206304 matches found
CVE-2026-53119
A flaw was found in the Linux kernel's platform/wmi component. A vulnerability exists where a driver's match function can access memory after it has been freed Use-After-Free, due to improper locking during driver probing. This could allow an attacker to execute arbitrary code or cause the system...
CVE-2026-53075
A flaw was found in the Linux kernel's Point-to-Point Protocol PPP subsystem. A local unprivileged user can exploit this vulnerability by creating a new user namespace and bypassing authorization checks for unattached administrative input/output controls ioctls. This allows the user to perform...
CVE-2026-53073
A flaw was found in the Linux kernel's Bluetooth Host Controller Interface HCI Universal Asynchronous Receiver/Transmitter UART driver. When the hciregisterdev function fails, a flag indicating protocol initialization is not properly cleared. This oversight allows incoming UART data to be process...
CVE-2026-53074
A flaw was found in the Linux kernel's BPF Berkeley Packet Filter subsystem. Specifically, the bpfprogtestrunskb function, responsible for testing BPF programs with network packets, did not properly validate the length of IPv4 and IPv6 inputs. This could allow the kernel to attempt to access...
CVE-2026-53078
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF socket operations sockops program. When a BPF sockops program accesses context fields with the same destination and source registers, certain macros fail to properly clear the destination register. This can lead to a...
CVE-2026-53076
A flaw was found in the Linux kernel. This vulnerability, located in the BPF Berkeley Packet Filter subsystem, involves an out-of-bounds read when data is copied between specific types of BPF maps. The system incorrectly handles data sizes that are not aligned to a specific memory boundary, causi...
CVE-2026-53094
A flaw was found in the Linux kernel's Berkeley Packet Filter BPF component. When a dev-bound-only BPF program undergoes Just-In-Time JIT compilation with constant blinding enabled, a stale pointer to a freed program can occur. This issue arises when the network namespace is destroyed, leading to...
CVE-2026-53071
A flaw was found in the Linux kernel's Bluetooth Logical Link Control and Adaptation Protocol L2CAP implementation. A remote Bluetooth Low Energy BLE device can exploit this by sending a specially crafted L2CAP ECRED reconfiguration response. This can lead to the corruption of the channel list,...
CVE-2026-53115
A flaw was found in the Linux kernel's fsl-mc bus driver. During the driver probing process, a Use-After-Free UAF vulnerability can occur because the match callback accesses the driveroverride field without proper locking. This can lead to system instability or potentially allow an attacker to...
CVE-2026-53116
A flaw was found in the Linux kernel's s390/ap driver. A race condition occurs when AP masks are updated, leading to aprevisereserved accessing the driveroverride field without proper locking. This can result in a Use-After-Free UAF vulnerability, where memory is accessed after it has been freed...
CVE-2026-53118
A flaw was found in the Linux kernel's vdpa driver. This vulnerability occurs because a specific field, driveroverride, is accessed without proper locking during the driver's initialization process. An attacker could exploit this Use-After-Free UAF condition to potentially execute arbitrary code ...
CVE-2026-53105
A flaw was found in the Linux kernel's Wi-Fi subsystem, specifically within the mt76: mt7925 driver. This vulnerability occurs due to a missing check for a NULL 'vif' Virtual Interface before it is accessed. An attacker could potentially trigger a kernel panic by exploiting scenarios where the...
CVE-2026-53261
A flaw was found in the devlink component of the Linux kernel. This issue occurs when a devlink instance acquires a nested relation but fails to register, leading to a resource leak. This can result in system instability or a denial of service DoS over time due to resource exhaustion...
CVE-2026-53274
A flaw was found in the Linux kernel's net/smc component. A local unprivileged user can exploit a logic flaw, specifically a 'sleep-inside-lock' issue within the smcsetsockopt function. By providing a specially crafted memory page, an attacker can cause the system to halt execution, leading to a...
CVE-2026-53212
A flaw was found in the Linux kernel's netfilter component, specifically within the nfttunnel module. This vulnerability occurs due to a use-after-free error when an object is destroyed, where memory is prematurely deallocated while still being referenced by queued network packets. This can lead ...
CVE-2026-53225
A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted, truncated ASCONF Address Configuration chunk. This can cause the system to read up to 16 bytes of...
CVE-2026-53259
A flaw was found in the Linux kernel, specifically within its management of IPv6 anycast addresses. A timing issue, known as a race condition, can occur when these addresses are added and removed from a system's internal list. This can lead to the system attempting to access memory that has alrea...
CVE-2026-53275
A flaw was found in the Linux kernel's IPv6 multicast mcast component. When processing Multicast Listener Discovery MLD queries, a pointer to the multicast group address is not correctly reloaded after certain packet manipulations. This can lead to a use-after-free vulnerability, potentially...
CVE-2026-53264
A flaw was found in the Linux kernel's networking scheduler. A race condition, which is a problem that occurs when multiple operations try to access the same resource at the same time, exists when network filter operations are run concurrently. This can lead to a Use-After-Free UAF vulnerability,...
CVE-2026-53270
A flaw was found in the Linux kernel's IP Virtual Server IPVS component. During the ipvseditservice operation, the svc-scheduler pointer is cleared too late when unbinding an old scheduler. This improper handling allows packets to access previously freed scheduler data, leading to a use-after-fre...
CVE-2026-54273
A flaw was found in AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python. An attacker could exploit this vulnerability by sending an unlimited number of pipelined requests, causing the system to consume excessive amounts of memory. This could lead to a Denial of Service Do...
CVE-2026-54274
A flaw was found in aiohttp, an asynchronous HTTP client/server framework. An attacker can exploit this vulnerability by sending large, incomplete websocket frame payloads. This can bypass normal memory usage limits, potentially leading to a Denial of Service DoS where the affected system becomes...
