CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-42005
Medium

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default.

CVE-2026-54226
Medium

A vulnerability in Apache Kvrocks affects versions from 2.6.0 through 2.15.0, and users are recommended to upgrade to version 2.16.0 to fix the issue.

CVE-2026-53274
Medium

A logic flaw in the Linux kernel's __smc_setsockopt() function allows a local unprivileged user to cause a Denial of Service (DoS) by holding the socket lock indefinitely. The issue occurs because copy_from_sockptr() is called while holding lock_sock, which can be exploited via userfaultfd-monitored memory to block execution and exhaust kernel worker threads.

CVE-2026-53271
Medium

In the Linux kernel, a NULL pointer dereference vulnerability was found in the ksmbd module. The smb2_oplock_break_noti() and smb2_lease_break_noti() functions read opinfo->conn without proper protection, which can be exploited by a remote attacker to trigger a kernel oops via an SMB2 LOGOFF request.

CVE-2026-53269
Medium

A race condition was found in the Linux kernel's synproxy mechanism when registering netfilter hooks concurrently from iptables or nftables. Lack of synchronization may lead to incorrect reference counting and potential system instability.

CVE-2026-53263
Medium

In the Linux kernel, an off-by-one vulnerability in the 6LoWPAN multicast address compression function corrupts the RIID field and leaks uninitialized kernel stack memory over the network.

CVE-2026-53249
Medium

In the Linux kernel, the ability to set IP LSRR and SSRR options has been restricted to users with CAP_NET_RAW capability. This prevents unprivileged applications from forcing packet routing through attacker-controlled nodes to leak TCP ISN and other protocol information.

CVE-2026-53245
Medium

In the Linux kernel MRP subsystem, a vulnerability was found in the mrp_pdu_parse_vecattr() function. Parsing errors in vector attributes can lead to incorrect packet processing, including spurious events, skipped FirstValue fields, and incorrect attribute value increments.

CVE-2026-53243
Medium

A vulnerability in the Linux kernel uses an uninitialized stack variable in rseq_exit_user_update(). The compiler (Clang) may evaluate cpu_to_node(ids.cpu_id) before ids.cpu_id is assigned, causing a kernel information leak.

CVE-2026-53241
Medium

In the Linux kernel, a vulnerability in the ALSA seq: dummy driver causes a stack overread when handling UMP events. The dummy sequencer copies events into a legacy-sized stack temporary that is smaller than struct snd_seq_ump_event, leading to out-of-bounds read.

CVE-2026-53231
Medium

In the Linux kernel, a vulnerability was found where it attempts to set up PHY-driven SFP cages when using the generic genphy driver. This leads to a deadlock on the RTNL lock because for genphy, PHY probing runs under RTNL, unlike other drivers.

CVE-2026-53227
Medium

In the Linux kernel, the Open vSwitch module has a vulnerability where kfree_skb can be called on an ERR_PTR pointer. This occurs when the reply buffer allocation happens after locking the mutex, and on failure the pointer is not cleared, leading to an attempt to free an invalid pointer.

CVE-2026-53226
Medium

In the Linux kernel GPIO driver for Rockchip, a memory leak of generic IRQ chips occurs on driver removal. The chips are not freed, potentially leading to use-after-free and kernel crash.

CVE-2026-53222
Medium

In the Linux kernel, the ptp_ocp driver has a vulnerability due to incorrect resource freeing order. Pin resources are freed before ptp_clock_unregister() is called, leading to a use-after-free condition during driver removal.

CVE-2026-53220
Medium

In the Linux kernel, a vulnerability was found in netfilter where ebt_redirect_tg() dereferences br_port_get_rcu() return without NULL check, causing kernel panic when the bridge port is removed between hook invocation and NFQUEUE reinject. Userspace could also move the device to a different virtual interface, requiring packet drop.

CVE-2026-53219
Medium

In the Linux kernel netfilter/x_tables subsystem, a vulnerability allows leaking percpu counter pointers. During rule copy to userspace, a page fault may leave the raw percpu pointer in the user buffer before the sanitized counter is written.

CVE-2026-53218
Medium

In the Linux kernel, a vulnerability in the netfilter nft_exthdr module causes the register bitmap to mark more bytes as initialized than actually written when the F_PRESENT flag is set. If priv->len exceeds 4 bytes, registers beyond the first retain uninitialized stack data, leading to information disclosure.

CVE-2026-53214
Medium

A vulnerability was found in the Linux kernel's cleanup_prefix_route() function for IPv6. The addrconf_get_prefix_route() function can return the fib6_null_entry sentinel with a NULL fib6_table pointer, causing a NULL pointer dereference (NPD) when setting the route expiration time. The fix adds a check before operating on the entry.

CVE-2026-53213
Medium

In the Linux kernel DRM vc4 driver, a memory leak was discovered due to improper use of krealloc(). Overwriting the original pointer without checking for NULL return value loses the reference to previously allocated memory if reallocation fails.

CVE-2026-53211
Medium

In the Linux kernel, a vulnerability in the netfilter nft_meta_bridge module causes the IIFHWADDR register to declare 8 bytes but copy only 6 bytes of MAC address, leaving 2 bytes uninitialized on the stack. This can leak stack data to userspace.

PreviousPage 64 of 542Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS