Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4089dc64 by security tracker role at 2026-05-28T19:13:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,648 +1,949 @@
-CVE-2026-46240 [media: iris: Fix use-after-free in
iris_release_internal_buffers()]
+CVE-2026-9828 (Deserialization of untrusted data vulnerability in QOS.CH Sarl
logback ...)
+ TODO: check
+CVE-2026-9818
+ REJECTED
+CVE-2026-9813 (FlowIntel up to version 3.3.0contains a server-side request
forgery (S ...)
+ TODO: check
+CVE-2026-9807 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-9806 (A stored cross-site scripting (XSS) vulnerability exists in the
notifi ...)
+ TODO: check
+CVE-2026-9804 (A flaw was found in KubeVirt's virt-exportserver component. An
attacke ...)
+ TODO: check
+CVE-2026-9658 (Plack::Middleware::Security::Common versions before 0.13.1 for
Perl di ...)
+ TODO: check
+CVE-2026-9618 (The PeachPay \u2014 Payments & Express Checkout for WooCommerce
(suppo ...)
+ TODO: check
+CVE-2026-9227 (The GutenBee \u2013 Gutenberg Blocks plugin for WordPress is
vulnerabl ...)
+ TODO: check
+CVE-2026-9098 (In Casdoor versions 2.362.0 and earlier, the SAML callback
handler in ...)
+ TODO: check
+CVE-2026-9097 (Casdoor versions 2.362.0 and earlier do not verify that a JWT
used for ...)
+ TODO: check
+CVE-2026-9096 (Casdoor versions 2.362.0 and earlier do not enforce SAML
assertion tim ...)
+ TODO: check
+CVE-2026-9095 (Casdoor versions 2.362.0 and earlier map SAML assertions to
user sessi ...)
+ TODO: check
+CVE-2026-9094 (Casdoor versions 2.362.0 and earlier contain a vulnerability
enabling ...)
+ TODO: check
+CVE-2026-9093 (In Casdoor versions 2.362.0 and earlier, the SAML service
provider imp ...)
+ TODO: check
+CVE-2026-9092 (Casdoor versions 2.362.0 and earlier contain a vulnerability
involving ...)
+ TODO: check
+CVE-2026-9091 (Casdoor versions 2.362.0 and earlier contain a logic flaw in
the socia ...)
+ TODO: check
+CVE-2026-9090 (Casdoor versions 2.362.0 and earlier contain a vulnerability
that allo ...)
+ TODO: check
+CVE-2026-9015 (The Equalize Digital Accessibility Checker \u2013 WCAG, ADA,
EAA and S ...)
+ TODO: check
+CVE-2026-8990 (A user with physical access to a smartphone can
bypassauthentication m ...)
+ TODO: check
+CVE-2026-8980 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is
vulner ...)
+ TODO: check
+CVE-2026-8979 (The Mennekes Amtron series (firmware versions \u2264 5.22.3) is
vulner ...)
+ TODO: check
+CVE-2026-8697 (Due to improper enforcement of authentication rate-limiting on
a debug ...)
+ TODO: check
+CVE-2026-8689 (The Visualizer: Tables and Charts Manager for WordPress plugin
for Wor ...)
+ TODO: check
+CVE-2026-8682 (The 3D Viewer \u2013 3D Model Viewer \u2013 Augmented Reality
\u2013 V ...)
+ TODO: check
+CVE-2026-7862 (The Eupago Gateway For Woocommerce WordPress plugin before
4.7.2 does ...)
+ TODO: check
+CVE-2026-7797 (The Appointment Booking Calendar \u2014 Simply Schedule
Appointments B ...)
+ TODO: check
+CVE-2026-7660 (The Easy Updates Manager plugin for WordPress is vulnerable to
Reflect ...)
+ TODO: check
+CVE-2026-7651 (The User Registration & Membership \u2013 Free & Paid
Memberships, Sub ...)
+ TODO: check
+CVE-2026-7634 (The SlimStat Analytics plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2026-7621 (The SMTP2GO for WordPress \u2013 Email Made Easy plugin for
WordPress ...)
+ TODO: check
+CVE-2026-7552 (The Geo Mashup plugin for WordPress is vulnerable to
authorization byp ...)
+ TODO: check
+CVE-2026-7526 (The PDF Embedder plugin for WordPress is vulnerable to
Sensitive Infor ...)
+ TODO: check
+CVE-2026-7052 (The HT Contact Form \u2013 Drag & Drop Form Builder for
WordPress plug ...)
+ TODO: check
+CVE-2026-7048 (The Photo Gallery by 10Web \u2013 Mobile-Friendly Image Gallery
plugin ...)
+ TODO: check
+CVE-2026-6937 (The Appointment Booking Calendar \u2014 Simply Schedule
Appointments B ...)
+ TODO: check
+CVE-2026-6720 (When calicoctl is invoked with --log-level=info or
--log-level=debug, ...)
+ TODO: check
+CVE-2026-6455 (The WP Contact Form 7 DB Handler plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2026-6427 (The a3 Lazy Load plugin for WordPress is vulnerable to Stored
Cross-Si ...)
+ TODO: check
+CVE-2026-6226 (The Frontend Admin by DynamiApps plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2026-4944 (vllm-project/vllm version 0.14.1 contains a vulnerability where
the `t ...)
+ TODO: check
+CVE-2026-4377 (DlinkDWR-X1820 router uses weak default password generated from
its IM ...)
+ TODO: check
+CVE-2026-4334 (The Shariff Wrapper plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2026-49238 (An issue was discovered in Canonical Multipass before version
1.16.3. ...)
+ TODO: check
+CVE-2026-49237 (An issue was discovered in Canonical Multipass for macOS
before versio ...)
+ TODO: check
+CVE-2026-48735 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.12 ...)
+ TODO: check
+CVE-2026-48526 (PyJWT is a JSON Web Token implementation in Python. Prior to
2.13.0, w ...)
+ TODO: check
+CVE-2026-48525 (PyJWT is a JSON Web Token implementation in Python. From 2.8.0
to 2.12 ...)
+ TODO: check
+CVE-2026-48524 (PyJWT is a JSON Web Token implementation in Python. Prior to
2.13.0, P ...)
+ TODO: check
+CVE-2026-48523 (PyJWT is a JSON Web Token implementation in Python. From 2.9.0
to 2.12 ...)
+ TODO: check
+CVE-2026-48522 (PyJWT is a JSON Web Token implementation in Python. Prior to
2.13.0, P ...)
+ TODO: check
+CVE-2026-48156 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.12 ...)
+ TODO: check
+CVE-2026-48155 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.12 ...)
+ TODO: check
+CVE-2026-47762 (TinyMCE is an open source rich text editor. Prior to 5.11.1,
7.9.3, an ...)
+ TODO: check
+CVE-2026-47761 (TinyMCE is an open source rich text editor. Prior to 5.11.1,
7.9.3, an ...)
+ TODO: check
+CVE-2026-47760 (TinyMCE is an open source rich text editor. From 6.8.0 to
before 7.1.0 ...)
+ TODO: check
+CVE-2026-47759 (TinyMCE is an open source rich text editor. Prior to 5.11.1,
7.9.3, an ...)
+ TODO: check
+CVE-2026-47676 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-47675 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-47674 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-47673 (Hono is a Web application framework that provides support for
any Java ...)
+ TODO: check
+CVE-2026-47337 (Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a
possible N ...)
+ TODO: check
+CVE-2026-47336 (Ubuntu Linux 6.8 contains SAUCE patches with a possible use of
an unin ...)
+ TODO: check
+CVE-2026-47335 (Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL
pointer d ...)
+ TODO: check
+CVE-2026-47334 (Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches
which in ...)
+ TODO: check
+CVE-2026-47333 (Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches
which ca ...)
+ TODO: check
+CVE-2026-47332 (Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches
which in ...)
+ TODO: check
+CVE-2026-47331 (Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to
acquire ...)
+ TODO: check
+CVE-2026-47330 (Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches
which ca ...)
+ TODO: check
+CVE-2026-47329 (Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which
fail to val ...)
+ TODO: check
+CVE-2026-47328 (Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches
which in ...)
+ TODO: check
+CVE-2026-47327 (Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a
possible N ...)
+ TODO: check
+CVE-2026-47326 (Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a
memory lea ...)
+ TODO: check
+CVE-2026-47136 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-47074 (Improper Certificate Validation vulnerability in ex-aws
ex_aws_sns (Ex ...)
+ TODO: check
+CVE-2026-46685 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-46561 (pyLoad is a free and open-source download manager written in
Python. P ...)
+ TODO: check
+CVE-2026-46526 (Local Deep Research is an AI-powered research assistant for
deep, iter ...)
+ TODO: check
+CVE-2026-46509 (deepobj provides get, set, delete deep objects in javascript.
Prior to ...)
+ TODO: check
+CVE-2026-45787 (electerm is an open-sourced
terminal/ssh/sftp/telnet/serialport/RDP/VN ...)
+ TODO: check
+CVE-2026-45374 (CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior
to 0.8. ...)
+ TODO: check
+CVE-2026-45373 (CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior
to 0.8. ...)
+ TODO: check
+CVE-2026-45353 (electerm is an open-sourced
terminal/ssh/sftp/telnet/serialport/RDP/VN ...)
+ TODO: check
+CVE-2026-45348 (pyLoad is a free and open-source download manager written in
Python. P ...)
+ TODO: check
+CVE-2026-45332 (Automad is a flat-file content management system and template
engine. ...)
+ TODO: check
+CVE-2026-45323 (MeshCore Card provides MeshCore Lovelace card for Home
Assistant. Prio ...)
+ TODO: check
+CVE-2026-45311 (CodeWhale is a DeepSeek + MiMo coding agent in terminal. From
0.3.0 to ...)
+ TODO: check
+CVE-2026-45310 (CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior
to 0.8. ...)
+ TODO: check
+CVE-2026-45307 (Speakr is a personal, self-hosted web application designed for
transcr ...)
+ TODO: check
+CVE-2026-45306 (pyLoad is a free and open-source download manager written in
Python. P ...)
+ TODO: check
+CVE-2026-45297 (OpenReplay is a self-hosted session replay suite. Prior to
1.26.0, the ...)
+ TODO: check
+CVE-2026-45296 (OpenReplay is a self-hosted session replay suite. Prior to
1.26.0, Ope ...)
+ TODO: check
+CVE-2026-45292 (opentelemetry-java is the Java implementation of the
OpenTelemetry API ...)
+ TODO: check
+CVE-2026-45261 (GitButler is a modern Git-based version control interface for
AI-power ...)
+ TODO: check
+CVE-2026-45078 (Synapse is an open source Matrix homeserver implementation.
Prior to 1 ...)
+ TODO: check
+CVE-2026-45076 (Synapse is an open source Matrix homeserver implementation.
Prior to 1 ...)
+ TODO: check
+CVE-2026-45058 (electerm is an open-sourced
terminal/ssh/sftp/telnet/serialport/RDP/VN ...)
+ TODO: check
+CVE-2026-45044 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-45042 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-45041 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-45040 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-45039 (RustFS is a distributed object storage system built in Rust.
Prior to ...)
+ TODO: check
+CVE-2026-45021 (Kuma is a modern Envoy-based service mesh that can run on
every cloud ...)
+ TODO: check
+CVE-2026-45017 (Python Liquid is a Python engine for the Liquid template
language. Pri ...)
+ TODO: check
+CVE-2026-44798 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
+ TODO: check
+CVE-2026-44797 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
+ TODO: check
+CVE-2026-44796 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
+ TODO: check
+CVE-2026-44794 (Nautobot is a Network Source of Truth and Network Automation
Platform. ...)
+ TODO: check
+CVE-2026-44672 (mapfish-print is a component of MapFish for printing templated
cartogr ...)
+ TODO: check
+CVE-2026-44604 (A command injection vulnerability was discovered in the
`rpmuncompress ...)
+ TODO: check
+CVE-2026-44594 (esm.sh is a no-build content delivery network (CDN) for web
developmen ...)
+ TODO: check
+CVE-2026-44593 (esm.sh is a no-build content delivery network (CDN) for web
developmen ...)
+ TODO: check
+CVE-2026-44543 (Local Path Provisioner provides a way for the Kubernetes users
to util ...)
+ TODO: check
+CVE-2026-44477 (CloudNativePG is a platform designed to manage PostgreSQL
databases wi ...)
+ TODO: check
+CVE-2026-44466 (Zed is a code editor. Prior to 0.229.0, Zed's terminal tool
permission ...)
+ TODO: check
+CVE-2026-44465 (Zed is a code editor. Prior to 0.227.1, Zed IDE executes
arbitrary com ...)
+ TODO: check
+CVE-2026-44463 (Zed is a code editor. Prior to 0.229.0, Zed's terminal tool
permission ...)
+ TODO: check
+CVE-2026-44462 (Zed is a code editor. Prior to 0.229.0, Zed's terminal tool
permission ...)
+ TODO: check
+CVE-2026-44461 (Zed is a code editor. Prior to 0.227.1, Zed builds SSH/WSL
remote comm ...)
+ TODO: check
+CVE-2026-44394 (An issue was discovered in OpenStack Keystone before 29.0.2.
The Keyst ...)
+ TODO: check
+CVE-2026-44358 (Espressif Shared GitHub DangerJS is a reusable GitHub Action
CI Danger ...)
+ TODO: check
+CVE-2026-43979 (Local Deep Research is an AI-powered research assistant for
deep, iter ...)
+ TODO: check
+CVE-2026-43898 (SandboxJS is a JavaScript sandboxing library. Prior to 0.9.6,
sandbox- ...)
+ TODO: check
+CVE-2026-43000 (An issue was discovered in OpenStack Keystone before 29.0.2.
When comb ...)
+ TODO: check
+CVE-2026-42999 (An issue was discovered in OpenStack Keystone before 29.0.2.
The Keyst ...)
+ TODO: check
+CVE-2026-42998 (An issue was discovered in OpenStack Keystone before 29.0.2.
The Keyst ...)
+ TODO: check
+CVE-2026-42250 (bzip2 contains an off\u2011by\u2011one error in the
bzip2recover utili ...)
+ TODO: check
+CVE-2026-41565 (CryptX versions before 0.088_001 for Perl have a stack buffer
overflow ...)
+ TODO: check
+CVE-2026-41185 (When Calico is configured with the Azure IPAM plugin, the
Calico CNI b ...)
+ TODO: check
+CVE-2026-41184 (In Calico, the install-cni init container logs the rendered
CNI config ...)
+ TODO: check
+CVE-2026-41160 (EspoCRM is an open source customer relationship management
application ...)
+ TODO: check
+CVE-2026-41141 (EspoCRM is an open source customer relationship management
application ...)
+ TODO: check
+CVE-2026-40914 (A vulnerability exists in Apache Artemis whereby an
application using ...)
+ TODO: check
+CVE-2026-38707 (A command injection vulnerability exists in the IPSec VPN
feature of I ...)
+ TODO: check
+CVE-2026-38704 (A command injection vulnerability exists in the WireGuard VPN
feature ...)
+ TODO: check
+CVE-2026-38703 (A command injection vulnerability exists in the ZeroTier VPN
feature o ...)
+ TODO: check
+CVE-2026-38702 (A command injection vulnerability exists in the Admin Access
feature o ...)
+ TODO: check
+CVE-2026-37579 (An issue in SMSGate sms-core<=2.1.13.6 allows a remote
attacker to exe ...)
+ TODO: check
+CVE-2026-37266 (An issue in Responsive File Manager Responsive FileManager
Version 9.1 ...)
+ TODO: check
+CVE-2026-35676 (phpMyFAQ before 4.1.3 contains an unauthenticated password
reset vulne ...)
+ TODO: check
+CVE-2026-35675 (phpMyFAQ before 4.1.3 contains an authentication bypass
vulnerability ...)
+ TODO: check
+CVE-2026-35672 (phpMyFAQ before 4.1.3 contains an authentication bypass
vulnerability ...)
+ TODO: check
+CVE-2026-35671 (phpMyFAQ before 4.1.3 contains an insecure direct object
reference vul ...)
+ TODO: check
+CVE-2026-34126 (TP-Link has identified a vulnerability in Tapo L535E v1.0 and
v3.0, Ta ...)
+ TODO: check
+CVE-2026-30761 (An arbitrary file upload vulnerability in the
pages/admin.uploadmapimg ...)
+ TODO: check
+CVE-2026-30760 (An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e)
allows ...)
+ TODO: check
+CVE-2026-24444 (SDMC NE6037 cable modem routers running firmware 7.1.6.0.25
and 7.1.6. ...)
+ TODO: check
+CVE-2025-48977 (Relative Path Traversal vulnerability in Apache Ignite REST
API. Auth ...)
+ TODO: check
+CVE-2024-47097 (Cross Site Scripting vulnerability in Follet School Solutions
Destiny ...)
+ TODO: check
+CVE-2024-47096 (Cross Site Scripting vulnerability in Follet School Solutions
Destiny ...)
+ TODO: check
+CVE-2026-46240 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f27cfdcfc916bb59297825805f4c3499f89f9e76 (7.1-rc3)
-CVE-2026-46239 [media: i2c: ov5647: Fix runtime PM refcount leak in s_ctrl]
+CVE-2026-46239 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f11ae9c04f8368a3b5a0280ef595198dace1c983 (7.1-rc1)
-CVE-2026-46237 [drm/amdgpu/vcn3: Avoid overflow on msg bound check]
+CVE-2026-46237 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e6e9faba8100628990cccd13f0f044a648c303cf (7.1-rc2)
-CVE-2026-46232 [HID: playstation: Clamp num_touch_reports]
+CVE-2026-46232 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cac61b58a3b6340c52afa06bb15eac033158db2f (7.1-rc4)
-CVE-2026-46224 [drm/xe: Fix bo leak in xe_dma_buf_init_obj() on allocation
failure]
+CVE-2026-46224 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/93a528f67ce5095bcab46a69839eca97f43dd352 (7.1-rc2)
-CVE-2026-46223 [cgroup: Defer css percpu_ref kill on rmdir until cgroup is
depopulated]
+CVE-2026-46223 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/93618edf753838a727dbff63c7c291dee22d656b (7.1-rc3)
-CVE-2026-46222 [media: rockchip: rkcif: Add missing MUST_CONNECT flag to pads]
+CVE-2026-46222 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8e3c751259dc2d1325838eff26f41032523c7b57 (7.1-rc1)
-CVE-2026-46221 [EDAC/versalnet: Fix device name memory leak]
+CVE-2026-46221 (In the Linux kernel, the following vulnerability has been
resolved: E ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8cf5dd235eff6008cb04c3d8064d2acfa90616f1 (7.1-rc3)
-CVE-2026-46217 [drm/amdgpu/vcn4: Avoid overflow on msg bound check]
+CVE-2026-46217 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/65bce27ea6192320448c30267ffc17ffa094e713 (7.1-rc2)
-CVE-2026-46215 [drm: Set old handle to NULL before prime swap in change_handle]
+CVE-2026-46215 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5e28b7b94408897e41c63477aabc9e1db439bc8c (7.1-rc3)
-CVE-2026-46213 [HID: appletb-kbd: fix UAF in inactivity-timer cleanup path]
+CVE-2026-46213 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/4db2af929279c799b5653a39eb0795c72baffca4 (7.1-rc4)
-CVE-2026-46211 [drm/msm/gem: fix error handling in
msm_ioctl_gem_info_get_metadata()]
+CVE-2026-46211 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/47cbfe2608314b833ad61a65827d8fb363bc2d2d (7.1-rc1)
-CVE-2026-46207 [vsock/virtio: fix empty payload in tap skb for non-linear
buffers]
+CVE-2026-46207 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3a3e3d90cbc79600544536723911657730759af3 (7.1-rc4)
-CVE-2026-46202 [HID: appletb-kbd: run inactivity autodim from workqueues]
+CVE-2026-46202 (In the Linux kernel, the following vulnerability has been
resolved: H ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1654e53349d4e657b331de354313461f401f5063 (7.1-rc4)
-CVE-2026-46201 [drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()]
+CVE-2026-46201 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/111ab678471bf1f90d078d5513bb086b70596c3c (7.1-rc2)
-CVE-2026-46241 [spi: mpc52xx: fix use-after-free on registration failure]
+CVE-2026-46241 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/f62c060272b9d7423b1650b844e8e4e7b8f9f925 (7.1-rc1)
-CVE-2026-46238 [batman-adv: stop caching unowned originator pointers in BAT IV]
+CVE-2026-46238 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/f03e8583532941b07761c5429de7d50766fa3110 (7.1-rc4)
-CVE-2026-46236 [media: rc: xbox_remote: heed DMA restrictions]
+CVE-2026-46236 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/e280d1e5e3f2595bbb43fe6e1bce00c59a43c0ff (7.1-rc1)
-CVE-2026-46235 [media: saa7164: add ioremap return checks and cleanups]
+CVE-2026-46235 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/d51c60a498e83c9a79884c8e420f97e3885c9583 (7.1-rc1)
-CVE-2026-46234 [vsock: fix buffer size clamping order]
+CVE-2026-46234 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/d114bfdc9b76bf93b881e195b7ec957c14227bab (7.1-rc1)
-CVE-2026-46233 [batman-adv: bla: only purge non-released claims]
+CVE-2026-46233 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/cf6b604011591865ae39ac82de8978c1120d17af (7.1-rc4)
-CVE-2026-46231 [batman-adv: bla: put backbone reference on failed claim hash
insert]
+CVE-2026-46231 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/ba9d20ee9076dac32c371116bacbe72480eb356c (7.1-rc4)
-CVE-2026-46230 [drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg]
+CVE-2026-46230 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/b193019860d61e92da395eae2011f2f6716b182f (7.1-rc1)
-CVE-2026-46229 [drm/amdkfd: Clear VRAM on allocation to prevent stale data
exposure]
+CVE-2026-46229 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/ad52d61d82181dbdb7f05826de38352d5e550cc2 (7.1-rc1)
-CVE-2026-46228 [spi: ch341: fix devres lifetime]
+CVE-2026-46228 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/abe572f630bc1f0e77041012ab075869036ede4f (7.1-rc1)
-CVE-2026-46227 [sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in
SCTP_SENDALL]
+CVE-2026-46227 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/abb5f36771cc4c05899b34000829a787572a8817 (7.1-rc4)
-CVE-2026-46226 [spi: fsl: fix controller deregistration]
+CVE-2026-46226 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/9b7abfed4c3754062d1f3ffd452e65a38667f586 (7.1-rc1)
