Lucene search
K

385 matches found

Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-56667 ZITADEL: Stored XSS via Default URI Redirect in Login V2

ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL Login V2 OIDC and SAML FailedPrecondition error paths return loginSettings.defaultRedirectUri to router.push without applying the isSafeRedirectUri check, allowing an organization or instance administrator to store a...

7.3CVSS0.00225EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-53156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlyi...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/26 8:17 p.m.5 views

DEBIAN-CVE-2026-53308

In the Linux kernel, the following vulnerability has been resolved: power: supply: max77705: Free allocated workqueue and fix removal order Use devm interface for allocating workqueue to fix two bugs at the same time: 1. Driver leaks the memory on remove, because the workqueue is not destroyed. 2...

5.5CVSS5.8AI score0.001EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 8:17 p.m.7 views

CVE-2026-53286

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 8:17 p.m.5 views

UBUNTU-CVE-2026-53313

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid NULL dereference in dcdmubsrv error paths In dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace. Both functions check: if !dcdmubsrv || !dcdmubsrv-dmub and then call DCLOGERROR inside that block...

5.5CVSS5.7AI score0.001EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 7:40 p.m.6 views

EUVD-2026-39891

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

5.8AI score0.00126EPSS
Exploits0References3
OSV
OSV
added 2026/06/26 7:40 p.m.3 views

CVE-2026-53286 idpf: fix double free and use-after-free in aux device error paths

In the Linux kernel, the following vulnerability has been resolved: idpf: fix double free and use-after-free in aux device error paths When auxiliarydeviceadd fails in idpfplugvportauxdev or idpfplugcoreauxdev, the errauxdevadd label calls auxiliarydeviceuninit and falls through to errauxdevinit...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References6
NVD
NVD
added 2026/06/25 9:16 a.m.5 views

CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS0.00125EPSS
Exploits0References4
OSV
OSV
added 2026/06/25 9:16 a.m.4 views

UBUNTU-CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/25 8:38 a.m.4 views

EUVD-2026-39247

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

5.7AI score0.00125EPSS
Exploits0References4
CVE
CVE
added 2026/06/25 8:38 a.m.11 views

CVE-2026-53156

The CVE-2026-53156 entry concerns a Linux kernel vmem core use-after-free in error paths. The description specifies that several error paths call __nvmem_device_put() which may free the underlying memory and other resources, and the code may continue to use the nvmem structure. The fix is to ensu...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.3 views

CVE-2026-53156

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: fix use-after-free bugs in error paths Fix several instances of error paths in which we call nvmemdeviceput - which may end up freeing the underlying memory and other resources - and then keep on using the nvmem...

7.8CVSS5.6AI score0.00125EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.13 views

PT-2026-52252

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Use-after-free bugs exist in the error paths of the nvmem core. The issue occurs when the nvmem device put function is called, potentially freeing underlying memory and resources, while...

7.8CVSS6AI score0.00125EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-53113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon...

6.1AI score0.00159EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53102

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix memory leak after mt76connacmcuallocstareq mt76connacmcuallocstareq allocates an skb which is expected to be freed eventually by mt76mcuskbsendmsg. However, currently if an intermediate function fails before...

0.00156EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38981

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

5.8AI score0.00159EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/24 4:29 p.m.4 views

CVE-2026-53000

In the Linux kernel, the following vulnerability has been resolved: netfilter: nat: use kfreercu to release ops Florian Westphal says: "Historically this is not an issue, even for normal base hooks: the data path doesn't use the original nfhookops that are used to register the callbacks. However,...

5.8AI score0.00123EPSS
Exploits0References4Affected Software1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: The function mostregisterinterface did not properly release resources if it failed early before registering the device. In such cases, it returned an error code immediately, causing the memory allocated for the interface to be...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.6 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Input: lkkbd – Disabling pending work before freeing the device. The lkkbdinterrupt function schedules the lk-tq queue via schedulework. The work handler lkkbdreinit dereferences the lkkbd structure and its serio/inputdev fields...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fixed the issue where the “ct” field was leaked during error paths. There are some situations where “ct” might be leaked because error paths skip the refcounted check and return immediately. To address thi...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References2
Rows per page
Query Builder