[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 27 20:14:02 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f1e387fa by security tracker role at 2026-05-27T19:13:55+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,615 @@
+CVE-2026-9712 (When creating an export through the pretix API, API clients are retur ...)
+ TODO: check
+CVE-2026-9704 (A flaw was found in Keycloak. An authenticated user with low privilege ...)
+ TODO: check
+CVE-2026-9689 (A flaw was found in Keycloak, an open-source identity and access manag ...)
+ TODO: check
+CVE-2026-9674 (A cross-site request forgery (CSRF) vulnerability in Jenkins Multijob ...)
+ TODO: check
+CVE-2026-9617 (PostgreSQL Anonymizer contains a vulnerability that allows a user to g ...)
+ TODO: check
+CVE-2026-9035 (IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 ...)
+ TODO: check
+CVE-2026-8942 (The MetaMagic SEO Plugin plugin for WordPress is vulnerable to Cross-S ...)
+ TODO: check
+CVE-2026-8906 (The WP Promoter plugin for WordPress is vulnerable to Cross-Site Reque ...)
+ TODO: check
+CVE-2026-8832 (The WPCode - Insert Headers and Footers + Custom Code Snippets - WordP ...)
+ TODO: check
+CVE-2026-8716 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-8405 (IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of G ...)
+ TODO: check
+CVE-2026-8180 (IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 ...)
+ TODO: check
+CVE-2026-8179 (IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 ...)
+ TODO: check
+CVE-2026-8175 (IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 ...)
+ TODO: check
+CVE-2026-8143 (The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scri ...)
+ TODO: check
+CVE-2026-8054 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-8042 (The Github Shortcode plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2026-7876 (IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19)
+ TODO: check
+CVE-2026-7618 (The Env\xedaloSimple: Email Marketing y Newsletters plugin for WordPre ...)
+ TODO: check
+CVE-2026-7528 (IBM Langflow OSS 1.0.0 through 1.9.0 could allow a denial of service d ...)
+ TODO: check
+CVE-2026-7524 (IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution ...)
+ TODO: check
+CVE-2026-7365 (IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - ...)
+ TODO: check
+CVE-2026-7254 (IBM OPENBMC FW1110.00 through FW1110.11is vulnerable to denial of serv ...)
+ TODO: check
+CVE-2026-6957 (Mattermost Plugins versions <=1.1.5 fail to sanitize filenames receive ...)
+ TODO: check
+CVE-2026-6938 (IBM Db2 12.1.0 through 12.1.4 is vulnerable to authorization bypass wh ...)
+ TODO: check
+CVE-2026-6936 (IBM i 7.6, 7.5, 7.4, and 7.3 s vulnerable to a denial-of-service attac ...)
+ TODO: check
+CVE-2026-6713 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-6169 (The affiliate-toolkit plugin for WordPress is vulnerable to remote cod ...)
+ TODO: check
+CVE-2026-6053 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
+ TODO: check
+CVE-2026-6052 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
+ TODO: check
+CVE-2026-6051 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
+ TODO: check
+CVE-2026-5516 (IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 ...)
+ TODO: check
+CVE-2026-5515 (IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentiall ...)
+ TODO: check
+CVE-2026-5509 (An authenticated command injection vulnerability exists in the Archer ...)
+ TODO: check
+CVE-2026-5296 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-5065 (IBM Controller 11.0.1, 11.1.0, 11.1.1, and 11.1.2 contains hard-coded ...)
+ TODO: check
+CVE-2026-4868 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-4410 (IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 a ...)
+ TODO: check
+CVE-2026-4392 (A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This ...)
+ TODO: check
+CVE-2026-4391 (A security vulnerability has been detected in TeamSpeak 3 Server up to ...)
+ TODO: check
+CVE-2026-4390 (A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. Thi ...)
+ TODO: check
+CVE-2026-49103 (Webmin before 2.640 does not safely construct a filename for saving of ...)
+ TODO: check
+CVE-2026-49102 (Webmin before 2.640 allows mailboxes/detach.cgi XSS via an SVG documen ...)
+ TODO: check
+CVE-2026-49059 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in F ...)
+ TODO: check
+CVE-2026-49054 (Missing Authorization vulnerability in Mamunur Rashid The Post Grid al ...)
+ TODO: check
+CVE-2026-49053 (Missing Authorization vulnerability in Wpmet ElementsKit Elementor add ...)
+ TODO: check
+CVE-2026-49052 (Missing Authorization vulnerability in Wpmet ElementsKit Elementor add ...)
+ TODO: check
+CVE-2026-49051 (Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Dat ...)
+ TODO: check
+CVE-2026-49047 (Missing Authorization vulnerability in DearHive DearFlip allows Exploi ...)
+ TODO: check
+CVE-2026-49046 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-49045 (Missing Authorization vulnerability in WP Media Adminimize allows Expl ...)
+ TODO: check
+CVE-2026-49044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-49002 (Access control failure means that an application does not effectively ...)
+ TODO: check
+CVE-2026-49001 (Cross-site request forgery (CSRF) vulnerabilities allow attackers to e ...)
+ TODO: check
+CVE-2026-48973 (Missing Authorization vulnerability in Benbodhi SVG Support allows Exp ...)
+ TODO: check
+CVE-2026-48972 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
+ TODO: check
+CVE-2026-48971 (Missing Authorization vulnerability in WebToffee Product Import Export ...)
+ TODO: check
+CVE-2026-48968 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-48927 (Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the bui ...)
+ TODO: check
+CVE-2026-48926 (Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not per ...)
+ TODO: check
+CVE-2026-48925 (A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub In ...)
+ TODO: check
+CVE-2026-48924 (Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the ...)
+ TODO: check
+CVE-2026-48923 (Jenkins AppSpider Plugin 1.0.17 and earlier does not perform a permiss ...)
+ TODO: check
+CVE-2026-48922 (Jenkins Credentials Binding Plugin 720.v3f6decef43ea_ and earlier does ...)
+ TODO: check
+CVE-2026-48921 (Jenkins Pipeline: Groovy Libraries Plugin 797.v90ea_a_9b_e45a_0 and ea ...)
+ TODO: check
+CVE-2026-48920 (Jenkins Email Extension Plugin 1933.v45cec755423f and earlier allows i ...)
+ TODO: check
+CVE-2026-48919 (Jenkins Active Directory Plugin 2.41 and earlier deserializes data fro ...)
+ TODO: check
+CVE-2026-48918 (Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referral ...)
+ TODO: check
+CVE-2026-48917 (Jenkins LDAP Plugin 807.v7d7de30930cf and earlier deserializes data fr ...)
+ TODO: check
+CVE-2026-48916 (Jenkins LDAP Plugin 807.v7d7de30930cf and earlier follows LDAP referra ...)
+ TODO: check
+CVE-2026-48906 (The vulnerability in the Tassos Framework Plugin allows users to delet ...)
+ TODO: check
+CVE-2026-48877 (Insertion of Sensitive Information Into Sent Data vulnerability in Tom ...)
+ TODO: check
+CVE-2026-48545 (Gradio before version 6.15.0 contains a cookie injection vulnerability ...)
+ TODO: check
+CVE-2026-48544 (Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulner ...)
+ TODO: check
+CVE-2026-48153 (Budibase is an open-source low-code platform. Prior to 3.39.0, fetchTo ...)
+ TODO: check
+CVE-2026-48152 (Budibase is an open-source low-code platform. Prior to 3.39.0, the sin ...)
+ TODO: check
+CVE-2026-48151 (Budibase is an open-source low-code platform. Prior to 3.39.0, the web ...)
+ TODO: check
+CVE-2026-48150 (Budibase is an open-source low-code platform. Prior to 3.39.0, /api/pu ...)
+ TODO: check
+CVE-2026-48149 (Budibase is an open-source low-code platform. Prior to 3.39.0, the Bud ...)
+ TODO: check
+CVE-2026-48148 (Budibase is an open-source low-code platform. Prior to 3.35.3, the Ve ...)
+ TODO: check
+CVE-2026-48147 (Budibase is an open-source low-code platform. Prior to 3.35.4, the bui ...)
+ TODO: check
+CVE-2026-48146 (Budibase is an open-source low-code platform. Prior to 3.39.0, the OAu ...)
+ TODO: check
+CVE-2026-48128 (Budibase is an open-source low-code platform. Prior to 3.39.0, the exe ...)
+ TODO: check
+CVE-2026-48027 (Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a mal ...)
+ TODO: check
+CVE-2026-47119 (Agent Zero before version 1.15 contains a stored cross-site scripting ...)
+ TODO: check
+CVE-2026-47118 (Agent Zero before version 1.15 contains a path traversal vulnerability ...)
+ TODO: check
+CVE-2026-47104 (libusb before version 1.0.30 contains a one-byte out-of-bounds read vu ...)
+ TODO: check
+CVE-2026-46427 (Budibase is an open-source low-code platform. Prior to 3.38.3, removeS ...)
+ TODO: check
+CVE-2026-46426 (Budibase is an open-source low-code platform. Prior to 3.38.2, the fil ...)
+ TODO: check
+CVE-2026-46425 (Budibase is an open-source low-code platform. Prior to 3.38.2, package ...)
+ TODO: check
+CVE-2026-46424 (Budibase is an open-source low-code platform. Prior to 3.38.2, the pub ...)
+ TODO: check
+CVE-2026-45719 (Budibase is an open-source low-code platform. Prior to 3.38.1, the V1 ...)
+ TODO: check
+CVE-2026-45718 (Budibase is an open-source low-code platform. Prior to 3.38.1, the row ...)
+ TODO: check
+CVE-2026-45717 (Budibase is an open-source low-code platform. Prior to 3.38.1, Budibas ...)
+ TODO: check
+CVE-2026-45716 (Budibase is an open-source low-code platform. Prior to 3.38.1, the POS ...)
+ TODO: check
+CVE-2026-45715 (Budibase is an open-source low-code platform. Prior to 3.38.1, the RES ...)
+ TODO: check
+CVE-2026-45571 (go-git is an extensible git implementation library written in pure Go. ...)
+ TODO: check
+CVE-2026-45570 (go-git is an extensible git implementation library written in pure Go. ...)
+ TODO: check
+CVE-2026-45548 (Budibase is an open-source low-code platform. Prior to 3.34.8, the pro ...)
+ TODO: check
+CVE-2026-45335 (WeGIA is a web manager for charitable institutions. Prior to 3.7.3, an ...)
+ TODO: check
+CVE-2026-45090 (Dalfox is a powerful open-source XSS scanner and utility focused on au ...)
+ TODO: check
+CVE-2026-45089 (Dalfox is a powerful open-source XSS scanner and utility focused on au ...)
+ TODO: check
+CVE-2026-45088 (Dalfox is a powerful open-source XSS scanner and utility focused on au ...)
+ TODO: check
+CVE-2026-45087 (Dalfox is a powerful open-source XSS scanner and utility focused on au ...)
+ TODO: check
+CVE-2026-45081 (Frappe HR is an open-source human resources management solution (HRMS) ...)
+ TODO: check
+CVE-2026-45061 (Budibase is an open-source low-code platform. Prior to 3.35.10, the Pl ...)
+ TODO: check
+CVE-2026-45047 (bird-lg-go is a BIRD looking glass in Go. Prior to 1.4.5, the apiHandl ...)
+ TODO: check
+CVE-2026-45046 (Gryph provides a security layer for AI coding agents. Prior to 0.7.0, ...)
+ TODO: check
+CVE-2026-45027 (WeGIA is a web manager for charitable institutions. In versions prior ...)
+ TODO: check
+CVE-2026-45022 (go-git is an extensible git implementation library written in pure Go. ...)
+ TODO: check
+CVE-2026-44988 (LibVNCClient is a library for easy implementation of a VNC client. In ...)
+ TODO: check
+CVE-2026-44972 (GuardDog is a CLI tool to identify malicious PyPI packages. From 2.6.0 ...)
+ TODO: check
+CVE-2026-44971 (GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 ...)
+ TODO: check
+CVE-2026-44902 (opentelemetry-js is the OpenTelemetry JavaScript Client. Prior to 0.21 ...)
+ TODO: check
+CVE-2026-44839 (RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1 ...)
+ TODO: check
+CVE-2026-44838 (RabbitMQ is a messaging and streaming broker. From 4.2.0 to before 4.2 ...)
+ TODO: check
+CVE-2026-44830 (Nocturne Memory is a lightweight, rollbackable, and visual Long-Term M ...)
+ TODO: check
+CVE-2026-44635 (Kysely is a type-safe TypeScript SQL query builder. From 0.26.0 to 0.2 ...)
+ TODO: check
+CVE-2026-44521 (elFinder is an open-source file manager for web, written in JavaScript ...)
+ TODO: check
+CVE-2026-44483 (RVF (formerly Remix Validated Form) provides easy form validation and ...)
+ TODO: check
+CVE-2026-44475 (Ella Core is a 5G core designed for private networks. Prior to 1.10.0, ...)
+ TODO: check
+CVE-2026-44474 (Ella Core is a 5G core designed for private networks. Prior to 1.10.0, ...)
+ TODO: check
+CVE-2026-44473 (Ella Core is a 5G core designed for private networks. Prior to 1.10.0, ...)
+ TODO: check
+CVE-2026-44460 (FileRise is a self-hosted web-based file manager with multi-file uploa ...)
+ TODO: check
+CVE-2026-44346 (BentoML is a Python library for building online serving systems optimi ...)
+ TODO: check
+CVE-2026-44345 (BentoML is a Python library for building online serving systems optimi ...)
+ TODO: check
+CVE-2026-44330 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44329 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44328 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44327 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44326 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44325 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44324 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44323 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44322 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44321 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44320 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44319 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44318 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44317 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44316 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-44315 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-42879 (FacturaScripts is an open source accounting and invoicing software. In ...)
+ TODO: check
+CVE-2026-42878 (FacturaScripts is an open source accounting and invoicing software. Pr ...)
+ TODO: check
+CVE-2026-42791 (Improper Certificate Validation vulnerability in Erlang OTP public_key ...)
+ TODO: check
+CVE-2026-42790 (Improper Certificate Validation vulnerability in Erlang OTP public_key ...)
+ TODO: check
+CVE-2026-42789 (Improper Following of a Certificate's Chain of Trust vulnerability in ...)
+ TODO: check
+CVE-2026-42762 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42761 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42760 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-42759 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42758 (Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobi ...)
+ TODO: check
+CVE-2026-42757 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-42756 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-42755 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42754 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42753 (Missing Authorization vulnerability in WC Lovers WCFM Membership wc-mu ...)
+ TODO: check
+CVE-2026-42751 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42750 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42749 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-42748 (Unrestricted Upload of File with Dangerous Type vulnerability in WPify ...)
+ TODO: check
+CVE-2026-42747 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42746 (Insertion of Sensitive Information Into Sent Data vulnerability in ZAY ...)
+ TODO: check
+CVE-2026-42745 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-42744 (Improper Validation of Specified Quantity in Input vulnerability in Ad ...)
+ TODO: check
+CVE-2026-42740 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42739 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42738 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42737 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ TODO: check
+CVE-2026-42736 (Authorization Bypass Through User-Controlled Key vulnerability in word ...)
+ TODO: check
+CVE-2026-42735 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
+ TODO: check
+CVE-2026-42734 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42733 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42732 (Improper Validation of Specified Quantity in Input vulnerability in Ad ...)
+ TODO: check
+CVE-2026-42731 (Incorrect Privilege Assignment vulnerability in miniOrange miniorange ...)
+ TODO: check
+CVE-2026-42730 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42729 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42728 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2026-42727 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2026-42726 (Missing Authorization vulnerability in Strategy11 Team AWP Classifieds ...)
+ TODO: check
+CVE-2026-42725 (Authorization Bypass Through User-Controlled Key vulnerability in WP W ...)
+ TODO: check
+CVE-2026-42553 (Cinny is a Matrix client. Prior to 4.10.3, A remote authenticated atta ...)
+ TODO: check
+CVE-2026-42459 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-42328 (go-ipld-prime is an implementation of the InterPlanetary Linked Data ( ...)
+ TODO: check
+CVE-2026-42280 (Auth0.js is a client-side JavaScript library for Auth0. From 8.11.0 to ...)
+ TODO: check
+CVE-2026-42184 (Tauri is a framework for building binaries for all major desktop platf ...)
+ TODO: check
+CVE-2026-42083 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-42082 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-42081 (free5GC is an open-source implementation of the 5G core network. Prior ...)
+ TODO: check
+CVE-2026-41704 (AgentClient#handle_method (lines 264-303) processes every NATS reply. ...)
+ TODO: check
+CVE-2026-41009 (When the director sends a long-running request (e.g. compile_package), ...)
+ TODO: check
+CVE-2026-40852 (A highly authenticated attacker can alter the config generator injecti ...)
+ TODO: check
+CVE-2026-40851 (A local attacker can perform a confusion attack on the cfgparser via a ...)
+ TODO: check
+CVE-2026-40850 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40849 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40848 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40847 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40846 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40845 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40844 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40843 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40842 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40841 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40840 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40839 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40838 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40837 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40836 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40835 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40834 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40833 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40832 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40831 (An low privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40830 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40829 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40828 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40827 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40826 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40825 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40824 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40823 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40822 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40821 (A high privileged remote attacker can exploit an unauthenticated SQL I ...)
+ TODO: check
+CVE-2026-40819 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40818 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40817 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40816 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40815 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40814 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40813 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40812 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40811 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-40810 (An unauthenticated remote attacker can exploit an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-3897 (The Livemesh Addons for Beaver Builder plugin for WordPress is vulnera ...)
+ TODO: check
+CVE-2026-3896 (The Livemesh SiteOrigin Widgets plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2026-3895 (The WPBakery Page Builder Addons by Livemesh plugin for WordPress is v ...)
+ TODO: check
+CVE-2026-3676 (IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private ...)
+ TODO: check
+CVE-2026-3623 (IBM Netezza Performance Server Replication Services 3.0.2.0 through 3. ...)
+ TODO: check
+CVE-2026-3375 (The LiteSpeed Cache plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2026-3366 (IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1. ...)
+ TODO: check
+CVE-2026-3349 (The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflec ...)
+ TODO: check
+CVE-2026-3348 (The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2026-3279 (The Enable jQuery Migrate Helper plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2026-3001 (The Gutenverse plugin for WordPress is vulnerable to Reflected Cross-S ...)
+ TODO: check
+CVE-2026-38945 (Command injection in Raynet rvia version 12.6 Update 8 and previous ve ...)
+ TODO: check
+CVE-2026-38931 (A stored cross-site scripting (XSS) vulnerability in the /admin/config ...)
+ TODO: check
+CVE-2026-38930 (OpenRapid RapidCMS v1.3.1 was discovered to contain an authentication ...)
+ TODO: check
+CVE-2026-38808 (SQL Injection vulnerability in uzy-ssm-mall v1.1.0 allows a remote att ...)
+ TODO: check
+CVE-2026-38807 (Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote ...)
+ TODO: check
+CVE-2026-38427 (An issue in fetch_jpg() in xdrv_10_scripter.ino in Tasmota through 15. ...)
+ TODO: check
+CVE-2026-38426 (Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before ...)
+ TODO: check
+CVE-2026-38422 (Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before ...)
+ TODO: check
+CVE-2026-37713 (An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-al ...)
+ TODO: check
+CVE-2026-37712 (An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-al ...)
+ TODO: check
+CVE-2026-37711 (An issue in Dolibarr ERP/CRM v.22.0.0 through v.22.0.4 and v.24.0.0-al ...)
+ TODO: check
+CVE-2026-36540 (Netis AC1200 Router NC21 V4.0.1.4296 is vulnerable to unauthenticated ...)
+ TODO: check
+CVE-2026-36539 (Netis AC1200 Router NC21 V4.0.1.4296 exposes a CGI endpoint /cgi-bin/s ...)
+ TODO: check
+CVE-2026-36538 (Netis AC1200 Router NC21 V4.0.1.4296 contains a hard-coded root creden ...)
+ TODO: check
+CVE-2026-36045 (picoclaw <=v0.1.2 and earlier is vulnerable to OS command injection vi ...)
+ TODO: check
+CVE-2026-36044 (@pensar/apex <= 0.0.58 is vulnerable to OS command injection via the s ...)
+ TODO: check
+CVE-2026-35090 (In Slican telephone exchanges it is possible to manage the control pan ...)
+ TODO: check
+CVE-2026-35089 (In Slican telephone exchanges secure key is generated in a predictable ...)
+ TODO: check
+CVE-2026-35087 (Slican telephone exchanges allow administrative protocol authenticatio ...)
+ TODO: check
+CVE-2026-31266 (Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerabi ...)
+ TODO: check
+CVE-2026-30498 (A Cross-Site Request Forgery (CSRF) vulnerability was discovered in th ...)
+ TODO: check
+CVE-2026-2607 (IBM MQ Operator SC2: v3.2.0 through 3.2.23CD: v3.3.0, v3.4.0, v3.4.1, ...)
+ TODO: check
+CVE-2026-2601 (GitLab has remediated an issue in GitLab EE affecting all versions fro ...)
+ TODO: check
+CVE-2026-2288 (The myLinksDump plugin for WordPress is vulnerable to Stored Cross-Sit ...)
+ TODO: check
+CVE-2026-2280 (The rexCrawler plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2026-2237 (A use of get request method with sensitive query strings vulnerability ...)
+ TODO: check
+CVE-2026-2030 (The WPBakery Page Builder Addons by Livemesh plugin for WordPress is v ...)
+ TODO: check
+CVE-2026-23679 (libusb before version 1.0.30 contains a NULL pointer dereference vulne ...)
+ TODO: check
+CVE-2026-1718 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable ...)
+ TODO: check
+CVE-2026-1402 (GitLab has remediated an issue in GitLab CE/EE affecting all versions ...)
+ TODO: check
+CVE-2026-1248 (IBM Business Automation Workflow containers and traditionalmay leak in ...)
+ TODO: check
+CVE-2025-70116 (A NULL pointer dereference in GPAC MP4Box: when parsing certain trunca ...)
+ TODO: check
+CVE-2025-70103 (Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM im ...)
+ TODO: check
+CVE-2025-69600 (Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows adversa ...)
+ TODO: check
+CVE-2025-68712 (SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android allows a loc ...)
+ TODO: check
+CVE-2025-67903 (Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic sign ...)
+ TODO: check
+CVE-2025-66593 (An origin validation error vulnerability in Synology Assistant before ...)
