CVE-2026-53160

A flaw was found in the Linux kernel's fastrpc component. A race condition in the fastrpcmapcreate function allows for a use-after-free vulnerability. This could enable an attacker to cause system instability, disclose sensitive information, or potentially execute unauthorized code...

CVE-2026-53192

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. A race condition can occur during the release of a timer object, specifically when the SNDRVTIMERIOCTLPARAMS ioctl is called concurrently. This can lead to a use-after-free vulnerability, potentially...

EUVD-2026-39563

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

EUVD-2026-39584

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

CVE-2026-52971

A flaw was found in the Linux kernel's Elastic Network Adapter ENA driver, specifically within the Precision Time Protocol Hardware Clock PHC timestamp retrieval function. A race condition exists where the gettimestamp function could attempt to access memory that has already been freed by the...

CVE-2026-52982

A flaw was found in the Linux kernel's USB network driver for Realtek RTL8150 devices. A race condition exists in the rtl8150startxmit function, where a network packet's data buffer can be released prematurely. This can lead to a 'use-after-free' vulnerability, allowing the system to attempt to...

CVE-2026-53005

A flaw was found in the Linux kernel's afunix component, specifically within its SOCKMAP feature. This vulnerability stems from the kernel's improper handling of Socket Control Message SCM attributes when data is passed to the SOCKMAP layer. This can lead to a use-after-free condition, which may...

CVE-2026-53072

A flaw was found in the Linux kernel's Bluetooth subsystem. Improper handling of locking within the hciconnrequestevt function, particularly when the HCIPROTODEFER protocol is active, can result in a Use-After-Free UAF vulnerability. This condition arises when a connection object is accessed afte...

CVE-2026-53117

A flaw was found in the Linux kernel, specifically within the s390/cio component. When a driver is being probed, a race condition can occur where the driveroverride field is accessed without proper locking. This can lead to a Use-After-Free UAF vulnerability, which may result in system instabilit...

CVE-2026-53006

A flaw was found in the Linux kernel's IPv6 Internet Protocol version 6 implementation. This vulnerability, a Use-After-Free UAF error, occurs due to incorrect caching of network packet addresses before a memory operation. An attacker could potentially exploit this flaw to cause memory corruption...

CVE-2026-13282

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

EUVD-2026-31389

golang.org/x/crypto/ssh/agent doesn't enforce invoking key constraints...

CVE-2026-13283

The CVE-2026-13283 vulnerability affects Google Chrome on Android (Android builds) in the AdFilter component. It is caused by a use-after-free condition, allowing a remote attacker to trigger arbitrary code execution when a user is convinced to perform specific UI gestures on a crafted HTML page....

CVE-2026-13283

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-13282

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

CVE-2026-13282

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

CVE-2026-13282

CVE-2026-13282 concerns a use-after-free in the Payments component of Google Chrome on Android prior to version 149.0.7827.201 . The root cause is a heap corruption condition exposed by a local attacker with physical device access, as described in multiple sources. Affected software is Chrome on ...

CVE-2026-52973

A flaw was found in the Linux kernel's futex subsystem. The needfutexhashallocatedefault function incorrectly relies on CLONETHREAD semantics, which can lead to non-concurrency issues when memory allocations mm-futexref pcpu allocations are shared across CLONEVM clones, excluding vfork. This can...

EUVD-2026-39554

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...

CVE-2026-7531

Use-after-free in PQC hybrid key-share handling. This is an incomplete-fix follow-up to CVE-2026-5460 released in 5.9.1: a malicious TLS 1.3 server sending a truncated PQC hybrid KeyShare can still trigger the error cleanup path to operate on freed memory...