Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2026-22976

    In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset `qfq_class->leaf_qdisc->q.qlen > 0` does not imply that the class itself is active. Two qfq_class o... Read more

    Affected Products : linux_kernel
    • Published: Jan. 21, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-70866

    LavaLite CMS 10.1.0 is vulnerable to Incorrect Access Control. An authenticated user with low-level privileges (User role) can directly access the admin backend by logging in through /admin/login. The vulnerability exists because the admin and user authen... Read more

    Affected Products :
    • Published: Feb. 13, 2026
    • Modified: Feb. 13, 2026
    • Vuln Type: Authorization

  • 0.0

    NA
    CVE-2026-23002

    In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use __kernel_read() for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemap_read_folio". For the sleepable context, convert fread... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-22991

    In the Linux kernel, the following vulnerability has been resolved: libceph: make free_choose_arg_map() resilient to partial allocation free_choose_arg_map() may dereference a NULL pointer if its caller fails after a partial allocation. For example, in... Read more

    Affected Products : linux_kernel
    • Published: Jan. 23, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-23036

    In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget_failed() in btrfs_read_locked_inode() In btrfs_read_locked_inode() if we fail to lookup the inode, we jump to the 'out' label with a path that has a read... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2026-23039

    In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drm_atomic_helper_disable_all() is called which sets both the fb and crtc for a plane to NULL before invoking ... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-22988

    In the Linux kernel, the following vulnerability has been resolved: arp: do not assume dev_hard_header() does not change skb->head arp_create() is the only dev_hard_header() caller making assumption about skb->head being unchanged. A recent commit brok... Read more

    Affected Products : linux_kernel
    • Published: Jan. 23, 2026
    • Modified: Jan. 26, 2026

  • 0.0

    NA
    CVE-2026-22987

    In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: avoid dereferencing ERR_PTR in tcf_idrinfo_destroy syzbot reported a crash in tc_act_in_hw() during netns teardown where tcf_idrinfo_destroy() passed an ERR_PTR(-EBU... Read more

    Affected Products : linux_kernel
    • Published: Jan. 23, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-71149

    In the Linux kernel, the following vulnerability has been resolved: io_uring/poll: correctly handle io_poll_add() return value on update When the core of io_uring was updated to handle completions consistently and with fixed return codes, the POLL_REMOV... Read more

    Affected Products : linux_kernel
    • Published: Jan. 23, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2026-23004

    In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() syzbot was able to crash the kernel in rt6_uncached_list_flush_dev() in an interesting way [1] Crash happens in lis... Read more

    Affected Products : linux_kernel
    • Published: Jan. 25, 2026
    • Modified: Jan. 26, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-71203

    In the Linux kernel, the following vulnerability has been resolved: riscv: Sanitize syscall table indexing under speculation The syscall number is a user-controlled value used to index into the syscall table. Use array_index_nospec() to clamp this value... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2025-71204

    In the Linux kernel, the following vulnerability has been resolved: smb/server: fix refcount leak in parse_durable_handle_context() When the command is a replay operation and -ENOEXEC is returned, the refcount of ksmbd_file must be released.... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-71220

    In the Linux kernel, the following vulnerability has been resolved: smb/server: call ksmbd_session_rpc_close() on error path in create_smb2_pipe() When ksmbd_iov_pin_rsp() fails, we should call ksmbd_session_rpc_close().... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026

  • 0.0

    NA
    CVE-2025-71221

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue() Add proper locking in mmp_pdma_residue() to prevent use-after-free when accessing descriptor list and descriptor contents. ... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2025-71222

    In the Linux kernel, the following vulnerability has been resolved: wifi: wlcore: ensure skb headroom before skb_push This avoids occasional skb_under_panic Oops from wl1271_tx_work. In this case, headroom is less than needed (typically 110 - 94 = 16 by... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2025-71187

    In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures (e.g. probe deferral).... Read more

    Affected Products : linux_kernel
    • Published: Jan. 31, 2026
    • Modified: Feb. 03, 2026
    • Vuln Type: Misconfiguration

  • 0.0

    NA
    CVE-2026-23174

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dma_needs_unmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-23175

    In the Linux kernel, the following vulnerability has been resolved: net: cpsw: Execute ndo_set_rx_mode callback in a work queue Commit 1767bb2d47b7 ("ipv6: mcast: Don't hold RTNL for IPV6_ADD_MEMBERSHIP and MCAST_JOIN_GROUP.") removed the RTNL lock for ... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Race Condition

  • 0.0

    NA
    CVE-2026-23176

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_haps: Fix memory leaks in add/remove routines toshiba_haps_add() leaks the haps object allocated by it if it returns an error after allocating that object successf... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Memory Corruption

  • 0.0

    NA
    CVE-2026-23138

    In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger ena... Read more

    Affected Products :
    • Published: Feb. 14, 2026
    • Modified: Feb. 14, 2026
    • Vuln Type: Misconfiguration
Showing 20 of 4737 Results