+ TODO: check
+CVE-2025-66592 (An origin validation error vulnerability in Synology Active Backup for ...)
+ TODO: check
+CVE-2025-52747 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-41670 (A local user with low privileges may be able to influence the behavior ...)
+ TODO: check
+CVE-2025-41669 (The Web-based Management allows a remote low privileged Engineer user ...)
+ TODO: check
+CVE-2025-3633 (IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos T ...)
+ TODO: check
+CVE-2025-30028 (A vulnerability in Active Backup for Business allows unauthorized remo ...)
+ TODO: check
+CVE-2025-22741 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
+ TODO: check
+CVE-2025-14713 (An Exposed Dangerous Method or Function vulnerability in Synology C2 I ...)
+ TODO: check
+CVE-2025-13593 (Origin validation error vulnerability in Synology ActiveProtect Agent ...)
+ TODO: check
+CVE-2025-13392 (Improper check for unusual or exceptional conditions vulnerability in ...)
+ TODO: check
+CVE-2025-13167 (Improper neutralization of input during web page generation ('Cross-si ...)
+ TODO: check
+CVE-2025-12686 (Buffer copy without checking size of input ('Classic Buffer Overflow') ...)
+ TODO: check
+CVE-2025-10466 (Improper neutralization of input during web page generation ('Cross-si ...)
+ TODO: check
+CVE-2025-0898 (The Xpro Elementor Addons - Pro plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2024-56462 (IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a priv ...)
+ TODO: check
+CVE-2024-47272 (Incorrect authorization vulnerability in IO Module functionality in Sy ...)
+ TODO: check
+CVE-2024-47271 (Insufficiently protected credentials vulnerability in IPSpeaker compon ...)
+ TODO: check
+CVE-2024-47270 (Improper preservation of permissions vulnerability in Archiving Push f ...)
+ TODO: check
+CVE-2024-47269 (Cleartext transmission of sensitive information vulnerability in Expor ...)
+ TODO: check
+CVE-2024-47268 (Missing authorization vulnerability in AddOns functionality in Synolog ...)
+ TODO: check
+CVE-2024-47267 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
+ TODO: check
+CVE-2024-40684 (IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3 ...)
+ TODO: check
+CVE-2024-28765 (IBM SDI 7.2.0.0 through 7.2.0.14 and IBM Security Directory Integrator ...)
+ TODO: check
+CVE-2024-11399 (Files or directories accessible to external parties vulnerability in r ...)
+ TODO: check
+CVE-2023-52945 (Uncontrolled search path element vulnerability in OpenSSL DLL componen ...)
+ TODO: check
CVE-2026-48736
- symfony 7.4.13+dfsg-1
NOTE: https://symfony.com/blog/cve-2026-48736-iputils-private-subnets-omits-ipv6-transition-forms-ssrf-bypass-in-noprivatenetworkhttpclient
@@ -64,1368 +676,1368 @@ CVE-2026-47766
[bookworm] - crun <no-dsa> (Minor issue)
NOTE: https://github.com/containers/crun/security/advisories/GHSA-7vwr-4279-7gq5
NOTE: https://github.com/containers/crun/commit/c6f338ac2e26e216ab7820b91863a0b84e608097 (1.28)
-CVE-2026-46100 [fs: afs: revert mmap_prepare() change]
+CVE-2026-46100 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fbfc6578eaca12daa0c09df1e9ba7f2c657b49da (7.1-rc1)
-CVE-2026-46097 [Input: edt-ft5x06 - fix use-after-free in debugfs teardown]
+CVE-2026-46097 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f5f9e07060519e2287e99019a6de1eb3ebb65c37 (7.1-rc1)
-CVE-2026-46095 [md/md-llbitmap: raise barrier before state machine transition]
+CVE-2026-46095 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ef4ca3d4bf09716cff9ba00eb0351deadc8417ab (7.1-rc1)
-CVE-2026-46094 [ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access]
+CVE-2026-46094 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eceafc31ea7b42c984ece10d79d505c0bb6615d5 (7.1-rc1)
-CVE-2026-46089 [zram: do not forget to endio for partial discard requests]
+CVE-2026-46089 (In the Linux kernel, the following vulnerability has been resolved: z ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e3668b371329ea036ff022ce8ecc82f8befcf003 (7.1-rc1)
-CVE-2026-46087 [mm/damon/stat: fix memory leak on damon_start() failure in damon_stat_start()]
+CVE-2026-46087 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e04ed278d25bf15769800bf6e35c6737f137186f (7.1-rc1)
-CVE-2026-46085 [rxrpc: Fix rxkad crypto unalignment handling]
+CVE-2026-46085 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/def304aae2edf321d2671fd6ca766a93c21f877e (7.1-rc1)
-CVE-2026-46084 [RDMA/mana_ib: Disable RX steering on RSS QP destroy]
+CVE-2026-46084 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dbeb256e8dd87233d891b170c0b32a6466467036 (7.1-rc1)
-CVE-2026-46081 [crypto: acomp - fix wrong pointer stored by acomp_save_req()]
+CVE-2026-46081 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d7e20b9bd6c990773cf0c09e2642250b8a70263d (7.1-rc1)
-CVE-2026-46074 [spi: ch341: fix memory leaks on probe failures]
+CVE-2026-46074 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b99e3ddb91b499d920e63a2daff8880be68cfe9e (7.1-rc1)
-CVE-2026-46073 [hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt]
+CVE-2026-46073 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b66437cb20a2d9ef201f40b675569f8ea7787c9f (7.1-rc1)
-CVE-2026-46067 [mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp]
+CVE-2026-46067 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a34dac6482e53e2c76944f25b1489b9b7da3a6e6 (7.1-rc1)
-CVE-2026-46063 [x86/shstk: Prevent deadlock during shstk sigreturn]
+CVE-2026-46063 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9874b2917b9fbc30956fee209d3c4aa47201c64e (7.1-rc1)
-CVE-2026-46061 [jbd2: fix deadlock in jbd2_journal_cancel_revoke()]
+CVE-2026-46061 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/981fcc5674e67158d24d23e841523eccba19d0e7 (7.1-rc1)
-CVE-2026-46060 [crypto: qat - fix IRQ cleanup on 6xxx probe failure]
+CVE-2026-46060 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/95aed2af87ec43fa7624cc81dd13d37824ad4972 (7.1-rc1)
-CVE-2026-46057 [landlock: Fix LOG_SUBDOMAINS_OFF inheritance across fork()]
+CVE-2026-46057 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/874c8f83826c95c62c21d9edfe9ef43e5c346724 (7.1-rc1)
-CVE-2026-46055 [apparmor: Fix string overrun due to missing termination]
+CVE-2026-46055 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/828bf7929bedcb79b560b5b4e44f22abee07d31b (7.1-rc1)
-CVE-2026-46048 [ALSA: caiaq: fix usb_dev refcount leak on probe failure]
+CVE-2026-46048 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7a5f1cd22d47f8ca4b760b6334378ae42c1bd24b (7.1-rc2)
-CVE-2026-46045 [md/md-llbitmap: skip reading rdevs that are not in_sync]
+CVE-2026-46045 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7701e68b5072faa03a8f30b4081dc16df9092381 (7.1-rc1)
-CVE-2026-46042 [mm/mempolicy: fix memory leaks in weighted_interleave_auto_store()]
+CVE-2026-46042 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6fae274ce0e3109cbbc4c18b354eaace1f0af7d7 (7.1-rc1)
-CVE-2026-46041 [greybus: gb-beagleplay: fix sleep in atomic context in hdlc_tx_frames()]
+CVE-2026-46041 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6b526dca0966f2370835765019a54319b78fca8d (7.1-rc1)
-CVE-2026-46039 [rxgk: Fix potential integer overflow in length check]
+CVE-2026-46039 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6929350080f4da292d111a3b33e53138fee51cec (7.1-rc1)
-CVE-2026-46036 [vfio/cdx: Serialize VFIO_DEVICE_SET_IRQS with a per-device mutex]
+CVE-2026-46036 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/670e8864b1a218d72f08db40d0103adf38fa1d9b (7.1-rc1)
-CVE-2026-46035 [mm/page_alloc: return NULL early from alloc_frozen_pages_nolock() in NMI on UP]
+CVE-2026-46035 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/620b46ed6ae17c8438d889c8c0cfddab36a1476c (7.1-rc2)
-CVE-2026-46034 [vfio/cdx: Fix NULL pointer dereference in interrupt trigger path]
+CVE-2026-46034 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5ea5880764cbb164afb17a62e76ca75dc371409d (7.1-rc1)
-CVE-2026-46030 [EDAC/versalnet: Fix device_node leak in mc_probe()]
+CVE-2026-46030 (In the Linux kernel, the following vulnerability has been resolved: E ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5c709b376460ff322580c41600e31c02f7cc0307 (7.1-rc1)
-CVE-2026-46029 [mm/slab: return NULL early from kmalloc_nolock() in NMI on UP]
+CVE-2026-46029 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5b31044e649e3e54c2caef135c09b371c2fbcd08 (7.1-rc2)
-CVE-2026-46025 [mm/damon/core: fix damon_call() vs kdamond_fn() exit race]
+CVE-2026-46025 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/55da81663b9642dd046b26dd6f1baddbcf337c1e (7.1-rc1)
-CVE-2026-46020 [mm/damon/core: validate damos_quota_goal->nid for node_mem_{used,free}_bp]
+CVE-2026-46020 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/40250b2dded0604a112be605f3828700d80ad7c2 (7.1-rc1)
-CVE-2026-46016 [remoteproc: xlnx: Only access buffer information if IPI is buffered]
+CVE-2026-46016 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/38dd6ccfdfbbe865569a52fe1ba9fa1478f672e6 (7.1-rc1)
-CVE-2026-46013 [mm/memfd_luo: fix physical address conversion in put_folios cleanup]
+CVE-2026-46013 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3538f90ab89aaf302782b4b073a0aae66904cd67 (7.1-rc1)
-CVE-2026-46011 [media: mtk-jpeg: fix use-after-free in release path due to uncancelled work]
+CVE-2026-46011 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/34c519feef3e4fcff1078dc8bdb25fbbbd10303f (7.1-rc1)
-CVE-2026-46010 [rxrpc: Fix error handling in rxgk_extract_token()]
+CVE-2026-46010 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3476c8bb960f48e49355d6f93fb7673211e0163f (7.1-rc1)
-CVE-2026-46007 [hwmon: (powerz) Avoid cacheline sharing for DMA buffer]
+CVE-2026-46007 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3023c050af3600bf451153335dea5e073c9a3088 (7.1-rc1)
-CVE-2026-46001 [hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()]
+CVE-2026-46001 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/24c73e93d6a756e1b8626bb259d2e07c5b89b370 (7.1-rc1)
-CVE-2026-45998 [rxrpc: Fix potential UAF after skb_unshare() failure]
+CVE-2026-45998 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1f2740150f904bfa60e4bad74d65add3ccb5e7f8 (7.1-rc1)
-CVE-2026-45995 [io_uring/zcrx: fix user_struct uaf]
+CVE-2026-45995 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0fcccfd87152f957fa8312b841f6efef42a05a20 (7.1-rc1)
-CVE-2026-45992 [ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path]
+CVE-2026-45992 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0a7b5221b5b51cc798fcfc3be00d02eade149d69 (7.1-rc2)
-CVE-2026-45990 [slub: fix data loss and overflow in krealloc()]
+CVE-2026-45990 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/082a6d03a2d685a83a332666b500ad3966349588 (7.1-rc1)
-CVE-2026-45989 [of: unittest: fix use-after-free in testdrv_probe()]
+CVE-2026-45989 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/07fd339b2c253205794bea5d9b4b7548a4546c56 (7.1-rc1)
-CVE-2026-46103 [can: ucan: fix devres lifetime]
+CVE-2026-46103 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/fed4626501c871890da287bec62a96e52da1af89 (7.1-rc1)
-CVE-2026-46102 [net: strparser: fix skb_head leak in strp_abort_strp()]
+CVE-2026-46102 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/fe72340daaf1af588be88056faf98965f39e6032 (7.1-rc1)
-CVE-2026-46101 [netfilter: reject zero shift in nft_bitwise]
+CVE-2026-46101 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/fe11e5c40817b84abaa5d83bfb6586d8412bfd07 (7.1-rc2)
-CVE-2026-46099 [net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels]
+CVE-2026-46099 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/f9c52a6ba9780bd27e0bf4c044fd91c13c778b6e (7.1-rc2)
-CVE-2026-46098 [net: caif: clear client service pointer on teardown]
+CVE-2026-46098 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/f7cf8ece8cee3c1ee361991470cdb1eb65ab02e8 (7.1-rc1)
-CVE-2026-46096 [tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()]
+CVE-2026-46096 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 7.0.4-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0f75a3d98b7959a8677b6363e23190f3018636b (7.1-rc1)
-CVE-2026-46093 [mm/vmalloc: take vmap_purge_lock in shrinker]
+CVE-2026-46093 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ec05f51f1e65bce95528543eb73fda56fd201d94 (7.1-rc1)
-CVE-2026-46092 [wifi: rtw88: check for PCI upstream bridge existence]
+CVE-2026-46092 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eb101d2abdcccb514ca4fccd3b278dd8267374f6 (7.1-rc1)
-CVE-2026-46091 [media: rc: igorplugusb: heed coherency rules]
+CVE-2026-46091 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/eac69475b01fe1e861dfe3960b57fa95671c132e (7.1-rc1)
-CVE-2026-46090 [ALSA: aloop: Fix peer runtime UAF during format-change stop]
+CVE-2026-46090 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/e5c33cdc6f402eab8abd36ecf436b22c9d3a8aff (7.1-rc2)
-CVE-2026-46088 [ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()]
+CVE-2026-46088 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/e0da8a8cac74f4b9f577979d131f0d2b88a84487 (7.1-rc1)
-CVE-2026-46086 [net: bridge: use a stable FDB dst snapshot in RCU readers]
+CVE-2026-46086 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/df4601653201de21b487c3e7fffd464790cab808 (7.1-rc1)
-CVE-2026-46083 [spi: fix resource leaks on device setup failure]
+CVE-2026-46083 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/db357034f7e0cf23f233f414a8508312dfe8fbbe (7.1-rc1)
-CVE-2026-46082 [KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0]
+CVE-2026-46082 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/d99df02ff427f461102230f9c5b90a6c64ee8e23 (7.1-rc1)
-CVE-2026-46080 [ocfs2: split transactions in dio completion to avoid credit exhaustion]
+CVE-2026-46080 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/d647c5b2fbf81560818dacade360abc8c00a9665 (7.1-rc1)
-CVE-2026-46079 [rbd: fix null-ptr-deref when device_add_disk() fails]
+CVE-2026-46079 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d1fef92e414433ca7b89abf85cb0df42b8d475eb (7.1-rc1)
-CVE-2026-46078 [erofs: fix the out-of-bounds nameoff handling for trailing dirents]
+CVE-2026-46078 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/d18a3b5d337fa412a38e776e6b4b857a58836575 (7.1-rc1)
-CVE-2026-46077 [crypto: atmel-tdes - fix DMA sync direction]
+CVE-2026-46077 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/c8a9a647532f5c2a04180352693215e24e9dba03 (7.1-rc1)
-CVE-2026-46076 [KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1]
+CVE-2026-46076 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c36991c6f8d2ab56ee67aff04e3c357f45cfc76c (7.1-rc1)
-CVE-2026-46075 [crypto: atmel-sha204a - Fix potential UAF and memory leak in remove path]
+CVE-2026-46075 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/bab1adf3b87e4bfac92c4f5963c63db434d561c1 (7.1-rc1)
-CVE-2026-46072 [ntfs3: add buffer boundary checks to run_unpack()]
+CVE-2026-46072 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b62567bca47408e6739dee75f02a2113548af875 (7.1-rc1)
-CVE-2026-46071 [KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12]
+CVE-2026-46071 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b53ab5167a81537777ac780bbd93d32613aa3bda (7.1-rc1)
-CVE-2026-46070 [md/raid5: validate payload size before accessing journal metadata]
+CVE-2026-46070 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/b0cc3ae97e893bf54bbce447f4e9fd2e0b88bff9 (7.1-rc1)
-CVE-2026-46069 [wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup()]
+CVE-2026-46069 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/ae5e95d4157481693be2317e3ffcd84e36010cbb (7.1-rc1)
-CVE-2026-46068 [crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx]
+CVE-2026-46068 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/adb3faf2db1a66d0f015b44ac909a32dfc7f2f9c (7.1-rc1)
-CVE-2026-46066 [ceph: fix num_ops off-by-one when crypto allocation fails]
+CVE-2026-46066 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a0d9555bf9eaeba34fe6b6bb86f442fe08ba3842 (7.1-rc1)
-CVE-2026-46065 [fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info]
+CVE-2026-46065 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/9ded47ad003f09a94b6a710b5c47f4aa5ceb7429 (7.1-rc1)
-CVE-2026-46064 [ibmasm: fix heap over-read in ibmasm_send_i2o_message()]
+CVE-2026-46064 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/9aad71144fa3682cca3837a06c8623016790e7ec (7.1-rc1)
-CVE-2026-46062 [ntfs3: fix integer overflow in run_unpack() volume boundary check]
+CVE-2026-46062 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/984a415f019536ea2d24de9010744e5302a9a948 (7.1-rc1)
-CVE-2026-46059 [KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN]
+CVE-2026-46059 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/8d397582f6b5e9fbcf09781c7c934b4910e94a50 (7.1-rc1)
-CVE-2026-46058 [media: amphion: Fix race between m2m job_abort and device_run]
+CVE-2026-46058 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8cd35ceadcfc8c5da2eb7f7ce24525ce9d4ee62e (7.1-rc1)
-CVE-2026-46056 [Bluetooth: hci_event: fix potential UAF in SSP passkey handlers]
+CVE-2026-46056 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/85fa3512048793076eef658f66489112dcc91993 (7.1-rc1)
-CVE-2026-46054 [selinux: fix overlayfs mmap() and mprotect() access checks]
+CVE-2026-46054 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/82544d36b1729153c8aeb179e84750f0c085d3b1 (7.1-rc1)
-CVE-2026-46053 [net: rds: fix MR cleanup on copy error]
+CVE-2026-46053 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/8141a2dc70080eda1aedc0389ed2db2b292af5bd (7.1-rc1)
-CVE-2026-46052 [ceph: only d_add() negative dentries when they are unhashed]
+CVE-2026-46052 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/803447f93d75ab6e40c85e6d12b5630d281d70d6 (7.1-rc1)
-CVE-2026-46051 [md/raid5: fix soft lockup in retry_aligned_read()]
+CVE-2026-46051 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/7f9f7c697474268d9ef9479df3ddfe7cdcfbbffc (7.1-rc1)
-CVE-2026-46050 [md/raid10: fix deadlock with check operation and nowait requests]
+CVE-2026-46050 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7d96f3120a7fb7210d21b520c5b6f495da6ba436 (7.1-rc1)
-CVE-2026-46049 [ALSA: ctxfi: Add fallback to default RSR for S/PDIF]
+CVE-2026-46049 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/7d61662197ecdc458e33e475b6ada7f6da61d364 (7.1-rc1)
-CVE-2026-46047 [net: qrtr: ns: Fix use-after-free in driver remove()]
+CVE-2026-46047 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/7809fea20c9404bfcfa6112ec08d1fe1d3520beb (7.1-rc1)
-CVE-2026-46046 [ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all()]
+CVE-2026-46046 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/77d059519382bd66283e6a4e83ee186e87e7708f (7.1-rc1)
-CVE-2026-46044 [ipmi:ssif: Clean up kthread on errors]
+CVE-2026-46044 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/75c486cb1bcaa1a3ec3a6438498176a3a4998ae4 (7.1-rc1)
-CVE-2026-46043 [RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv]
+CVE-2026-46043 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/7244491dab347f648e661da96dc0febadd9daec3 (7.1-rc1)
-CVE-2026-46040 [inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails]
+CVE-2026-46040 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/6a320935fa4293e9e599ec9f85dc9eb3be7029f8 (7.1-rc1)
-CVE-2026-46038 [net: qrtr: ns: Free the node during ctrl_cmd_bye()]
+CVE-2026-46038 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/68efba36446a7774ea5b971257ade049272a07ac (7.1-rc1)
-CVE-2026-46037 [ipv4: icmp: validate reply type before using icmp_pointers]
+CVE-2026-46037 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/67bf002a2d7387a6312138210d0bd06e3cf4879b (7.1-rc1)
-CVE-2026-46033 [crypto: authencesn - reject short ahash digests during instance creation]
+CVE-2026-46033 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/5db6ef9847717329f12c5ea8aba7e9f588a980c0 (7.1-rc2)
-CVE-2026-46032 [KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT]
+CVE-2026-46032 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/5d291ef0585ed880ed4dd71ea1a5965e0a65fb53 (7.1-rc1)
-CVE-2026-46031 [net: ks8851: Reinstate disabling of BHs around IRQ handler]
+CVE-2026-46031 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5c9fcac3c872224316714d0d8914d9af16c76a6d (7.1-rc1)
-CVE-2026-46028 [crypto: algif_aead - snapshot IV for async AEAD requests]
+CVE-2026-46028 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/5aa58c3a572b3e3b6c786953339f7978b845cc52 (7.1-rc1)
-CVE-2026-46027 [net/smc: avoid early lgr access in smc_clc_wait_msg]
+CVE-2026-46027 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/5a8db80f721deee8e916c2cfdee78decda02ce4f (7.1-rc1)
-CVE-2026-46026 [net: qrtr: ns: Limit the maximum number of lookups]
+CVE-2026-46026 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/5640227d9a21c6a8be249a10677b832e7f40dc55 (7.1-rc1)
-CVE-2026-46024 [libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()]
+CVE-2026-46024 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/5199c125d25aeae8615c4fc31652cc0fe624338e (7.1-rc1)
-CVE-2026-46023 [dm mirror: fix integer overflow in create_dirty_log()]
+CVE-2026-46023 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/4c788c6f921b22f9b6c3f316c4a071c05683e7de (7.1-rc1)
-CVE-2026-46022 [misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()]
+CVE-2026-46022 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/4b6e6ead556734bdc14024c5f837132b1e7a4b84 (7.1-rc1)
-CVE-2026-46021 [thermal: core: Fix thermal zone governor cleanup issues]
+CVE-2026-46021 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/41ff66baf81c6541f4f985dd7eac4494d03d9440 (7.1-rc1)
-CVE-2026-46019 [crypto: atmel-aes - Fix 3-page memory leak in atmel_aes_buff_cleanup]
+CVE-2026-46019 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/3fcfff4ed35f963380a68741bcd52742baff7f76 (7.1-rc1)
-CVE-2026-46018 [ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES]
+CVE-2026-46018 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/3c318f97dcc50b2e0556a1813bd6958678e881fd (7.1-rc1)
-CVE-2026-46017 [mm: fix deferred split queue races during migration]
+CVE-2026-46017 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/3bac01168982ec3e3bf87efdc1807c7933590a85 (7.1-rc1)
-CVE-2026-46015 [tcp: call sk_data_ready() after listener migration]
+CVE-2026-46015 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3864c6ba1e041bc75342353a70fa2a2c6f909923 (7.1-rc1)
-CVE-2026-46014 [KVM: SVM: Add missing save/restore handling of LBR MSRs]
+CVE-2026-46014 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
NOTE: https://git.kernel.org/linus/3700f0788da6acf73b2df56690f4b201aa4aefd2 (7.1-rc1)
-CVE-2026-46012 [rxrpc: Fix memory leaks in rxkad_verify_response()]
+CVE-2026-46012 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/34f61a07e0cdefaecd3ec03bb5fb22215643678f (7.1-rc1)
-CVE-2026-46009 [PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown]
+CVE-2026-46009 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3446beddba450c8d6f9aca2f028712ac527fead3 (7.1-rc1)
-CVE-2026-46008 [mm/damon/core: fix damos_walk() vs kdamond_fn() exit race]
+CVE-2026-46008 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 7.0.4-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/33c3f6c2b48cd84b441dba1ee3e62290e53930f4 (7.1-rc1)
-CVE-2026-46006 [drm/nouveau: fix u32 overflow in pushbuf reloc bounds check]
+CVE-2026-46006 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/2fc87d37be1b730a149b035f9375fdb8cc5333a5 (7.1-rc1)
-CVE-2026-46005 [xfs: fix a resource leak in xfs_alloc_buftarg()]
+CVE-2026-46005 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/29a7b2614357393b176ef06ba5bc3ff5afc8df69 (7.1-rc1)
-CVE-2026-46004 [ALSA: caiaq: Handle probe errors properly]
+CVE-2026-46004 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/28abd224db4a49560b452115bca3672a20e45b2f (7.1-rc1)
-CVE-2026-46003 [net: qrtr: ns: Limit the total number of nodes]
+CVE-2026-46003 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/27d5e84e810b0849d08b9aec68e48570461ce313 (7.1-rc1)
-CVE-2026-46002 [ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()]
+CVE-2026-46002 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/25947cc5b2374cd5bf627fe3141496444260d04f (7.1-rc1)
-CVE-2026-46000 [rxrpc: Fix conn-level packet handling to unshare RESPONSE packets]
+CVE-2026-46000 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/24481a7f573305706054c59e275371f8d0fe919f (7.1-rc1)
-CVE-2026-45999 [erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()]
+CVE-2026-45999 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/21e161de2dc660b1bb70ef5b156ab8e6e1cca3ab (7.1-rc1)
-CVE-2026-45997 [scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails]
+CVE-2026-45997 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/1e111c4b3a726df1254670a5cc4868cedb946d37 (7.1-rc1)
-CVE-2026-45996 [spi: imx: fix use-after-free on unbind]
+CVE-2026-45996 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1c78c2002380a1fe31bfb01a3d5f29809e55a096 (7.1-rc1)
-CVE-2026-45994 [ibmasm: fix OOB reads in command_file_write due to missing size checks]
+CVE-2026-45994 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/0eb09f737428e482a32a2e31e5e223f2b35a71d3 (7.1-rc1)
-CVE-2026-45993 [LoongArch: Add spectre boundry for syscall dispatch table]
+CVE-2026-45993 (In the Linux kernel, the following vulnerability has been resolved: L ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/0c965d2784fbbd7f8e3b96d875c9cfdf7c00da3d (7.1-rc1)
-CVE-2026-45991 [udf: fix partition descriptor append bookkeeping]
+CVE-2026-45991 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 7.0.4-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/08841b06fa64d8edbd1a21ca6e613420c90cc4b8 (7.1-rc1)
-CVE-2026-45988 [rxrpc: Fix re-decryption of RESPONSE packets]
+CVE-2026-45988 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/0422e7a4883f25101903f3e8105c0808aa5f4ce9 (7.1-rc1)
-CVE-2026-45987 [KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2]
+CVE-2026-45987 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/03bee264f8ebfd39e0254c98e112d033a7aa9055 (7.1-rc1)
-CVE-2026-45986 [crypto: ccree - fix a memory leak in cc_mac_digest()]
+CVE-2026-45986 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 7.0.4-1
[trixie] - linux 6.12.86-1
NOTE: https://git.kernel.org/linus/02c64052fad03699b9c6d1df2f9b444d17e4ac50 (7.1-rc1)
-CVE-2026-45982 [ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch()]
+CVE-2026-45982 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f851e03bce968ff9b3faad1b616062e1244fd38d (7.0-rc1)
-CVE-2026-45980 [accel/amdxdna: Stop job scheduling across aie2_release_resource()]
+CVE-2026-45980 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f1370241fe8045702bc9d0812b996791f0500f1b (7.0-rc1)
-CVE-2026-45979 [drm/amdgpu: clean up the amdgpu_cs_parser_bos]
+CVE-2026-45979 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f025a2b8d93358467b8e8f4b3a617e88c5f02fab (7.0-rc1)
-CVE-2026-45977 [fbnic: close fw_log race between users and teardown]
+CVE-2026-45977 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ee5492fd88cfc079c19fbeac78e9e53b7f6c04f3 (7.0-rc1)
-CVE-2026-45976 [drm/amdgpu: Fix memory leak in amdgpu_ras_init()]
+CVE-2026-45976 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ee41e5b63c8210525c936ee637a2c8d185ce873c (7.0-rc1)
-CVE-2026-45975 [ublk: use READ_ONCE() to read struct ublksrv_ctrl_cmd]
+CVE-2026-45975 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ed9f54cc1e335096733aed03c2a46de3d58922ed (7.0-rc1)
-CVE-2026-45972 [smb: client: fix potential UAF and double free in smb2_open_file()]
+CVE-2026-45972 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ebbbc4bfad4cb355d17c671223d0814ee3ef4eda (7.0-rc1)
-CVE-2026-45971 [bpf: Limit bpf program signature size]
+CVE-2026-45971 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ea1535e28bb3773fc0b3cbd1f3842b808016990c (7.0-rc1)
-CVE-2026-45969 [HID: playstation: Add missing check for input_ff_create_memless]
+CVE-2026-45969 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e6807641ac94e832988655a1c0e60ccc806b76dc (7.0-rc1)
-CVE-2026-45967 [bpf: Return proper address for non-zero offsets in insn array]
+CVE-2026-45967 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e3bd7bdf5ffe49d8381e42843f6e98cd0c78a1e8 (7.0-rc1)
-CVE-2026-45966 [apparmor: fix NULL pointer dereference in __unix_needs_revalidation]
+CVE-2026-45966 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e2938ad00b21340c0362562dfedd7cfec0554d67 (7.0-rc1)
-CVE-2026-45962 [ublk: Validate SQE128 flag before accessing the cmd]
+CVE-2026-45962 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/da7e4b75e50c087d2031a92f6646eb90f7045a67 (7.0-rc1)
-CVE-2026-45959 [crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree]
+CVE-2026-45959 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d5abcc33ee76bc26d58b39dc1a097e43a99dd438 (7.0-rc1)
-CVE-2026-45955 [md/md-llbitmap: fix percpu_ref not resurrected on suspend timeout]
+CVE-2026-45955 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d119bd2e1643cc023210ff3c6f0657e4f914e71d (7.0-rc1)
-CVE-2026-45953 [md/raid5: fix IO hang with degraded array with llbitmap]
+CVE-2026-45953 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cd1635d844d26471c56c0a432abdee12fc9ad735 (7.0-rc1)
-CVE-2026-45952 [eth: fbnic: Add validation for MTU changes]
+CVE-2026-45952 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ccd8e87748ad083047d6c8544c5809b7f96cc8df (7.0-rc1)
-CVE-2026-45951 [bpf: Fix a potential use-after-free of BTF object]
+CVE-2026-45951 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ccd2d799ed4467c07f5ee18c2f5c59bcc990822c (7.0-rc1)
-CVE-2026-45950 [crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req()]
+CVE-2026-45950 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ccb679fdae2e62ed92fd9acb25ed809c0226fcc6 (7.0-rc1)
-CVE-2026-45947 [drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc()]
+CVE-2026-45947 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c9be63d565789b56ca7b0197e2cb78a3671f95a8 (7.0-rc1)
-CVE-2026-45946 [power: supply: ab8500: Fix use-after-free in power_supply_changed()]
+CVE-2026-45946 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c4af8a98bb52825a5331ae1d0604c0ea6956ba4b (7.0-rc1)
-CVE-2026-45939 [gpib: Fix memory leak in ni_usb_init()]
+CVE-2026-45939 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b89921eed8cf2d97250bac4be38dbcfbf048b586 (7.0-rc1)
-CVE-2026-45938 [power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed()]
+CVE-2026-45938 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b7508129978ae1e2ed9b0410396abc05def9c4eb (7.0-rc1)
-CVE-2026-45937 [crypto: inside-secure/eip93 - fix kernel panic in driver detach]
+CVE-2026-45937 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b6e32ba6d32503440a3e3e16c8d0521cbb7e0c5d (7.0-rc1)
-CVE-2026-45935 [fs/ntfs3: Fix slab-out-of-bounds read in DeleteIndexEntryRoot]
+CVE-2026-45935 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b2bc7c44ed1779fc9eaab9a186db0f0d01439622 (7.0-rc1)
-CVE-2026-45933 [bpf: Preserve id of register in sync_linked_regs()]
+CVE-2026-45933 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/af9e89d8dd39530c8bd14c33ddf6b502df1071b6 (7.0-rc1)
-CVE-2026-45931 [accel/amdxdna: Hold mm structure across iommu_sva_unbind_device()]
+CVE-2026-45931 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9162439ad792afcddc04718408ec1380b7a5f63 (7.0-rc1)
-CVE-2026-45929 [ovpn: fix possible use-after-free in ovpn_net_xmit]
+CVE-2026-45929 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a5ec7baa44ea3a1d6aa0ca31c0ad82edf9affe41 (7.0-rc1)
-CVE-2026-45928 [media: chips-media: wave5: Fix memory leak on codec_info allocation failure]
+CVE-2026-45928 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a519e21e32398459ba357e67b541402f7295ee1b (7.0-rc1)
-CVE-2026-45927 [bpf: Require frozen map for calculating map hash]
+CVE-2026-45927 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a2c86aa621c22f2a7e26c654f936d65cfff0aa91 (7.0-rc1)
-CVE-2026-45926 [rust: pwm: Fix potential memory leak on init error]
