|
591
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/x25: Fix potential double free of skb
When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at
line 48 and retur…
Update
|
CWE-415
Double Free
|
CVE-2026-43011
|
2026-05-8 05:26 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
592
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Reject sleepable kprobe_multi programs at attach time
kprobe.multi programs run in atomic/RCU context and cannot sleep.
Howe…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43010
|
2026-05-8 05:26 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
593
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix incorrect pruning due to atomic fetch precision tracking
When backtrack_insn encounters a BPF_STX instruction with BPF_A…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43009
|
2026-05-8 05:25 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
594
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
gpio: qixis-fpga: Fix error handling for devm_regmap_init_mmio()
devm_regmap_init_mmio() returns an ERR_PTR() on failure, not NUL…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-43008
|
2026-05-8 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
595
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
accel/qaic: Handle DBC deactivation if the owner went away
When a DBC is released, the device sends a QAIC_TRANS_DEACTIVATE_FROM_…
Update
|
CWE-415
Double Free
|
CVE-2026-43007
|
2026-05-8 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
596
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of the argument DimensionName lead…
New
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-8086
|
2026-05-8 05:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
597
|
7.8 |
HIGH
Local
|
-
|
-
|
Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua script…
New
|
CWE-94
Code Injection
|
CVE-2026-42214
|
2026-05-8 05:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
598
|
7.6 |
HIGH
Network
|
-
|
-
|
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission can store an XSS payload in the mailbox auto-reply …
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41904
|
2026-05-8 05:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
599
|
9.8 |
CRITICAL
Network
|
hcltech
|
dfxanalytics
|
HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and …
New
|
NVD-CWE-noinfo
|
CVE-2025-59851
|
2026-05-8 05:04 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
600
|
9.1 |
CRITICAL
Network
|
hcltech
|
dfxanalytics
|
HCL DFXAnalytics is affected by an Insufficient Transport Layer Protection vulnerability where data is transmitted over the network without encryption, which could allow an attacker to compromise t…
New
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2025-59852
|
2026-05-8 05:03 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
