CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.13)

CVE-2026-46192
Medium

A vulnerability in the Linux kernel related to the SPI interface in microchips has been resolved, which occurred during emulated read-only dual/quad operations. The issue involved unnecessary data transmission that could lead to transfer failure.

CVE-2026-46188
Medium

A vulnerability has been identified in the Linux kernel due to a lack of NULL checks after calling the napi_build_skb() function. In case of allocation failure, the result can lead to a NULL pointer dereference.

CVE-2026-46187
Medium

A vulnerability has been identified in the Linux kernel related to a race condition in thread management. The issue occurs when kthread_complete_and_exit() is called before kthread_stop(), leading to the use of a kthread object after it has been freed.

CVE-2026-46186
Medium

A vulnerability has been identified in the Linux kernel's Bluetooth packet handling that allows invalid data to be passed to the hci_recv_frame() function. This issue arises when the packet length is not properly verified before further processing, potentially leading to the reading of uninitialized data from the buffer.

CVE-2026-46184
Medium

A vulnerability in the Linux kernel related to division by zero in USB handling functions has been fixed. A missing sanity check for bNrChannels in detect_usb_format() could lead to a kernel crash.

CVE-2026-46182
Medium

A vulnerability in the Linux kernel was identified that allowed uninitialized stack memory bytes to leak to userspace. The issue was related to the papr_hvpipe_hdr structure, where not all fields were initialized, potentially leading to data exposure.

CVE-2026-46179
Medium

A vulnerability has been identified in the Linux kernel that allows pointer operations on unconfigured streams. The issue arises from dividing the I/O frame position by values that default to 0, potentially leading to a divide by zero error.

CVE-2026-46172
Medium

A vulnerability has been identified in the Linux kernel in the xfrm6_rcv_encap() function, which improperly manages references to dst entries in case of errors during IPv6 route lookups. As a result, repeated packets can lead to dst entry leaks.

CVE-2026-46171
Medium

A vulnerability has been identified in the Linux kernel related to a memory leak in the KVM vector context for RISC-V architecture. If the second memory allocation fails, the first allocation is not freed, leading to a leak.

CVE-2026-46170
Medium

A vulnerability has been identified in the Linux kernel within the mptcp module that occurs during the retransmission of ADD_ADDR. The issue involves improper timer management, which can lead to resource blocking.

CVE-2026-46169
Medium

A vulnerability has been identified in the Linux kernel's hfsplus module, related to the lack of validation of catalog record size, leading to the reading of uninitialized data. This issue may occur when mounting a corrupted filesystem, resulting in partial data reads.

CVE-2026-46168
Medium

A vulnerability has been identified in the Linux kernel related to the use of lock_sock_fast() in atomic context when setting timestamps. This change can lead to system panic due to scheduling while atomic.

CVE-2026-46167
Medium

A vulnerability has been identified in the Linux kernel within the usblp driver, leading to an uninitialized heap leak via the LPGETSTATUS ioctl. The issue arises because the device's response may contain invalid data, resulting in the transmission of stale, unsafe data to the user.

CVE-2026-46165
Medium

A vulnerability has been identified in the Linux kernel that leads to self-deadlock when removing tunnel ports in openvswitch. The issue arises from improper management of RCU and RTNL contexts during device removal.

CVE-2026-46161
Medium

A vulnerability has been identified in the Linux kernel that leads to a divide-by-zero error in the setup_geo() function when the far_copies parameter is zero. This issue has been resolved by implementing validation of nc and fc values after extraction.

CVE-2026-46160
Medium

A vulnerability has been identified in the Linux kernel related to the missing last_unlink_trans update when removing a directory. This can lead to incorrect fsync behavior when the directory is removed and then synced by an open file descriptor.

CVE-2026-46159
Medium

A vulnerability has been identified in the Linux kernel within the btrfs_ioctl_space_info() function, which can lead to information leakage. The issue involves a TOCTOU race condition between two passes over the block group RAID type lists, resulting in the copying of uninitialized bytes to user space.

CVE-2026-46158
Medium

A vulnerability has been identified in the Linux kernel related to the retransmission of ADD_ADDR in the MPTCP protocol, where the socket reference (sk) was not properly released. This issue has been resolved by ensuring that the reference is always decreased at the end of the operation.

CVE-2026-46156
Medium

A vulnerability has been identified in the Linux kernel within the loongson_gpu_fixup_dma_hang() function, which may lead to improper memory access. The issue occurs when a platform installs a discrete GPU, resulting in access to a random memory address.

CVE-2026-46153
Medium

A vulnerability has been identified in the Linux kernel related to the management of egress QoS priority mappings in the 8021q protocol. The issue is that cleared priority mappings are kept as 'tombstones', leading to memory leaks during set/clear cycles.

PreviousPage 235 of 586Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS