CVE-2026-45954

fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe...

CVE-2026-45943

erofs: fix inline data read failure for ztailpacking pclusters...

CVE-2026-45889

mptcp: do not account for OoO in mptcprcvbufgrow...

CVE-2026-45890

xen-netback: reject zero-queue configuration from guest...

CVE-2026-45965

apparmor: fix invalid deref of rawdata when exportbinary is unset...

CVE-2026-45936

power: supply: goldfish: Fix use-after-free in powersupplychanged...

CVE-2026-45857

scsi: csiostor: Fix dereference of null pointer rn...

CVE-2026-45974

btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found...

CVE-2026-46056

Bluetooth: hcievent: fix potential UAF in SSP passkey handlers...

CVE-2026-45885

power: supply: cpcap-battery: Fix use-after-free in powersupplychanged...

CVE-2026-46644

insecure equivalence in symfony/polyfill-intl-idn for ASCII-only xn-- labels...

CVE-2026-45925

thermal/of: Fix reference leak in thermalofcmlookup...

CVE-2026-45916

power: supply: sbs-battery: Fix use-after-free in powersupplychanged...

CVE-2026-46103

can: ucan: fix devres lifetime...

CVE-2026-46036

vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex...

CVE-2026-45867

power: supply: act8945a: Fix use-after-free in powersupplychanged...

CVE-2026-46052

ceph: only dadd negative dentries when they are unhashed...

CVE-2026-46096

tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic...

CVE-2026-46043

RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv...

CVE-2026-45972

smb: client: fix potential UAF and double free in smb2openfile...