459 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-core: flush delayed work before removing DAIs and widgets When a sound card is … | May 08, 2026 |