+CVE-2026-45926 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a2633dc243c35754a0c2270131d8a199c987c9bf (7.0-rc1)
-CVE-2026-45925 [thermal/of: Fix reference leak in thermal_of_cm_lookup()]
+CVE-2026-45925 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a1fe789a96fe47733c133134fd264cb7ca832395 (7.0-rc1)
-CVE-2026-45924 [ksmbd: call ksmbd_vfs_kern_path_end_removing() on some error paths]
+CVE-2026-45924 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.19.6-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a09dc10d1353f0e92c21eae2a79af1c2b1ddcde8 (7.0-rc1)
-CVE-2026-45922 [RDMA/mlx5: Fix memory leak in GET_DATA_DIRECT_SYSFS_PATH handler]
+CVE-2026-45922 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9b9d253908478f504297ac283c514e5953ddafa6 (7.0-rc1)
-CVE-2026-45921 [mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse()]
+CVE-2026-45921 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/980ce2b02dd06a4fdf5fee38b2e14becf9cf7b8b (7.0-rc1)
-CVE-2026-45918 [ovpn: tcp - don't deref NULL sk_socket member after tcp_close()]
+CVE-2026-45918 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/94560267d6c41b1ff3fafbab726e3f8a55a6af34 (7.0-rc1)
-CVE-2026-45913 [net: bridge: mcast: always update mdb_n_entries for vlan contexts]
+CVE-2026-45913 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8b769e311a86bb9d15c5658ad283b86fc8f080a2 (7.0-rc1)
-CVE-2026-45911 [usb: cdns3: fix role switching during resume]
+CVE-2026-45911 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/87e4b043b98a1d269be0b812f383881abee0ca45 (7.0-rc1)
-CVE-2026-45910 [RDMA/rxe: Fix race condition in QP timer handlers]
+CVE-2026-45910 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/87bf646921430e303176edc4eb07c30160361b73 (7.0-rc1)
-CVE-2026-45909 [clk: mediatek: Drop __initconst from gates]
+CVE-2026-45909 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/871afb43e41ad4e8246438de495a939cd0f8113c (7.0-rc1)
-CVE-2026-45908 [accel/amdxdna: Fix memory leak in amdxdna_ubuf_map]
+CVE-2026-45908 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/84dd57fb0359500092f1101409ca32091731490d (7.0-rc1)
-CVE-2026-45907 [net/mlx5e: Fix deadlocks between devlink and netdev instance locks]
+CVE-2026-45907 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/83ac0304a2d77519dae1e54c9713cbe1aedf19c9 (7.0-rc1)
-CVE-2026-45906 [power: supply: pf1550: Fix use-after-free in power_supply_changed()]
+CVE-2026-45906 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/838767f5074700552d3f006d867caed65edc7328 (7.0-rc1)
-CVE-2026-45903 [bpf: Fix memory access flags in helper prototypes]
+CVE-2026-45903 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/802eef5afb1865bc5536a5302c068ba2215a1f72 (7.0-rc1)
-CVE-2026-45902 [power: supply: bq256xx: Fix use-after-free in power_supply_changed()]
+CVE-2026-45902 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8005843369723d9c8975b7c4202d1b85d6125302 (7.0-rc1)
-CVE-2026-45900 [crypto: caam - fix netdev memory leak in dpaa2_caam_probe]
+CVE-2026-45900 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7d43252b3060b0ba4a192dce5dba85a3f39ffe39 (7.0-rc1)
-CVE-2026-45898 [RDMA/iwcm: Fix workqueue list corruption by removing work_list]
+CVE-2026-45898 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7874eeacfa42177565c01d5198726671acf7adf2 (7.0-rc1)
-CVE-2026-45896 [mtd: intel-dg: Fix accessing regions before setting nregions]
+CVE-2026-45896 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/779c59274d03cc5c07237a2c845dfb71cff77705 (7.0-rc1)
-CVE-2026-45895 [quota: fix livelock between quotactl and freeze_super]
+CVE-2026-45895 (In the Linux kernel, the following vulnerability has been resolved: q ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/77449e453dfc006ad738dec55374c4cbc056fd39 (7.0-rc1)
-CVE-2026-45891 [net: hns3: fix double free issue for tx spare buffer]
+CVE-2026-45891 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6d2f142b1e4b203387a92519d9d2e34752a79dbb (7.0-rc1)
-CVE-2026-45889 [mptcp: do not account for OoO in mptcp_rcvbuf_grow()]
+CVE-2026-45889 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6b329393502e5857662b851a13f947209c588587 (7.0-rc1)
-CVE-2026-45888 [md/raid1: fix memory leak in raid1_run()]
+CVE-2026-45888 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6abc7d5dcf0ee0f85e16e41c87fbd06231f28753 (7.0-rc1)
-CVE-2026-45887 [af_unix: Fix memleak of newsk in unix_stream_connect().]
+CVE-2026-45887 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6884028cd7f275f8bcb854a347265cb1fb0e4bea (7.0-rc1)
-CVE-2026-45886 [bpf: Fix bpf_xdp_store_bytes proto for read-only arg]
+CVE-2026-45886 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6557f1565d779851c4db9c488c49c05a47a6e72f (7.0-rc1)
-CVE-2026-45884 [apparmor: avoid per-cpu hold underflow in aa_get_buffer]
+CVE-2026-45884 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/640cf2f09575c9dc344b3f7be2498d31e3923ead (7.0-rc1)
-CVE-2026-45882 [power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed()]
+CVE-2026-45882 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/62914959b35e9a1e29cc0f64cb8cfc5075a5366f (7.0-rc1)
-CVE-2026-45881 [soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()]
+CVE-2026-45881 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6259094ee806fb813ca95894c65fb80e2ec98bf1 (7.0-rc1)
-CVE-2026-45880 [PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails]
+CVE-2026-45880 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6220694c52a5a04102b48109e4f24e958b559bd3 (7.0-rc1)
-CVE-2026-45878 [drm/amdkfd: Fix watch_id bounds checking in debug address watch v2]
+CVE-2026-45878 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5a19302cab5cec7ae7f1a60c619951e6c17d8742 (7.0-rc1)
-CVE-2026-45876 [arm64/gcs: Fix error handling in arch_set_shadow_stack_status()]
+CVE-2026-45876 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/53c998527ffa60f9deda8974a11ad39790684159 (7.0-rc1)
-CVE-2026-45874 [phy: freescale: imx8qm-hsio: fix NULL pointer dereference]
+CVE-2026-45874 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4dd5d4c0361af0a3fd24f45c815996abf4429770 (7.0-rc1)
-CVE-2026-45872 [scsi: smartpqi: Fix memory leak in pqi_report_phys_luns()]
+CVE-2026-45872 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/41b37312bd9722af77ec7817ccf22d7a4880c289 (7.0-rc1)
-CVE-2026-45865 [mctp i2c: initialise event handler read bytes]
+CVE-2026-45865 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2a14e91b6d76639dac70ea170f4384c1ee3cb48d (7.0-rc1)
-CVE-2026-45864 [fs/ntfs3: prevent infinite loops caused by the next valid being the same]
+CVE-2026-45864 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/27b75ca4e51e3e4554dc85dbf1a0246c66106fd3 (7.0-rc1)
-CVE-2026-45863 [i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers()]
+CVE-2026-45863 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2537089413514caaa9a5fdeeac3a34d45100f747 (7.0-rc1)
-CVE-2026-45854 [crypto: inside-secure/eip93 - unregister only available algorithm]
+CVE-2026-45854 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0ceeadc7b53a041d89d5843f6bf0ccb7c98b0b4f (7.0-rc1)
-CVE-2026-45853 [drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges()]
+CVE-2026-45853 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0c44d61945c4a80775292d96460aa2f22e62f86c (7.0-rc1)
-CVE-2026-45851 [efi: Fix reservation of unaccepted memory table]
+CVE-2026-45851 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0862438c90487e79822d5647f854977d50381505 (7.0-rc1)
-CVE-2026-45849 [net: mscc: ocelot: add missing lock protection in ocelot_port_xmit_inj()]
+CVE-2026-45849 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/026f6513c5880c2c89e38ad66bbec2868f978605 (7.0-rc1)
-CVE-2026-45847 [net: remove WARN_ON_ONCE when accessing forward path array]
+CVE-2026-45847 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/008e7a7c293b30bc43e4368dac6ea3808b75a572 (7.0-rc1)
-CVE-2025-71312 [fs/ntfs3: fix ntfs_mount_options leak in ntfs_fill_super()]
+CVE-2025-71312 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f7edab0cee03a1cbe0e55a7bcab8d2d8b6b74278 (7.0-rc1)
-CVE-2025-71311 [fs/ntfs3: Initialize new folios before use]
+CVE-2025-71311 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f223ebffa185cc8da934333c5a31ff2d4f992dc9 (7.0-rc1)
-CVE-2025-71309 [fs/ntfs3: fix deadlock in ni_read_folio_cmpr]
+CVE-2025-71309 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e37a75bb866c29da954b51d0dd7670406246d9ee (7.0-rc1)
-CVE-2025-71307 [drm/panthor: Fix NULL pointer dereference on panthor_fw_unplug]
+CVE-2025-71307 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/920c6af98e98e6afedf6318a75bac95af8415c6c (7.0-rc1)
-CVE-2025-71303 [accel/amdxdna: Fix race condition when checking rpm_on]
+CVE-2025-71303 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/00ffe45ece80160aef446d74ded906352f21dd72 (7.0-rc1)
-CVE-2026-45985 [ext4: don't set EXT4_GET_BLOCKS_CONVERT when splitting before submitting I/O]
+CVE-2026-45985 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.19.6-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/feaf2a80e78f89ee8a3464126077ba8683b62791 (7.0-rc1)
-CVE-2026-45984 [gfs2: Fix use-after-free in iomap inline data write path]
+CVE-2026-45984 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/faddeb848305e79db89ee0479bb0e33380656321 (7.0-rc1)
-CVE-2026-45983 [nfsd: never defer requests during idmap lookup]
+CVE-2026-45983 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/f9c206cdc4266caad6a9a7f46341420a10f03ccb (7.0-rc1)
-CVE-2026-45981 [s390/cio: Fix device lifecycle handling in css_alloc_subchannel()]
+CVE-2026-45981 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/f65c75b0b9b5a390bc3beadcde0a6fbc3ad118f7 (7.0-rc1)
-CVE-2026-45978 [staging: greybus: lights: avoid NULL deref]
+CVE-2026-45978 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/efcffd9a6ad8d190651498d5eda53bfc7cf683a7 (7.0-rc1)
-CVE-2026-45974 [btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found]
+CVE-2026-45974 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/ecb7c2484cfc83a93658907580035a8adf1e0a92 (7.0-rc1)
-CVE-2026-45973 [RDMA/mlx5: Fix UMR hang in LAG error state unload]
+CVE-2026-45973 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ebc2164a4cd4314503f1a0c8e7aaf76d7e5fa211 (7.0-rc1)
-CVE-2026-45970 [bonding: alb: fix UAF in rlb_arp_recv during bond up/down]
+CVE-2026-45970 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/e6834a4c474697df23ab9948fd3577b26bf48656 (7.0-rc1)
-CVE-2026-45968 [cpuidle: Skip governor when only one idle state is available]
+CVE-2026-45968 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/e5c9ffc6ae1bcdb1062527d611043681ac301aca (7.0-rc1)
