CVE-2025-71225

A race condition flaw was found in the Linux kernel's MD RAID1 driver. When updating the raiddisks count via sysfs during concurrent I/O errors, the freezearray function may return before all queued r1bio structures are released. This can cause freer1bio to access memory out of bounds and...

CVE-2026-23200

A kernel BUG assertion failure was found in the IPv6 routing code. When a static route is added with the same nexthop as an existing RA-learned route that has a gateway, the RTFADDRCONF flag is cleared, making the route ECMP-eligible without being in the fib6siblings list. This causes a sibling...

CVE-2026-23164

A flaw was found in the rocker component of the Linux kernel. This memory leak vulnerability allows a local attacker with low privileges to repeatedly add and remove ports. This action prevents memory from being properly freed, leading to memory exhaustion and a denial of service DoS on the syste...

PT-2026-6908

Name of the Vulnerable Software and Affected Versions Harden-Runner versions prior to 2.14.2 Description Harden-Runner, a CI/CD security agent functioning as an EDR for GitHub Actions runners, contained a security issue where outbound network connections could bypass audit logging. Specifically,...

CVE-2025-67645

creationtimestamp| type| source ---|---|--- 2026-01-28 00:52:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdh2nxqvfl22 2026-01-28 01:32:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdh4vf33q22g...

EUVD-2026-4298

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...

CVE-2026-22275

creationtimestamp| type| source ---|---|--- 2026-01-23 11:40:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md3mjds4is2r...

EUVD-2026-4487

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2026-21984

...

CVE-2026-21967

...

CVE-2026-21957

...

CVE-2026-21944

The CVE-2026-21944 affects Oracle Agile Product Lifecycle Management for Process (Product Quality Management component) with affected version 6.2.4. It describes a low-privilege attacker who can exploit over HTTP network access to gain unauthorized access to data. Affected status is supported by ...

CVE-2026-21943

CVE-2026-21943 affects Oracle E-Business Suite Scripting Admin in versions 12.2.3–12.2.15. An unauthenticated attacker with network access via HTTP can compromise Oracle Scripting, with human interaction required. Impact includes unauthorized updates, inserts, deletes, and read access to Oracle S...

CVE-2026-21940

...

CVE-2026-21936

...

CVE-2025-58923

creationtimestamp| type| source ---|---|--- 2026-01-20 20:22:11+00:00| seen| Telegram/0xDArAX3HG3crsZxcgbRQEYLhb2wCsLIArjPpvex34-6k...

CVE-2026-0823

creationtimestamp| type| source ---|---|--- 2026-01-16 15:30:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mckg5b4rn62c...

CVE-2026-23578

Not used...

CVE-2025-71132

A locking context bug was found in the Linux kernel's smc91x Ethernet driver on PREEMPTRT kernels. The smcspecialtrylock function disables IRQs but smcspecialunlock does not properly restore IRQs on PREEMPTRT. This mismatch causes RCU read unlock to fail in devqueuexmit, triggering a "workqueue...

EUVD-2026-2193

Out-of-bounds read in Windows TPM allows an authorized attacker to disclose information locally...