-CVE-2026-46225 [spi: rspi: fix controller deregistration]
+CVE-2026-46225 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/9944fa6726afb1e6eb7e2212764e7da0c97f2dcc (7.1-rc1)
-CVE-2026-46220 [drm/amdgpu/sdma4: replace BUG_ON with WARN_ON in fence
emission]
+CVE-2026-46220 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/78d2e624fa073c14970aa097adcf3ea31c157a66 (7.1-rc3)
-CVE-2026-46219 [spi: mpc52xx: fix use-after-free on unbind]
+CVE-2026-46219 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/706b3dc2ac7a998c55e14b3fd2e8f934c367e6e0 (7.1-rc1)
-CVE-2026-46218 [drm/amdgpu: Add bounds checking to ib_{get,set}_value]
+CVE-2026-46218 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/66085e206431ef88ce36f53c1f53d570790ccc9e (7.1-rc1)
-CVE-2026-46216 [drm/xe/hdcp: Add NULL check for media_gt in
intel_hdcp_gsc_check_status()]
+CVE-2026-46216 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/60a1e131a811b68703da58fd805ab359b704ab03 (7.1-rc3)
-CVE-2026-46214 [vsock/virtio: fix accept queue count leak on transport
mismatch]
+CVE-2026-46214 (In the Linux kernel, the following vulnerability has been
resolved: v ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/52bcb57a4e8a0865a76c587c2451906342ae1b2d (7.1-rc1)
-CVE-2026-46212 [batman-adv: bla: prevent use-after-free when deleting claims]
+CVE-2026-46212 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/4ae1709a314060a196981b344610d023ea841e57 (7.1-rc4)
-CVE-2026-46210 [media: iris: fix use-after-free of fmt_src during MBPF check]
+CVE-2026-46210 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.9-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3d9593ad1a58c5acc3e5fa2a48222bb7632e6812 (7.1-rc3)
-CVE-2026-46209 [drm/gem: Fix inconsistent plane dimension calculation in
drm_gem_fb_init_with_funcs()]
+CVE-2026-46209 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/3d4c2268bd7243c3780fe32bf24ff876da272acf (7.1-rc2)
-CVE-2026-46208 [batman-adv: stop tp_meter sessions during mesh teardown]
+CVE-2026-46208 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/3d3cf6a7314aca4df0a6dde28ce784a2a30d0166 (7.1-rc4)
-CVE-2026-46206 [batman-adv: reject new tp_meter sessions during teardown]
+CVE-2026-46206 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/3243543592425beec83d453793e9d27caa0d8e66 (7.1-rc4)
-CVE-2026-46205 [staging: media: atomisp: Disallow all private IOCTLs]
+CVE-2026-46205 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/2b7eb2c5dc72f0fc954ac4aa155f9e285e937f7c (7.1-rc1)
-CVE-2026-46204 [drm/amdgpu/vcn4: Prevent OOB reads when parsing IB]
+CVE-2026-46204 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/2444eb0ec8283f4a3845eb7febad378476e1ba3c (7.1-rc1)
-CVE-2026-46203 [spi: cadence-quadspi: fix unclocked access on unbind]
+CVE-2026-46203 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/233db2cb14db8b1935dda52a6affd97276462b82 (7.1-rc2)
-CVE-2026-46200 [spi: mpc52xx: fix controller deregistration]
+CVE-2026-46200 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/0f997fdae819a8c2cc83bd4ff7d935ad76c727c9 (7.1-rc1)
-CVE-2026-46199 [drm/amdgpu/vcn4: Prevent OOB reads when parsing dec msg]
+CVE-2026-46199 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/0a78f2bac1424deb7c9d5e09c6b8e849d8e8b648 (7.1-rc1)
-CVE-2026-46198 [batman-adv: fix integer overflow on buff_pos]
+CVE-2026-46198 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/0799e5943611006b346b8813c7daf7dd5aa26bfd (7.1-rc4)
-CVE-2026-46197 [drm/amdkfd: validate SVM ioctl nattr against buffer size]
+CVE-2026-46197 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.9-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/045e0ff208f0838a246c10204105126611b267a1 (7.1-rc2)
-CVE-2026-46194 [f2fs: fix node_cnt race between extent node destroy and
writeback]
+CVE-2026-46194 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ed78aeebef05212ef7dca93bd931e4eff67c113f (7.1-rc1)
-CVE-2026-46192 [spi: microchip-core-qspi: don't attempt to transmit during
emulated read-only dual/quad operations]
+CVE-2026-46192 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/eb56deaabf127e8985fc91fa6c97bf8a3b062844 (7.1-rc3)
-CVE-2026-46188 [octeon_ep_vf: add NULL check for napi_build_skb()]
+CVE-2026-46188 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/dd66b42854705e4e4ee7f14d260f86c578bed3e3 (7.1-rc1)
-CVE-2026-46183 [mm/damon/sysfs-schemes: protect path kfree() with
damon_sysfs_lock]
+CVE-2026-46183 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cf3b71421ca00807328c6d9cd242f9de3b77a4bf (7.1-rc2)
-CVE-2026-46182 [pseries/papr-hvpipe: Prevent kernel stack memory leak to
userspace]
+CVE-2026-46182 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/cefeed44296261173a806bef988b26bc565da4be (7.1-rc3)
-CVE-2026-46176 [RDMA/mlx5: Fix error path fall-through in
mlx5_ib_dev_res_srq_init()]
+CVE-2026-46176 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c488df06bd552bb8b6e14fa0cfd5ad986c6e9525 (7.1-rc3)
-CVE-2026-46174 [x86/CPU/AMD: Prevent improper isolation of shared resources in
Zen2's op cache]
+CVE-2026-46174 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
+ {DSA-6306-1}
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/c21b90f77687075115d989e53a8ec5e2bb427ab1 (7.1-rc4)
-CVE-2026-46166 [wifi: mac80211: use safe list iteration in radar detect work]
+CVE-2026-46166 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/ac8eb3e18f41e2cc8492cc1d358bcb786c850270 (7.1-rc3)
-CVE-2026-46162 [ice: fix double free in ice_sf_eth_activate() error path]
+CVE-2026-46162 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/9aab1c3d7299285e2569cbc0ed5892d631a241b2 (7.1-rc1)
-CVE-2026-46155 [smb/client: fix out-of-bounds read in smb2_compound_op()]
+CVE-2026-46155 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8d09328dfda089675e4c049f3f256064a1d1996b (7.1-rc3)
-CVE-2026-46154 [sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup
setters]
+CVE-2026-46154 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/80afd4c84bc8f5e80145ce35279f5ce53f6043db (7.1-rc2)
-CVE-2026-46152 [wifi: mac80211: drop stray 'static' from fast-RX rx_result]
+CVE-2026-46152 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7a5b81e0c87a075afd572f659d8eb68c9c4cd2ba (7.1-rc3)
-CVE-2026-46145 [RDMA/mana: Validate rx_hash_key_len]
+CVE-2026-46145 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6dd2d4ad9c8429523b1c220c5132bd551c006425 (7.1-rc3)
-CVE-2026-46144 [RDMA/mana: Fix error unwind in mana_ib_create_qp_rss()]
+CVE-2026-46144 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6aaa978c6b6218cfac15fe1dab17c76fe229ce3f (7.1-rc3)
-CVE-2026-46142 [net: libwx: fix VF illegal register access]
+CVE-2026-46142 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/694de316f607fe2473d52ca0707e3918e72c1562 (7.1-rc3)
-CVE-2026-46141 [powerpc/xive: fix kmemleak caused by incorrect chip_data
lookup]
+CVE-2026-46141 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/6771c54728c278bf1e4bfdab4fddbbb186e33498 (7.1-rc1)
-CVE-2026-46140 [Bluetooth: btmtk: validate WMT event SKB length before struct
access]
+CVE-2026-46140 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/634a4408c0615c523cf7531790f4f14a422b9206 (7.1-rc3)
-CVE-2026-46139 [smb: client: use kzalloc to zero-initialize security
descriptor buffer]
+CVE-2026-46139 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5e489c6c47a2ac15edbaca153b9348e42c1eacab (7.1-rc3)
-CVE-2026-46138 [Bluetooth: hci_event: Fix OOB read and infinite loop in
hci_le_create_big_complete_evt]
+CVE-2026-46138 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5ddb8014261137cadaf83ab5617a588d80a22586 (7.1-rc3)
-CVE-2026-46134 [platform/chrome: cros_ec_typec: Init mutex in Thunderbolt
registration]
+CVE-2026-46134 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/525cb7ba6661074c1c5cc3772bccc6afab6791ef (7.1-rc3)
-CVE-2026-46131 [KVM: x86: check for nEPT/nNPT in slow flush hypercalls]
+CVE-2026-46131 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/464af6fc2b1dcc74005b7f58ee3812b17777efee (7.1-rc3)
-CVE-2026-46126 [RDMA/mana: Fix mana_destroy_wq_obj() cleanup in
mana_ib_create_qp_rss()]
+CVE-2026-46126 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/34ecf795692ee57c393109f4a24ccc313091e137 (7.1-rc3)
-CVE-2026-46121 [mm/damon/sysfs-schemes: protect memcg_path kfree() with
damon_sysfs_lock]
+CVE-2026-46121 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1e68eb96e8beb1abefd12dd22c5637795d8a877e (7.1-rc2)
-CVE-2026-46118 [pseries/papr-hvpipe: Fix null ptr deref in
papr_hvpipe_dev_create_handle()]
+CVE-2026-46118 (In the Linux kernel, the following vulnerability has been
resolved: p ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1b9f7aafa44f5ce852c00509104d10fd9eb0f402 (7.1-rc3)
-CVE-2026-46115 [block: add pgmap check to biovec_phys_mergeable]
+CVE-2026-46115 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/13920e4b7b784b40cf4519ff1f0f3e513476a499 (7.1-rc1)
-CVE-2026-46114 [RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads]
+CVE-2026-46114 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/1114c87aa6f195cf07da55a27b2122ae26557b26 (7.1-rc3)
-CVE-2026-46106 [eventfs: Hold eventfs_mutex and SRCU when remount walks events]
+CVE-2026-46106 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/07004a8c4b572171934390148ee48c4175c77eed (7.1-rc1)
-CVE-2026-46105 [scsi: mpt3sas: Limit NVMe request size to 2 MiB]
+CVE-2026-46105 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/04631f55afc543d5431a2bdee7f6cc0f2c0debe7 (7.1-rc3)
-CVE-2026-46104 [selinux: use sk blob accessor in socket permission helpers]
+CVE-2026-46104 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/032e70aff025d7c519af9ab791cd084380619263 (7.1-rc2)
-CVE-2026-46196 [tracepoint: balance regfunc() on func_add() failure in
tracepoint_add_func()]
+CVE-2026-46196 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/fad217e16fded7f3c09f8637b0f6a224d58b5f2e (7.1-rc1)
-CVE-2026-46195 [smb: client: validate dacloffset before building DACL pointers]
+CVE-2026-46195 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/f98b48151cc502ada59d9778f0112d21f2586ca3 (7.1-rc3)
-CVE-2026-46193 [xfrm: ah: account for ESN high bits in async callbacks]
+CVE-2026-46193 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/ec54093e6a8f87e800bb6aa15eb7fc1e33faa524 (7.1-rc3)
-CVE-2026-46191 [fbcon: Avoid OOB font access if console rotation fails]
+CVE-2026-46191 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 7.0.7-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/e4ef723d8975a2694cc90733a6b888a5e2841842 (7.1-rc1)
-CVE-2026-46190 [mtd: spi-nor: debugfs: fix out-of-bounds read in
spi_nor_params_show()]
+CVE-2026-46190 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e47029b977e747cb3a9174308fd55762cce70147 (7.1-rc2)
-CVE-2026-46189 [RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext()
error path]
+CVE-2026-46189 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/e38e86995df27f1f854063dab1f0c6a513db3faf (7.1-rc3)
-CVE-2026-46187 [wifi: rsi: fix kthread lifetime race between self-exit and
external-stop]
+CVE-2026-46187 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/db57a1aa54ff68669781976e4edb045e09e2b65b (7.1-rc3)
-CVE-2026-46186 [Bluetooth: virtio_bt: validate rx pkt_type header length]
+CVE-2026-46186 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/daf23014e5d975e72ea9c02b5160d3fcf070ea47 (7.1-rc3)
-CVE-2026-46185 [smb/client: fix out-of-bounds read in symlink_data()]
+CVE-2026-46185 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d62b8d236fab503c6fec1d3e9a38bea71feaca20 (7.1-rc3)
-CVE-2026-46184 [sound: ua101: fix division by zero at probe]
+CVE-2026-46184 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/d1f73f169c1014463b5060e3f60813e13ddc7b87 (7.1-rc2)
-CVE-2026-46181 [RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()]
+CVE-2026-46181 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/c9341307ea16b9395c2e4c9c94d8499d91fe31d0 (7.1-rc3)
-CVE-2026-46180 [wifi: brcmfmac: Fix potential use-after-free issue when
stopping watchdog task]
+CVE-2026-46180 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/c623b63580880cc742255eaed3d79804c1b91143 (7.1-rc3)
-CVE-2026-46179 [ASoC: SOF: Don't allow pointer operations on unconfigured
streams]
+CVE-2026-46179 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c5b6285aae050ff1c3ea824ca3d88ac4be1e69c8 (7.1-rc1)
-CVE-2026-46178 [RDMA/mlx4: Fix resource leak on error in mlx4_ib_create_srq()]
+CVE-2026-46178 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/c54c7e4cb679c0aaa1cb489b9c3f2cd98e63a44c (7.1-rc3)
-CVE-2026-46177 [ipmi: Add limits to event and receive message requests]
+CVE-2026-46177 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/c4cca236968683eb0d59abfb12d5c7e4d8514227 (7.1-rc3)
-CVE-2026-46175 [f2fs: fix fsck inconsistency caused by FGGC of node block]
+CVE-2026-46175 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/c3e238bd1f56993f205ef83889d406dfeaf717a8 (7.1-rc1)
-CVE-2026-46173 [exit: prevent preemption of oopsing TASK_DEAD task]
+CVE-2026-46173 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/c1fa0bb633e4a6b11e83ffc57fa5abe8ebb87891 (7.1-rc4)
-CVE-2026-46172 [ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()]
+CVE-2026-46172 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/bc0fcb9823cd0894934cf968b525c575833d7078 (7.1-rc3)
-CVE-2026-46171 [riscv: kvm: fix vector context allocation leak]
+CVE-2026-46171 (In the Linux kernel, the following vulnerability has been
resolved: r ...)
- linux 7.0.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b7c958d7c1eb1cb9b2be7b5ee4129fcd66cec978 (7.1-rc1)
-CVE-2026-46170 [mptcp: pm: ADD_ADDR rtx: free sk if last]
+CVE-2026-46170 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/b7b9a461569734d33d3259d58d2507adfac107ed (7.1-rc3)
-CVE-2026-46169 [hfsplus: fix uninit-value by validating catalog record size]
+CVE-2026-46169 (In the Linux kernel, the following vulnerability has been
resolved: h ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/b6b592275aeff184aa82fcf6abccd833fb71b393 (7.1-rc1)
-CVE-2026-46168 [mptcp: fix scheduling with atomic in timestamp sockopt]
+CVE-2026-46168 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/b5c52908d52c6c8eb8933264aa6087a0600fd892 (7.1-rc2)
-CVE-2026-46167 [usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl]
+CVE-2026-46167 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/b38e53cbfb9d84732e5984fbd73e128d592415c5 (7.1-rc3)
-CVE-2026-46165 [openvswitch: vport: fix self-deadlock on release of tunnel
ports]
+CVE-2026-46165 (In the Linux kernel, the following vulnerability has been
resolved: o ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/aa69918bd418e700309fdd08509dba324fb24296 (7.1-rc3)
-CVE-2026-46164 [btrfs: fix double free in create_space_info_sub_group() error
path]
+CVE-2026-46164 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.7-1
[trixie] - linux 6.12.90-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/a7449edf96143f192606ec8647e3167e1ecbd728 (7.1-rc1)
-CVE-2026-46163 [wifi: b43legacy: enforce bounds check on firmware key index in
RX path]
+CVE-2026-46163 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/a035766f970bde2d4298346a31a80685be5c0205 (7.1-rc3)
-CVE-2026-46161 [md/raid10: fix divide-by-zero in setup_geo() with zero
far_copies]
+CVE-2026-46161 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/9aa6d860b0930e2f72795665c42c44252a558a0c (7.1-rc2)
-CVE-2026-46160 [btrfs: fix missing last_unlink_trans update when removing a
directory]
+CVE-2026-46160 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/999757231c49376cd1a37308d2c8c4c9932571e1 (7.1-rc2)
-CVE-2026-46159 [btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which
can lead to info-leak]
+CVE-2026-46159 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.7-1
[trixie] - linux 6.12.90-1
NOTE:
https://git.kernel.org/linus/973e57c726c1f8e77259d1c8e519519f1e9aea77 (7.1-rc1)
-CVE-2026-46158 [mptcp: pm: ADD_ADDR rtx: always decrease sk refcount]
+CVE-2026-46158 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/9634cb35af17019baec21ca648516ce376fa10e6 (7.1-rc3)
-CVE-2026-46157 [ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger]
+CVE-2026-46157 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/901ac0ff15edf9503162e2cf6579bd11a30f1ed4 (7.1-rc2)
-CVE-2026-46156 [LoongArch: Fix potential ADE in loongson_gpu_fixup_dma_hang()]
+CVE-2026-46156 (In the Linux kernel, the following vulnerability has been
resolved: L ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/8dfa2f8780e486d05b9a0ffce70b8f5fbd62053e (7.1-rc3)
-CVE-2026-46153 [8021q: delete cleared egress QoS mappings]
+CVE-2026-46153 (In the Linux kernel, the following vulnerability has been
resolved: 8 ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/7dddc74af369478ba7f9bc136d0fc1dc4570cb66 (7.1-rc1)
-CVE-2026-46151 [usb: usblp: fix heap leak in IEEE 1284 device ID via short
response]
+CVE-2026-46151 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/7a400c6fe3617e31e690e3f7ca37bb335e0498f3 (7.1-rc3)
-CVE-2026-46150 [fanotify: fix false positive on permission events]
+CVE-2026-46150 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/7746e3bd4cc19b5092e00d32d676e329bfcb6900 (7.1-rc2)
-CVE-2026-46149 [scsi: target: configfs: Bound snprintf() return in
tg_pt_gp_members_show()]
+CVE-2026-46149 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/772a896a56e0e3ef9424a025cec9176f9d8f4552 (7.1-rc3)
-CVE-2026-46148 [spi: microchip-core-qspi: control built-in cs manually]
+CVE-2026-46148 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 7.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/7672749e1496215e8683ce57cf323119033954cf (7.1-rc3)
-CVE-2026-46147 [KVM: arm64: Fix pin leak and publication ordering in
__pkvm_init_vcpu()]
+CVE-2026-46147 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/73b9c1e5da84cd69b1a86e374e450817cd051371 (7.1-rc2)
-CVE-2026-46146 [ALSA: usb-audio: Avoid potential endless loop in
convert_chmap_v3()]
+CVE-2026-46146 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/6e7247d8f5fefeceb0bb9cc80a5388a636b219cd (7.1-rc2)
-CVE-2026-46143 [ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens]
+CVE-2026-46143 (In the Linux kernel, the following vulnerability has been
resolved: A ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/69acc488aaf39d0ddf6c3cf0e47c1873d39919a2 (7.1-rc1)
-CVE-2026-46137 [mptcp: pm: ADD_ADDR rtx: fix potential data-race]
+CVE-2026-46137 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
- linux 7.0.7-1
NOTE:
https://git.kernel.org/linus/5cd6e0ad79d2615264f63929f8b457ad97ae550d (7.1-rc3)
-CVE-2026-46136 [wifi: mt76: mt7921: fix a potential clc buffer length
underflow]
+CVE-2026-46136 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/5373f8b19e568b5c217832b9bbef165bd2b2df14 (7.1-rc1)
-CVE-2026-46135 [nvmet-tcp: fix race between ICReq handling and queue teardown]
+CVE-2026-46135 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/5293a8882c549fab4a878bc76b0b6c951f980a61 (7.1-rc2)
-CVE-2026-46133 [RDMA/rxe: Reject unknown opcodes before ICRC processing]
+CVE-2026-46133 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/4c6f86d85d03cdb33addce86aa69aa795ca6c47a (7.1-rc3)
-CVE-2026-46132 [net: rtnetlink: zero ifla_vf_broadcast to avoid stack infoleak
in rtnl_fill_vfinfo]
+CVE-2026-46132 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/4b9e327991815e128ad3af75c3a04630a63ce3e0 (7.1-rc3)
-CVE-2026-46130 [dm-verity-fec: fix reading parity bytes split across blocks
(take 3)]
+CVE-2026-46130 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/430a05cb926f6bdf53e81460a2c3a553257f3f61 (7.1-rc1)
-CVE-2026-46129 [btrfs: fix double free in create_space_info() error path]
+CVE-2026-46129 (In the Linux kernel, the following vulnerability has been
resolved: b ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3f487be81292702a59ea9dbc4088b3360a50e837 (7.1-rc1)
-CVE-2026-46128 [ipmi: Check event message buffer response for bad data]
+CVE-2026-46128 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/36920f30e78e69df01f9691c470b6f3ba8aebf98 (7.1-rc3)
-CVE-2026-46127 [RDMA/ocrdma: Don't NULL deref uctx on errors in
ocrdma_copy_pd_uresp()]
+CVE-2026-46127 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/34fbf48cf3b410d2a6e8c586fa952a36331ca5ba (7.1-rc3)
-CVE-2026-46125 [wifi: mac80211: remove station if connection prep fails]
+CVE-2026-46125 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/283fc9e44ff5b5ac967439b4951b80bd4299f4e4 (7.1-rc3)
-CVE-2026-46124 [isofs: validate block number from NFS file handle in
isofs_export_iget]
+CVE-2026-46124 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/24376458138387fb251e782e624c7776e9826796 (7.1-rc2)
-CVE-2026-46123 [Bluetooth: virtio_bt: clamp rx length before skb_put]
+CVE-2026-46123 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/21bd244b6de5d2fe1063c23acc93fbdd2b20d112 (7.1-rc3)
-CVE-2026-46122 [wifi: b43: enforce bounds check on firmware key index in
b43_rx()]
+CVE-2026-46122 (In the Linux kernel, the following vulnerability has been
resolved: w ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/1f4f78bf8549e6ac4f04fba4176854f3a6e0c332 (7.1-rc3)
-CVE-2026-46120 [ip6_gre: Use cached t->net in ip6erspan_changelink().]
