Latest CVE Feed
-
0.0
NACVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to fault configfs items When CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION is enabled, the null-blk driver sets up fault injection support by cr... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23003
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() Blamed commit did not take care of VLAN encapsulations as spotted by syzbot [1]. Use skb_vlan_inet_prepare() instead of pskb_... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23017
In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the init_task on load If the init_task fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that stat... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Denial of Service
-
0.0
NONECVE-2025-61636
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/htmlform/fields/HTMLButtonField.Php. This issue affe... Read more
Affected Products : mediawiki- Published: Feb. 03, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Cross-Site Scripting
-
0.0
NACVE-2026-23034
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq->last_fence. This pointer holds an extra dma_fence ... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23094
In the Linux kernel, the following vulnerability has been resolved: uacce: fix isolate sysfs check condition uacce supports the device isolation feature. If the driver implements the isolate_err_threshold_read and isolate_err_threshold_write callback fu... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2025-58190
The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.... Read more
Affected Products : networking- Published: Feb. 05, 2026
- Modified: Feb. 05, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23103
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Make the addrs_lock be per port Make the addrs_lock be per port, not per ipvlan dev. Initial code seems to be written in the assumption, that any address change must occur unde... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23029
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_destroy() In kvm_ioctl_create_device(), kvm_device has allocated memory, kvm_device->destroy() seems to be supposed to free its kvm_de... Read more
Affected Products : linux_kernel- Published: Jan. 31, 2026
- Modified: Feb. 03, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23049
In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devm_drm_panel_bridge_add() requires c... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Misconfiguration
-
0.0
NACVE-2026-23001
In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU protection on (struct macvlan_source_entry)->vlan. Whenever macvlan_hash_del_source() is called, we must clear entry->vlan... Read more
Affected Products : linux_kernel- Published: Jan. 25, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23083
In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOU_ATTR_IPPROTO. fou_udp_recv() has the same problem mentioned in the previous patch. If FOU_ATTR_IPPROTO is set to 0, skb is not freed by fou_udp_recv() nor "r... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23101
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to leds_list when it is fully ready Before this change the LED was added to leds_list before led_init_core() gets called adding it the list before led_clas... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2026-23047
In the Linux kernel, the following vulnerability has been resolved: libceph: make calc_target() set t->paused, not just clear it Currently calc_target() clears t->paused if the request shouldn't be paused anymore, but doesn't ever set t->paused even tho... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Race Condition
-
0.0
NACVE-2025-68783
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet indices get_meter_levels_from_urb() parses the 64-byte meter packets sent by the device and fills the per-channel arrays meter_level[], c... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71133
In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: avoid invalid read in irdma_net_event irdma_net_event() should not dereference anything from "neigh" (alias "ptr") until it has checked that the event is NETEVENT_NEIGH_UPDA... Read more
Affected Products : linux_kernel- Published: Jan. 14, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2026-23069
In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtio_transport_get_credit() The credit calculation in virtio_transport_get_credit() uses unsigned arithmetic: ret = vvs->peer_buf_alloc - (... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 06, 2026
- Vuln Type: Denial of Service
-
0.0
NACVE-2025-68773
In the Linux kernel, the following vulnerability has been resolved: spi: fsl-cpm: Check length parity before switching to 16 bit mode Commit fc96ec826bce ("spi: fsl-cpm: Use 16 bit mode for large transfers with even size") failed to make sure that the s... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2026-23041
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix NULL pointer crash in bnxt_ptp_enable during error cleanup When bnxt_init_one() fails during initialization (e.g., bnxt_init_int_mode returns -ENODEV), the error path calls... Read more
Affected Products : linux_kernel- Published: Feb. 04, 2026
- Modified: Feb. 04, 2026
- Vuln Type: Memory Corruption
-
0.0
NACVE-2025-71098
In the Linux kernel, the following vulnerability has been resolved: ip6_gre: make ip6gre_header() robust Over the years, syzbot found many ways to crash the kernel in ip6gre_header() [1]. This involves team or bonding drivers ability to dynamically cha... Read more
Affected Products : linux_kernel- Published: Jan. 13, 2026
- Modified: Jan. 19, 2026
- Vuln Type: Memory Corruption