CVE-2026-54275
A flaw was found in aiohttp, an asynchronous HTTP client/server framework. This vulnerability allows a remote attacker to bypass the Transport Layer Security TLS Server Name Indication SNI check. This occurs when an application reuses an existing connection for multiple requests to the same domai...
CVE-2026-54277
A flaw was found in aiohttp, an asynchronous HTTP client/server framework for Python. A remote attacker can exploit this vulnerability by sending oversized lines within an HTTP request. This bypasses the maxlinesize check in the C parser, causing the system to use an excessive amount of memory...
CVE-2026-54278
A flaw was found in aiohttp, an asynchronous HTTP client/server framework. An attacker could send a specially crafted compressed request body that, during cleanup, would be decompressed into memory in one large chunk. This could potentially lead to a Denial of Service DoS condition, where the...
CVE-2026-54293
A flaw was found in NLTK Natural Language Toolkit. The nltk.data.load function is vulnerable to path traversal when processing specially crafted nltk: URLs. An attacker can exploit a decode-after-check flaw, where URL-encoded path separators and traversal segments bypass security checks. This...
CVE-2026-54906
A flaw was found in concurrent-ruby, a Ruby library for managing concurrent operations. The Concurrent::ReadWriteLock component contains a synchronization issue where write locks can be released by unauthorized threads. This could allow multiple threads to write concurrently, potentially leading ...
CVE-2026-54904
A flaw was found in concurrent-ruby. A remote attacker could exploit a vulnerability in the Concurrent::AtomicReferenceupdate method, which can enter a permanent busy retry loop. This occurs when the current value is a special 'Not a Number' Float::NAN floating-point value, causing the method to...
CVE-2026-57062
A flaw in GnuPG's gpgsm component improperly handles the Cryptographic Message Syntax CMS format for AES-GCM. By accepting an authentication tag length of 4 bytes instead of the required 12 bytes, this vulnerability allows for a low-impact data integrity issue where the cryptographic validity of...
CVE-2026-57236
A flaw was found in Nokogiri, an XML and HTML library for Ruby. When an attacker provides an invalid encoding to the Documentencoding= function, the library frees the document's current encoding string without replacing it. This leaves the document referencing freed memory, which can lead to a...
CVE-2026-9799
A flaw was found in org.keycloak.authorization. An authenticated user with a granted User-Managed Access UMA permission ticket for one resource can exploit this by using a specific permission request prefix to bypass per-resource access control. This allows the user to gain unauthorized access to...
CVE-2026-9705
A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...
CVE-2026-9083
A flaw was found in Keycloak. A realm administrator with the "manage-realm" role can exploit this vulnerability by submitting an arbitrary filesystem path as a keystore parameter when creating a key provider component. This allows the administrator to probe arbitrary filesystem paths, determining...
CVE-2026-9099
A flaw was found in Keycloak. A missing authorization check in the GroupResource.addChild endpoint within the Admin REST API allows an authenticated user with limited administrative privileges to reparent any existing group. When Fine-Grained Admin Permissions v2 FGAPv2 is enabled, an attacker wi...
CVE-2026-9086
A flaw was found in Keycloak. A remote attacker with administrative privileges, specifically those with manage-client permission or access to client registration endpoints, could bypass client Uniform Resource Identifier URI validation. This is achieved by registering a malicious client with a...
CVE-2026-9800
A flaw was found in Keycloak Policy Enforcer. This vulnerability allows any authenticated user to bypass all authorization policies, including role, scope, and User-Managed Access UMA permission checks. By including the configured access-denied page path within a request URL, either as a path...
CVE-2026-54279
A flaw was found in aiohttp before 3.14.1. Host-only cookies saved with CookieJar.save and later restored with CookieJar.load lose their host-only flag, so cookies intended for a single host may be sent to subdomains after persistence...
CVE-2026-53124
A flaw was found in the ublk subsystem of the Linux kernel. When a ublk server fails to complete all I/O input/output operations, a per-I/O cancellation flag may remain set. This prevents the successful cancellation of outstanding I/O commands, potentially leading to resource exhaustion or a deni...
CVE-2026-53123
A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the raid456 reshape functionality. A local user could trigger a deadlock by freezing the reshape process and writing to the md/suspendlo or md/suspendhi files while direct I/O operations are in progress. This...
CVE-2026-53099
A flaw was found in the Linux kernel. The issue arises from an incorrect configuration option for Control-Flow Integrity CFI, a security mechanism designed to prevent certain types of attacks. Due to a naming change, the CFI code was not properly compiled, leading to its intended protections not...
CVE-2026-53098
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix use-after-free bugs in mt7915macdumpwork When the mt7915 pci chip is detaching, the mt7915crashdata is released in mt7915coredumpunregister. However, the work item dumpwork may still be running or pending,...
CVE-2026-53097
A flaw was found in the Linux kernel's mt7996 Wi-Fi driver. A use-after-free vulnerability exists in the mt7996macdumpwork function due to a race condition during the detachment of the mt7996 PCI chip. This can occur when mt7996crashdata is released while a related work item is still active,...
CVE-2026-12323
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Spoofing issue in the DOM: Core & HTML component...
CVE-2026-12322
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Clickjacking issue in the Widget: Gtk component...
CVE-2026-12321
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript: WebAssembly component...
CVE-2026-12320
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure in the Password Manager component...
CVE-2026-12317
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird 152...
CVE-2026-12319
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Audio/Video: Playback component...
CVE-2026-12318
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Libraries component in NSS...
CVE-2026-56121
A flaw was found in Feast. This vulnerability allows unauthenticated or unauthorized attackers to achieve remote code execution. By sending a specially crafted gRPC request to the registry server, attackers can exploit an unsafe deserialization process. This enables them to execute operating syst...