+CVE-2026-46120 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/1d324c2f43f70c965f25c58cc3611c779adbe47e (7.1-rc3)
-CVE-2026-46119 [libceph: Fix slab-out-of-bounds access in auth message
processing]
+CVE-2026-46119 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/1c439de70b1c3eb3c6bffa8245c16b9fc318f114 (7.1-rc1)
-CVE-2026-46117 [RDMA/mana: Remove user triggerable WARN_ON() in
mana_ib_create_qp_rss()]
+CVE-2026-46117 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/159f2efabc89d3f931d38f2d35876535d4abf0a3 (7.1-rc3)
-CVE-2026-46116 [xfrm: defensively unhash xfrm_state lists in
__xfrm_state_delete]
+CVE-2026-46116 (In the Linux kernel, the following vulnerability has been
resolved: x ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/14acf9652e5690de3c7486c6db5fb8dafd0a32a3 (7.1-rc3)
-CVE-2026-46113 [KVM: x86: Fix shadow paging use-after-free due to unexpected
GFN]
+CVE-2026-46113 (In the Linux kernel, the following vulnerability has been
resolved: K ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/0cb2af2ea66ad8ff195c156ea690f11216285bdf (7.1-rc3)
-CVE-2026-46112 [RDMA/hns: Fix unlocked call to hns_roce_qp_remove()]
+CVE-2026-46112 (In the Linux kernel, the following vulnerability has been
resolved: R ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/0c99acbc8b6c6dd526ae475a48ee1897b61072fb (7.1-rc3)
-CVE-2026-46111 [Bluetooth: hci_conn: fix potential UAF in create_big_sync]
+CVE-2026-46111 (In the Linux kernel, the following vulnerability has been
resolved: B ...)
- linux 7.0.7-1
[trixie] - linux 6.12.90-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0beddb0c380bed5f5b8e61ddbe14635bb73d0b41 (7.1-rc3)
-CVE-2026-46110 [net: stmmac: Prevent NULL deref when RX memory exhausted]
+CVE-2026-46110 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/0bb05e6adfa99a2ea1fee1125cc0953409f83ed8 (7.1-rc2)
-CVE-2026-46109 [usb: ulpi: fix memory leak on ulpi_register() error paths]
+CVE-2026-46109 (In the Linux kernel, the following vulnerability has been
resolved: u ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/0b9fcab1b8608d429e5f239afb197de928d4de7d (7.1-rc3)
-CVE-2026-46108 [ipmi:si: Return state to normal if message allocation fails]
+CVE-2026-46108 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/09dd798270ff582d7309f285d4aaf5dbebae01cb (7.1-rc3)
-CVE-2026-46107 [dm-thin: fix metadata refcount underflow]
+CVE-2026-46107 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
- linux 7.0.7-1
[trixie] - linux 6.12.88-1
NOTE:
https://git.kernel.org/linus/09a65adc7d8bbfce06392cb6d375468e2728ead5 (7.1-rc2)
@@ -3516,7 +3817,7 @@ CVE-2026-40384 (An improper validation of the search
parameter of the com_media
NOT-FOR-US: Joomla
CVE-2026-40383 (An improper validation of user-supplied input leads to a local
file in ...)
NOT-FOR-US: Joomla
-CVE-2026-40034 (gix-submodule before 0.82.0 incorrectly validates the update
field in ...)
+CVE-2026-40034 (gix-submodule before 0.29.0 (gitoxide before 0.5.21, gix
before 0.84.0 ...)
TODO: check
CVE-2026-40033 (FreeRDP before 3.26.0 contains a heap-buffer-overflow
vulnerability in ...)
TODO: check
@@ -3646,7 +3947,7 @@ CVE-2026-4480 (A flaw was found in the Samba printing
subsystem. Samba passes th
{DSA-6297-1}
- samba 2:4.24.3+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2026-4480.html
-CVE-2026-4408 [Remote Code Execution in SAMR when check password script
contains %u substitution placeholder]
+CVE-2026-4408 (A flaw was found in Samba. A remote attacker can exploit a
misconfigur ...)
{DSA-6297-1}
- samba 2:4.24.3+dfsg-1
NOTE: https://www.samba.org/samba/security/CVE-2026-4408.html
@@ -4203,42 +4504,42 @@ CVE-2026-9360 (A security flaw has been discovered in
Edimax EW-7438RPn 1.28a. A
CVE-2026-4372 (A critical remote code execution vulnerability exists in all
versions ...)
NOT-FOR-US: HuggingFace transformers
CVE-2026-48844 (Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1
has insec ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/ea1798a6fbf060abcc0ba73b2435036bf8016a5a
CVE-2026-48847 (Roundcube Webmail 1.6.x before 1.6.16, and 1.7.x before 1.7.1
allows p ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/703318e6a59515b73b0d8aa2a91e346b02f56baa
CVE-2026-48846 (In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before
1.7.1, the r ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/852350486b88b35b8544e8a630fad89e99e2150a
CVE-2026-48845 (In Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16 and 1.7.x
before ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/7b52353653a67e6073b97d70eb94047132b78556
CVE-2026-48843 (Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x
before 1.7 ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/cb3fc9041e91640ba9ba49ee7b2147c176ebf5a1
CVE-2026-48842 (Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1
has Pre-a ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/87124cc7136a48b5fa9d2b40dfead6e9dcaeaf4b
CVE-2026-48848 (Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has
insuffi ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/58e5263f341e6a418774fb6d2643669a3c4d8a27
CVE-2026-48849 (In Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before
1.7.1, an un ...)
- {DSA-6301-1}
+ {DSA-6301-1 DLA-4604-1}
- roundcube 1.6.16+dfsg-1 (bug #1137507)
NOTE:
https://roundcube.net/news/2026/05/24/security-updates-1.6.16-and-1.7.1
NOTE:
https://github.com/roundcube/roundcubemail/commit/a21519187873ce962db029b6ff68e47bd7f3fd8a
@@ -4345,7 +4646,7 @@ CVE-2018-25341 (Smartshop 1 contains a SQL injection
vulnerability that allows u
CVE-2018-25340 (Smartshop 1 contains a SQL injection vulnerability that allows
unauthe ...)
NOT-FOR-US: Smartshop
CVE-2026-43503 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- {DSA-6295-1}
+ {DSA-6306-1 DSA-6295-1}
- linux 7.0.9-1
NOTE:
https://git.kernel.org/linus/48f6a5356a33dd78e7144ae1faef95ffc990aae0
CVE-2026-9284 (The WooCommerce PayPal Payments plugin for WordPress is
vulnerable to ...)
@@ -5166,6 +5467,7 @@ CVE-2026-47165
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick/commit/bb79e91155127dd6c3c18a01c8761e9c2ea82d70
(7.1.2-23)
NOTE: Fixed by:
https://github.com/ImageMagick/ImageMagick6/commit/2ca87784a434899067b8408e5f8a7f0165a8f884
(6.9.13-48)
CVE-2026-43494 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
+ {DSA-6305-1}
- linux 7.0.10-1
NOTE:
https://git.kernel.org/linus/e174929793195e0cd6a4adb0cad731b39f9019b4 (7.1-rc4)
CVE-2026-47732
@@ -5402,7 +5704,7 @@ CVE-2026-1881 (The Broadstreet plugin for WordPress is
vulnerable to Insecure Di
NOT-FOR-US: WordPress plugin
CVE-2026-1543 (The Avada (Fusion) Builder plugin for WordPress is vulnerable
to Store ...)
NOT-FOR-US: WordPress plugin
-CVE-2026-9759 [ROHC protocol dissector crash]
+CVE-2026-9759 (ROHC protocol dissector crash in Wireshark 4.6.0 to 4.6.5 and
4.4.0 to ...)
