CVE search

363,520 results
CVE-2026-42005MEDIUMInsufficient input validation of internal web serverEPSS 0.5%CVE-2026-56091HIGHApache Shiro: Authentication bypass in Guice-Web integrationEPSS 0.4%CVE-2026-56130LOWApache Shiro: Remember-me cookie isn't checked for expiry on the serverEPSS 0.2%CVE-2026-53277HIGHKVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulationEPSS 0.1%CVE-2026-53276HIGHBluetooth: ISO: Fix a use-after-free of the hci_conn pointerEPSS 0.1%CVE-2026-53275HIGHipv6: mcast: Fix use-after-free when processing MLD queriesEPSS 0.3%CVE-2026-53274net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoSEPSS 0.2%CVE-2026-53273HIGHtee: optee: prevent use-after-free when the client exits before the supplicantEPSS 0.1%CVE-2026-53272erofs: fix use-after-free on sbi->sync_decompressEPSS 0.2%CVE-2026-53271ksmbd: fix NULL-deref of opinfo->conn in oplock/lease break notifiersEPSS 0.2%CVE-2026-53270HIGHipvs: clear the svc scheduler ptr early on editEPSS 0.1%CVE-2026-53269netfilter: synproxy: add mutex to guard hook reference countingEPSS 0.2%CVE-2026-53268HIGHnetfilter: conntrack_irc: fix possible out-of-bounds readEPSS 0.4%CVE-2026-53267HIGHnetfilter: nft_ct: bail out on template ct in get evalEPSS 0.1%CVE-2026-53266HIGHnetfilter: bridge: make ebt_snat ARP rewrite writableEPSS 0.1%CVE-2026-53265HIGHdm cache policy smq: check allocation under invalidate lockEPSS 0.1%CVE-2026-53264HIGHnet/sched: act_api: use RCU with deferred freeing for action lifecycleEPSS 0.1%CVE-2026-532636lowpan: fix off-by-one in multicast context address compressionEPSS 0.2%CVE-2026-53262HIGHl2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()EPSS 0.1%CVE-2026-53261devlink: Release nested relation on devlink freeEPSS 0.2%