CVE-2026-48961

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

CVE-2026-48959

IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes per iteration...

CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

CVE-2026-46030

EDAC/versalnet: Fix devicenode leak in mcprobe...

CVE-2026-46042

mm/mempolicy: fix memory leaks in weightedinterleaveautostore...

CVE-2026-45932

bpf: Fix tcx/netkit detach permissions when prog fd isnt given...

CVE-2026-46094

ext4: fix bounds check in checkxattrs to prevent out-of-bounds access...

CVE-2026-45947

drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc...

CVE-2026-45951

bpf: Fix a potential use-after-free of BTF object...

CVE-2026-45908

accel/amdxdna: Fix memory leak in amdxdnaubufmap...

CVE-2026-45852

RDMA/rxe: Fix double free in rxesrqfrominit...

CVE-2026-46034

vfio/cdx: Fix NULL pointer dereference in interrupt trigger path...

CVE-2026-45991

udf: fix partition descriptor append bookkeeping...

CVE-2026-46009

PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown...

CVE-2026-46096

tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic...

CVE-2026-46070

md/raid5: validate payload size before accessing journal metadata...

CVE-2026-45990

slub: fix data loss and overflow in krealloc...

CVE-2026-46005

xfs: fix a resource leak in xfsallocbuftarg...

CVE-2026-46041

greybus: gb-beagleplay: fix sleep in atomic context in hdlctxframes...

CVE-2026-46002

ext2: reject inodes with zero inlink and valid mode in ext2iget...

CVE-2026-46099

net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels...

CVE-2025-71307

drm/panthor: Fix NULL pointer dereference on panthorfwunplug...

CVE-2026-45971

bpf: Limit bpf program signature size...

CVE-2026-45862

iommu/vt-d: Flush cache for PASID table before using it...

CVE-2026-45895

quota: fix livelock between quotactl and freezesuper...

CVE-2026-45878

drm/amdkfd: Fix watchid bounds checking in debug address watch v2...

CVE-2026-45930

net: mctp: ensure our nlmsg responses are initialised...

CVE-2026-46017

mm: fix deferred split queue races during migration...

CVE-2026-45968

cpuidle: Skip governor when only one idle state is available...

CVE-2026-46007

hwmon: powerz Avoid cacheline sharing for DMA buffer...

CVE-2026-45944

iommu/vt-d: Clear Present bit before tearing down context entry...

CVE-2026-46095

md/md-llbitmap: raise barrier before state machine transition...

CVE-2026-45949

hwrng: core - use RCU and workstruct to fix race condition...

CVE-2026-46036

vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex...

CVE-2026-46066

ceph: fix numops off-by-one when crypto allocation fails...

CVE-2026-45921

mtd: parsers: Fix memory leak in mtdparsertplinksafeloaderparse...

CVE-2026-45952

eth: fbnic: Add validation for MTU changes...

CVE-2026-45841

netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO...

CVE-2026-45903

bpf: Fix memory access flags in helper prototypes...

CVE-2026-45857

scsi: csiostor: Fix dereference of null pointer rn...

CVE-2026-45933

bpf: Preserve id of register in synclinkedregs...

CVE-2026-45975

ublk: use READONCE to read struct ublksrvctrlcmd...

CVE-2026-45977

fbnic: close fwlog race between users and teardown...

CVE-2026-45884

apparmor: avoid per-cpu hold underflow in aagetbuffer...

CVE-2026-45961

gfs2: fix memory leaks in gfs2fillsuper error path...

CVE-2025-71308

accel/amdxdna: Fix potential NULL pointer dereference in context cleanup...

CVE-2026-45958

drm/exynos: vidi: fix to avoid directly dereferencing user pointer...

CVE-2026-45959

crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree...

CVE-2026-45928

media: chips-media: wave5: Fix memory leak on codecinfo allocation failure...