-CVE-2026-45965 [apparmor: fix invalid deref of rawdata when export_binary is unset]
+CVE-2026-45965 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/df9ac55abd18628bd8cff687ea043660532a3654 (7.0-rc1)
-CVE-2026-45964 [SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path]
+CVE-2026-45964 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/dd2fdc3504592d85e549c523b054898a036a6afe (7.0-rc1)
-CVE-2026-45963 [ASoC: nau8821: Cancel delayed work on component remove]
+CVE-2026-45963 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.19.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dbd3fd05cddfdeec1e49b0a66269881c09eebd17 (7.0-rc1)
-CVE-2026-45961 [gfs2: fix memory leaks in gfs2_fill_super error path]
+CVE-2026-45961 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.19.6-1
NOTE: https://git.kernel.org/linus/da6f5bbc2e7902f578b503f2a4c3d8d09ca4b102 (7.0-rc1)
-CVE-2026-45960 [hfsplus: return error when node already exists in hfs_bnode_create]
+CVE-2026-45960 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/d8a73cc46c8462a969a7516131feb3096f4c49d3 (7.0-rc1)
-CVE-2026-45958 [drm/exynos: vidi: fix to avoid directly dereferencing user pointer]
+CVE-2026-45958 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/d4c98c077c7fb2dfdece7d605e694b5ea2665085 (7.0-rc1)
-CVE-2026-45957 [rcu: Fix rcu_read_unlock() deadloop due to softirq]
+CVE-2026-45957 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/d41e37f26b3157b3f1d10223863519a943aa239b (7.0-rc1)
-CVE-2026-45956 [drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()]
+CVE-2026-45956 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.18.14-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/d3968a0d85b211e197f2f4f06268a7031079e0d0 (7.0-rc1)
-CVE-2026-45954 [fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe()]
+CVE-2026-45954 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/ce4e25198a6aaaaf36248edf8daf3d744ec8e309 (7.0-rc1)
-CVE-2026-45949 [hwrng: core - use RCU and work_struct to fix race condition]
+CVE-2026-45949 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/cc2f39d6ac48e6e3cb2d6240bc0d6df839dd0828 (7.0-rc1)
-CVE-2026-45948 [ext4: fix memory leak in ext4_ext_shift_extents()]
+CVE-2026-45948 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/ca81109d4a8f192dc1cbad4a1ee25246363c2833 (7.0-rc1)
-CVE-2026-45945 [iommu/vt-d: Fix race condition during PASID entry replacement]
+CVE-2026-45945 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c3b1edea3791fa91ab7032faa90355913ad9451b (7.0-rc1)
-CVE-2026-45944 [iommu/vt-d: Clear Present bit before tearing down context entry]
+CVE-2026-45944 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
NOTE: https://git.kernel.org/linus/c1e4f1dccbe9d7656d1c6872ebeadb5992d0aaa2 (7.0-rc1)
-CVE-2026-45943 [erofs: fix inline data read failure for ztailpacking pclusters]
+CVE-2026-45943 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c134a40f86efb8d6b5a949ef70e06d5752209be5 (7.0-rc1)
-CVE-2026-45942 [ext4: fix e4b bitmap inconsistency reports]
+CVE-2026-45942 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/bdc56a9c46b2a99c12313122b9352b619a2e719e (7.0-rc1)
-CVE-2026-45941 [tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure]
+CVE-2026-45941 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/bbd6e97c836cbeb9606d7b7e5dcf8a1d89525713 (7.0-rc1)
-CVE-2026-45940 [net: stmmac: fix oops when split header is enabled]
+CVE-2026-45940 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
NOTE: https://git.kernel.org/linus/babab1b42ed68877ef669a08384becf281ad2582 (7.0-rc1)
-CVE-2026-45936 [power: supply: goldfish: Fix use-after-free in power_supply_changed()]
+CVE-2026-45936 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/b2ce982e2e0c888dc55c888ad0e20ea04daf2e6b (7.0-rc1)
-CVE-2026-45934 [btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation]
+CVE-2026-45934 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
NOTE: https://git.kernel.org/linus/b14c5e04bd0f722ed631845599d52d03fcae1bc1 (7.0-rc1)
-CVE-2026-45932 [bpf: Fix tcx/netkit detach permissions when prog fd isn't given]
+CVE-2026-45932 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.18.14-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ae23bc81ddf7c17b663c4ed1b21e35527b0a7131 (7.0-rc1)
-CVE-2026-45930 [net: mctp: ensure our nlmsg responses are initialised]
+CVE-2026-45930 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a6a9bc544b675d8b5180f2718ec985ad267b5cbf (7.0-rc1)
-CVE-2026-45923 [net: usb: catc: enable basic endpoint checking]
+CVE-2026-45923 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/9e7021d2aeae57c323a6f722ed7915686cdcc123 (7.0-rc1)
-CVE-2026-45920 [ext4: fix dirtyclusters double decrement on fs shutdown]
+CVE-2026-45920 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/94a8cea54cd935c54fa2fba70354757c0fc245e3 (7.0-rc1)
-CVE-2026-45919 [sched/rt: Skip currently executing CPU in rto_next_cpu()]
+CVE-2026-45919 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/94894c9c477e53bcea052e075c53f89df3d2a33e (7.0-rc1)
-CVE-2026-45917 [ipvs: do not keep dest_dst if dev is going down]
+CVE-2026-45917 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/8fde939b0206afc1d5846217a01a16b9bc8c7896 (7.0-rc1)
-CVE-2026-45916 [power: supply: sbs-battery: Fix use-after-free in power_supply_changed()]
+CVE-2026-45916 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/8d59cf3887fbabacef53bfba473e33e8a8d9d07b (7.0-rc1)
-CVE-2026-45915 [fat: avoid parent link count underflow in rmdir]
+CVE-2026-45915 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/8cafcb881364af5ef3a8b9fed4db254054033d8a (7.0-rc1)
-CVE-2026-45914 [Revert "hwmon: (ibmpex) fix use-after-free in high/low store"]
+CVE-2026-45914 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/8bde3e395a85017f12af2b0ba5c3684f5af9c006 (7.0-rc1)
-CVE-2026-45912 [ext4: don't cache extent during splitting extent]
+CVE-2026-45912 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/8b4b19a2f96348d70bfa306ef7d4a13b0bcbea79 (7.0-rc1)
-CVE-2026-45905 [xfrm: fix ip_rt_bug race in icmp_route_lookup reverse path]
+CVE-2026-45905 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/81b84de32bb27ae1ae2eb9acf0420e9d0d14bf00 (7.0-rc1)
-CVE-2026-45904 [powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling]
+CVE-2026-45904 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/815a8d2feb5615ae7f0b5befd206af0b0160614c (7.0-rc1)
-CVE-2026-45901 [netfilter: nf_tables: revert commit_mutex usage in reset path]
+CVE-2026-45901 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7f261bb906bf527c4a6e2a646e2d5f3679f2a8bc (7.0-rc1)
-CVE-2026-45899 [ext4: drop extent cache when splitting extent fails]
+CVE-2026-45899 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/79b592e8f1b435796cbc2722190368e3e8ffd7a1 (7.0-rc1)
-CVE-2026-45897 [netfilter: nft_counter: serialize reset with spinlock]
+CVE-2026-45897 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.19.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/779c60a5190c42689534172f4b49e927c9959e4e (7.0-rc1)
-CVE-2026-45894 [iommu/vt-d: Clear Present bit before tearing down PASID entry]
+CVE-2026-45894 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/75ed00055c059dedc47b5daaaa2f8a7a019138ff (7.0-rc1)
-CVE-2026-45893 [apparmor: Fix & Optimize table creation from possibly unaligned memory]
+CVE-2026-45893 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/6fc367bfd4c8886e6b1742aabbd1c0bdc310db3a (7.0-rc1)
-CVE-2026-45892 [ext4: drop extent cache after doing PARTIAL_VALID1 zeroout]
+CVE-2026-45892 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/6d882ea3b0931b43530d44149b79fcd4ffc13030 (7.0-rc1)
-CVE-2026-45890 [xen-netback: reject zero-queue configuration from guest]
+CVE-2026-45890 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/6d1dc8014334c7fb25719999bca84d811e60a559 (7.0-rc1)
-CVE-2026-45885 [power: supply: cpcap-battery: Fix use-after-free in power_supply_changed()]
+CVE-2026-45885 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/642f33e34b969eedec334738fd5df95d2dc42742 (7.0-rc1)
-CVE-2026-45883 [iio: sca3000: Fix a resource leak in sca3000_probe()]
+CVE-2026-45883 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/62b44ebc1f2c71db3ca2d4737c52e433f6f03038 (7.0-rc1)
-CVE-2026-45879 [power: supply: bq25980: Fix use-after-free in power_supply_changed()]
+CVE-2026-45879 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/5f0b1cb41906e86b64bf69f5ededb83b0d757c27 (7.0-rc1)
-CVE-2026-45877 [HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients]
+CVE-2026-45877 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/56f7db581ee73af53cd512e00a6261a025bf1d58 (7.0-rc1)
-CVE-2026-45875 [mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure]
+CVE-2026-45875 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/4feb753ba6e5e5bbaba868b841a2db41c21e56fa (7.0-rc1)
-CVE-2026-45873 [netfilter: nft_set_rbtree: check for partial overlaps in anonymous sets]
+CVE-2026-45873 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/4780ec142cbb24b794129d3080eee5cac2943ffc (7.0-rc1)
-CVE-2026-45871 [tpm: st33zp24: Fix missing cleanup on get_burstcount() error]
+CVE-2026-45871 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/3e91b44c93ad2871f89fc2a98c5e4fe6ca5db3d9 (7.0-rc1)
-CVE-2026-45870 [SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths]
+CVE-2026-45870 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/3e6397b056335cc56ef0e9da36c95946a19f5118 (7.0-rc1)
-CVE-2026-45869 [power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed()]
+CVE-2026-45869 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/39fe0eac6d755ef215026518985fcf8de9360e9e (7.0-rc1)
-CVE-2026-45868 [pinctrl: single: fix refcount leak in pcs_add_gpio_func()]
+CVE-2026-45868 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/353353309b0f7afa407df29e455f9d15b5acc296 (7.0-rc1)
-CVE-2026-45867 [power: supply: act8945a: Fix use-after-free in power_supply_changed()]
+CVE-2026-45867 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/3291c51d4684d048dd2eb91b5b65fcfdaf72141f (7.0-rc1)
-CVE-2026-45866 [serial: caif: fix use-after-free in caif_serial ldisc_close()]
+CVE-2026-45866 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/308e7e4d0a846359685f40aade023aee7b27284c (7.0-rc1)
-CVE-2026-45862 [iommu/vt-d: Flush cache for PASID table before using it]
+CVE-2026-45862 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/22d169bdd2849fe6bd18c2643742e1c02be6451c (7.0-rc1)
-CVE-2026-45861 [gfs2: Fix slab-use-after-free in qd_put]
+CVE-2026-45861 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/22150a7d401d9e9169b9b68e05bed95f7f49bf69 (7.0-rc1)
-CVE-2026-45860 [netfilter: nf_conncount: increase the connection clean up limit to 64]