- wireshark 4.6.6-1
[trixie] - wireshark <postponed> (Minor issue, fix along with future
update)
[bookworm] - wireshark <no-dsa> (Minor issue)
@@ -6093,6 +6395,7 @@ CVE-2026-34154 (Discourse is an open-source discussion
platform. In versions pri
CVE-2026-33741 (EspoCRM is an open source customer relationship management
application ...)
NOT-FOR-US: EspoCRM
CVE-2026-33642 (Kitty is a cross-platform GPU based terminal. In versions
0.46.2 and b ...)
+ {DSA-6307-1}
- kitty 0.47.0-1 (bug #1137210)
[bullseye] - kitty <not-affected> (frame composition introduced later)
NOTE:
https://github.com/kovidgoyal/kitty/security/advisories/GHSA-qfgm-2c64-6x3x
@@ -6106,6 +6409,7 @@ CVE-2026-33637 (Faraday is an HTTP client library
abstraction layer that provide
NOTE:
https://github.com/lostisland/faraday/security/advisories/GHSA-5rv5-xj5j-3484
NOTE:
https://github.com/lostisland/faraday/commit/3f1280c69e93297d574e85a2d462d05ebadf1d09
(v2.14.2)
CVE-2026-33633 (Kitty is a cross-platform GPU based terminal. Versions 0.46.2
and belo ...)
+ {DSA-6307-1}
- kitty 0.47.0-1 (bug #1137210)
NOTE:
https://github.com/kovidgoyal/kitty/security/advisories/GHSA-j68c-v8x4-269g
NOTE: Fixed by:
https://github.com/kovidgoyal/kitty/commit/48ab623f594d60dbbfb1e767d9686d380ce547fb
(v0.47.0)
@@ -9225,7 +9529,7 @@ CVE-2026-42934 (NGINX Plus and NGINX Open Source have a
vulnerability in the ngx
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/54b7945961b2eaafc480d6b85d9635d0db1c126a
(release-1.30.1)
CVE-2026-46300 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- {DSA-6295-1}
+ {DSA-6306-1 DSA-6295-1}
- linux 7.0.9-1
NOTE: https://github.com/v12-security/pocs/tree/main/fragnesia
NOTE:
https://lore.kernel.org/all/[email protected]/
@@ -11642,7 +11946,7 @@ CVE-2021-47926 (Contact Form to Email 1.3.24 contains a
stored cross-site script
NOT-FOR-US: WordPress plugin
CVE-2021-47925 (CMDBuild 3.3.2 contains multiple stored cross-site scripting
vulnerabi ...)
NOT-FOR-US: CMDBuild
-CVE-2021-47924 (Ultimate Product Catalog 5.8.2 contains a stored cross-site
scripting ...)
+CVE-2021-47924 (Ultimate Product Catalogue 5.8.2 contains a stored cross-site
scriptin ...)
NOT-FOR-US: WordPress plugin
CVE-2021-47923 (OpenCart 3.0.3.8 contains a session fixation vulnerability
that allows ...)
NOT-FOR-US: OpenCart
@@ -17560,7 +17864,7 @@ CVE-2026-43504 (An issue was discovered in Prosody
before 0.12.6 and 1.0.0 throu
CVE-2026-43003 (An issue was discovered in OpenStack ironic-python-agent 1.0.0
through ...)
- ironic-python-agent <unfixed> (bug #1135646)
NOTE: https://bugs.launchpad.net/ironic-python-agent/+bug/2148310
-CVE-2026-43001 (An issue was discovered in OpenStack Keystone 13 through 29.
POST /v3/ ...)
+CVE-2026-43001 (An issue was discovered in OpenStack Keystone before 29.0.2.
POST /v3/ ...)
- keystone <unfixed> (bug #1135645)
NOTE: https://bugs.launchpad.net/keystone/+bug/2149775
NOTE: https://review.opendev.org/c/openstack/keystone/+/985804
@@ -20339,11 +20643,11 @@ CVE-2026-40970 (When configured to use an SSL bundle,
Spring Boot's Elasticsearc
CVE-2026-40967 (In Spring AI, various FilterExpressionConverter
implementations accept ...)
NOT-FOR-US: VMware
CVE-2026-40356 (In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an
integer underf ...)
- {DSA-6293-1}
+ {DSA-6293-1 DLA-4603-1}
- krb5 1.22.1-2.1 (bug #1135317)
NOTE:
https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
CVE-2026-40355 (In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL
pointer de ...)
- {DSA-6293-1}
+ {DSA-6293-1 DLA-4603-1}
- krb5 1.22.1-2.1 (bug #1135317)
NOTE:
https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f
CVE-2026-3087 (If `shutil.unpack_archive()` is given a ZIP archive with an
absolute W ...)
@@ -34627,6 +34931,7 @@ CVE-2026-34543 (OpenEXR provides the specification and
reference implementation
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/security/advisories/GHSA-vc68-257w-m432
NOTE: Fixed by:
https://github.com/AcademySoftwareFoundation/openexr/commit/5f6d0aaa9e43802917af7db90f181e88e083d3b8
(v3.4.8-rc)
CVE-2026-34531 (Flask-HTTPAuth provides Basic, Digest and Token HTTP
authentication fo ...)
+ {DLA-4605-1}
- python-flask-httpauth 4.8.1-1.1 (bug #1132581)
[trixie] - python-flask-httpauth <no-dsa> (Minor issue)
[bookworm] - python-flask-httpauth <no-dsa> (Minor issue)
@@ -86050,7 +86355,7 @@ CVE-2025-14082 (A flaw was found in Keycloak Admin REST
(Representational State
- keycloak <itp> (bug #1088287)
CVE-2025-13955 (Predictable default Wi-Fi Password in Access Point
functionality inEZC ...)
NOT-FOR-US: EZCast Pro II
-CVE-2025-13954 (Hard-coded cryptographic keys in Admin UI of EZCast Pro II
version 1.1 ...)
+CVE-2025-13954 (Hard-coded cryptographic keys in Admin UI of EZCast Pro II
before vers ...)
NOT-FOR-US: EZCast Pro II
CVE-2025-13953 (Bypass vulnerability in the authentication method in the GTT
Tax Infor ...)
NOT-FOR-US: GTT Tax Information System application
@@ -117787,6 +118092,7 @@ CVE-2025-10366 (A flaw has been found in MiczFlor
RPi-Jukebox-RFID up to 2.8.0.
CVE-2025-10359 (A vulnerability was detected in Wavlink WL-WN578W2 221110.
This impact ...)
NOT-FOR-US: Wavlink
CVE-2025-59518 (In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before
2.21.3, OS ...)
+ {DLA-4602-1}
- lemonldap-ng 2.21.3+ds-1
[trixie] - lemonldap-ng 2.21.2+ds-1+deb13u1
[bookworm] - lemonldap-ng 2.16.1+ds-deb12u7
@@ -193127,6 +193433,7 @@ CVE-2023-37002 (Open5GS MME versions <= 2.6.4 contain
an assertion that can be r
CVE-2023-36998 (The NextEPC MME <= 1.0.1 (fixed in commit
a8492c9c5bc0a66c6999cb5a2635 ...)
NOT-FOR-US: NextEPC MME
CVE-2024-52948 [CSRF on 2FA registration]
+ {DLA-4602-1}
- lemonldap-ng 2.20.2+ds-1
[bookworm] - lemonldap-ng 2.16.1+ds-deb12u5
NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/3258
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4089dc64f0dc459fe862a8a1e430fa6d05a055ed
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4089dc64f0dc459fe862a8a1e430fa6d05a055ed
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