+CVE-2026-45860 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/21d033e472735ecec677f1ae46d6740b5e47a4f3 (7.0-rc1)
-CVE-2026-45859 [netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation]
+CVE-2026-45859 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/207b3ebacb6113acaaec0d171d5307032c690004 (7.0-rc1)
-CVE-2026-45858 [ext4: don't zero the entire extent if EXT4_EXT_DATA_PARTIAL_VALID1]
+CVE-2026-45858 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/1bf6974822d1dba86cf11b5f05498581cf3488a2 (7.0-rc1)
-CVE-2026-45857 [scsi: csiostor: Fix dereference of null pointer rn]
+CVE-2026-45857 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/1982257570b84dc33753d536dd969fd357a014e9 (7.0-rc1)
-CVE-2026-45856 [RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send]
+CVE-2026-45856 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/1956f0a74ccf5dc9c3ef717f2985c3ed3400aab0 (7.0-rc1)
-CVE-2026-45855 [ata: libata-scsi: avoid Non-NCQ command starvation]
+CVE-2026-45855 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
NOTE: https://git.kernel.org/linus/0ea84089dbf62a92dc7889c79e6b18fc89260808 (7.0-rc1)
-CVE-2026-45852 [RDMA/rxe: Fix double free in rxe_srq_from_init]
+CVE-2026-45852 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/0beefd0e15d962f497aad750b2d5e9c3570b66d1 (7.0-rc1)
-CVE-2026-45850 [ipvs: skip ipv6 extension headers for csum checks]
+CVE-2026-45850 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.6-1
NOTE: https://git.kernel.org/linus/05cfe9863ef049d98141dc2969eefde72fb07625 (7.0-rc1)
-CVE-2026-45848 [apparmor: fix NULL sock in aa_sock_file_perm]
+CVE-2026-45848 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/00b67657535dfea56e84d11492f5c0f61d0af297 (7.0-rc1)
-CVE-2025-71308 [accel/amdxdna: Fix potential NULL pointer dereference in context cleanup]
+CVE-2025-71308 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.19.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/97f27573837ef96b4ba42af463cc800cab615c0e (7.0-rc1)
-CVE-2025-71306 [ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec()]
+CVE-2025-71306 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.19.6-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/377cae9851e8559e9d8b82a78c1ac0abeb18839c (7.0-rc1)
-CVE-2025-71305 [drm/display/dp_mst: Add protection against 0 vcpi]
+CVE-2025-71305 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.19.6-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/342ccffd9f77fc29fe1c05fd145e4d842bd2feaa (7.0-rc1)
-CVE-2025-71304 [smack: /smack/doi: accept previously used values]
+CVE-2025-71304 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.18.14-1
[trixie] - linux 6.12.85-1
[bookworm] - linux 6.1.170-1
NOTE: https://git.kernel.org/linus/33d589ed60ae433b483761987b85e0d24e54584e (7.0-rc1)
-CVE-2026-45837 [bpf: Fix use-after-free in arena_vm_close on fork]
+CVE-2026-45837 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4fddde2a732de60bb97e3307d4eb69ac5f1d2b74 (7.1-rc1)
-CVE-2026-45846 [bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()]
+CVE-2026-45846 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/aa6c6d9ee064aabfede4402fd1283424e649ca19 (7.1-rc2)
-CVE-2026-45845 [net/sched: taprio: fix NULL pointer dereference in class dump]
+CVE-2026-45845 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3d07ca5c0fae311226f737963984bd94bb159a87 (7.1-rc2)
-CVE-2026-45844 [netfilter: arp_tables: fix IEEE1394 ARP payload parsing]
+CVE-2026-45844 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/1e8e3f449b1e73b73a843257635b9c50f0cc0f0a (7.1-rc2)
-CVE-2026-45843 [slip: bound decode() reads against the compressed packet length]
+CVE-2026-45843 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/4c1367a2d7aad643a6f87c6931b13cc1a25e8ca7 (7.1-rc1)
-CVE-2026-45842 [slip: reject VJ receive packets on instances with no rstate array]
+CVE-2026-45842 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/e76607442d5b73e1ba6768f501ef815bb58c2c0e (7.1-rc1)
-CVE-2026-45841 [netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO]
+CVE-2026-45841 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/2195574dc6d9017d32ac346987e12659f931d932 (7.1-rc1)
-CVE-2026-45840 [openvswitch: cap upcall PID array size and pre-size vport replies]
+CVE-2026-45840 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/2091c6aa0df6aba47deb5c8ab232b1cb60af3519 (7.1-rc1)
-CVE-2026-45839 [bpf: reject negative CO-RE accessor indices in bpf_core_parse_spec()]
+CVE-2026-45839 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/1c22483a2c4bbf747787f328392ca3e68619c4dc (7.1-rc1)
-CVE-2026-45838 [bpf: fix end-of-list detection in cgroup_storage_get_next_key()]
+CVE-2026-45838 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/5828b9e5b272ecff7cf5d345128d3de7324117f7 (7.1-rc1)
CVE-2026-9642 (There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Un ...)
@@ -1796,7 +2408,7 @@ CVE-2026-9541 (A security flaw has been discovered in Squirrel up to 3.2. Impact
NOTE: https://github.com/albertodemichelis/squirrel/issues/327
CVE-2026-9540 (A vulnerability was identified in vllm-project vllm 0.19.0. This issue ...)
- vllm <itp> (bug #1095237)
-CVE-2026-9170 (IBM Web Server Plug-ins for WebSphere Application Server and WebSphere ...)
+CVE-2026-9170 (IBM HTTP Server 8.5, and 9.0)
NOT-FOR-US: IBM
CVE-2026-8890 (code100x contains an authentication bypass vulnerability in the Mobile ...)
NOT-FOR-US: code100x
@@ -2066,7 +2678,7 @@ CVE-2026-40033 (FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerabil
TODO: check
CVE-2026-3660 (IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could all ...)
NOT-FOR-US: IBM
-CVE-2026-3603 (IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 is vulner ...)
+CVE-2026-3603 (IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Int ...)
NOT-FOR-US: IBM
CVE-2026-39661 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
@@ -2168,17 +2780,17 @@ CVE-2026-45834 (In the Linux kernel, the following vulnerability has been resolv
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE: https://git.kernel.org/linus/2ff1a41a912de8517b4482e946dd951b7d80edbf (7.1-rc3)
-CVE-2026-1933 [Missing access check on reparse point operations]
+CVE-2026-1933 (A flaw was found in Samba\u2019s handling of NTFS-style reparse points ...)
- samba 2:4.24.3+dfsg-1
[trixie] - samba 2:4.22.8+dfsg-0+deb13u2
[bookworm] - samba <not-affected> (Vulnerable code introduced later)
[bullseye] - samba <not-affected> (Vulnerable code introduced later)
NOTE: https://www.samba.org/samba/security/CVE-2026-1933.html
-CVE-2026-2340 [vfs_worm does not block directory modification]
+CVE-2026-2340 (A flaw was found in Samba\u2019s vfs_worm module. The module is intend ...)
{DSA-6297-1}
- samba 2:4.24.3+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2026-2340.html
-CVE-2026-3012 [group policy certificate enrollment uses http:// without validation]
+CVE-2026-3012 (A flaw was found in Samba\u2019s certificate auto-enrollment Group Pol ...)
{DSA-6297-1}
- samba 2:4.24.3+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2026-3012.html
@@ -8225,7 +8837,7 @@ CVE-2025-11159 (Hitachi Vantara Pentaho Data Integration & Analytics of all vers
NOT-FOR-US: Hitachi Vantana
CVE-2024-36315 (Improper enforcement of the LFENCE serialization property may allow an ...)
NOT-FOR-US: AMD
-CVE-2026-44378
+CVE-2026-44378 (Botan is a C++ cryptography library. Prior to 3.12.0, certain patterns ...)
[experimental] - botan3 3.12.0+dfsg-1
- botan3 3.12.0+dfsg-2
NOTE: https://github.com/randombit/botan/security/advisories/GHSA-7q2v-3g27-6g3j
@@ -12770,7 +13382,7 @@ CVE-2026-3291 (Samsung Print Service Plugin for Android is potentially vulnerabl
NOT-FOR-US: HP
CVE-2026-33441
REJECTED
-CVE-2026-44353
+CVE-2026-44353 (Streamlink is a CLI utility which pipes video streams from various ser ...)
- streamlink 8.4.0-1
[trixie] - streamlink <no-dsa> (Minor issue)
[bookworm] - streamlink <no-dsa> (Minor issue)
@@ -154859,11 +155471,11 @@ CVE-2025-4530 (A vulnerability was found in feng_ha_ha/megagao ssm-erp and produ
NOT-FOR-US: feng_ha_ha/megagao ssm-erp production_ssm
CVE-2025-4529 (A vulnerability was found in Seeyon Zhiyuan OA Web Application System ...)
NOT-FOR-US: Seeyon Zhiyuan OA Web Application System
-CVE-2025-4528 (A vulnerability was found in D\xedgitro NGC Explorer up to 3.44.15 and ...)
+CVE-2025-4528 (A weakness has been identified in D\xedgitro NGC Explorer up to 3.44.1 ...)
NOT-FOR-US: Digitro NGC Explorer
-CVE-2025-4527 (A vulnerability has been found in D\xedgitro NGC Explorer 3.44.15 and ...)
+CVE-2025-4527 (A security flaw has been discovered in D\xedgitro NGC Explorer up to 3 ...)
NOT-FOR-US: Digitro NGC Explorer
-CVE-2025-4526 (A vulnerability, which was classified as problematic, was found in D\x ...)
+CVE-2025-4526 (A vulnerability was identified in D\xedgitro NGC Explorer up to 3.44.1 ...)
NOT-FOR-US: Digitro NGC Explorer
CVE-2025-4525 (A vulnerability, which was classified as critical, has been found in D ...)
NOT-FOR-US: Discord
@@ -185370,9 +185982,9 @@ CVE-2025-26572 (Cross-Site Request Forgery (CSRF) vulnerability in jesseheap WP
NOT-FOR-US: WordPress plugin
CVE-2025-26571 (Cross-Site Request Forgery (CSRF) vulnerability in wibiya Wibiya Toolb ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-26570 (Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That gl ...)
+CVE-2025-26570 (Cross-Site Request Forgery (CSRF) vulnerability in uamv Glance That al ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-26569 (Cross-Site Request Forgery (CSRF) vulnerability in callmeforsox Post T ...)
+CVE-2025-26569 (Cross-Site Request Forgery (CSRF) vulnerability in Callmeforsox Post T ...)
NOT-FOR-US: WordPress plugin
CVE-2025-26568 (Cross-Site Request Forgery (CSRF) vulnerability in jensmueller Easy Am ...)
NOT-FOR-US: WordPress plugin
@@ -387732,8 +388344,8 @@ CVE-2022-41661 (A vulnerability has been identified in JT2Go (All versions < V1
NOT-FOR-US: Siemens
CVE-2022-41660 (A vulnerability has been identified in JT2Go (All versions < V14.1.0. ...)
NOT-FOR-US: Siemens
-CVE-2022-41656
- RESERVED
+CVE-2022-41656 (Missing Authorization vulnerability in Bizswoop Account Manager for Wo ...)
+ TODO: check
CVE-2022-41655 (Auth. (subscriber+) Sensitive Data Exposure vulnerability in Phone Ord ...)
NOT-FOR-US: WordPress plugin
CVE-2022-41650 (Missing Authorization vulnerability in Paul Custom Content by Country ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1e387faa96f3c9c237b0237ea0c2bcc44488743
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1e387faa96f3c9c237b0237ea0c2bcc44488743
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260527/375cd627/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list