🐛 COMMON VULNERABILITIES AND EXPOSURES 241[−]
28 JunCVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD initInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-46252 regulator: core: fix locking in regulator_resolve_supply() error pathInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desyncInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalationInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52953 iommu/vt-d: Fix oops due to out of scope accessInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56405 libexpat before 2.8.2 has an integer overflow in getAttributeId.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53005 af_unix: Drop all SCM attributes for SOCKMAP.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53239 xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52912 netfilter: nf_queue: hold bridge skb->dev while queuedInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55653 Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of serviceInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56406 libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52931 batman-adv: tp_meter: avoid use of uninit sender varsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versionsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53147 thunderbolt: Validate XDomain request packet size before type castInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-9675 undici WebSocket client vulnerable to denial of service via cumulative fragment bypassInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53159 misc: fastrpc: fix DMA address corruption due to find_vma misuseInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56131 libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53274 net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoSInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52915 netfilter: ip6t_hbh: reject oversized option listsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgentInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53230 net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_listInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52956 libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53194 USB: serial: kl5kusb105: fix bulk-out buffer overflowInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53115 bus: fsl-mc: use generic driver_override infrastructureInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53161 misc: fastrpc: fix use-after-free of fastrpc_user in workqueue contextInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53163 locking/rtmutex: Skip remove_waiter() when waiter is not enqueuedInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53254 Bluetooth: RFCOMM: validate skb length in MCC handlersInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52916 batman-adv: frag: disallow unicast fragment in fragmentInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53017 f2fs: fix data loss caused by incorrect use of nat_entry flagInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53089 bpf: Fix use-after-free in offloaded map/prog info fillInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53158 misc: fastrpc: Fix NULL pointer dereference in rpmsg callbackInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53120 PCI: use generic driver_override infrastructureInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53151 rxrpc: Fix the ACK parser to extract the SACK table for parsingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52934 batman-adv: tvlv: reject oversized TVLV packetsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53267 netfilter: nft_ct: bail out on template ct in get evalInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53249 ipv4: restrict IPOPT_SSRR and IPOPT_LSRR optionsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52943 net: skbuff: fix missing zerocopy reference in pskb_carve helpersInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53139 drm/v3d: Skip CSD when it has zeroed workgroupsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52942 netfilter: nf_log: validate MAC header was set before dumping itInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52957 libceph: Fix potential null-ptr-deref in decode_choose_args()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53198 ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCELInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53214 ipv6: Fix a potential NPD in cleanup_prefix_route()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53218 netfilter: nft_exthdr: fix register tracking for F_PRESENT flagInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53097 wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53107 wifi: libertas: don't kill URBs in interrupt contextInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53166 futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlockInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53179 staging: rtl8723bs: fix buffer over-read in rtw_update_protectionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53228 ipv6: sit: reload inner IPv6 header after GSO offloadsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53132 vsock/virtio: fix potential unbounded skb queueInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52961 ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob sizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsigInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53010 ksmbd: fix use-after-free in smb2_open during durable reconnectInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDRInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53109 powerpc/pgtable-frag: Fix bad page state in pte_frag_destroyInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53106 bpf: Do not allow deleting local storage in NMIInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53217 net: mvpp2: sync RX data at the hardware packet offsetInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received lengthInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53268 netfilter: conntrack_irc: fix possible out-of-bounds readInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53053 iommu/amd: Fix clone_alias() to use the original device's devidInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52926 batman-adv: clear current gateway during teardownInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52927 netfilter: ebtables: fix OOB read in compat_mtw_from_userInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53219 netfilter: x_tables: avoid leaking percpu counter pointersInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53157 net: phonet: free phonet_device after RCU grace periodInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53102 wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardownInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted FilesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55895 Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filenameInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53221 ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55693 Vim: Out-of-bounds Write in Spell File Word CountInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53253 Bluetooth: bnep: reject short frames before parsingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57455 Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argumentInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53025 greybus: raw: fix use-after-free on cdev closeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57456 Vim: Arbitrary Code Execution via Python Omni-Completion DocstringsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57453 Vim: PowerShell Command Injection via Unescaped Filename in zip.vim ExtractionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb useInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55892 Vim: Out-of-bounds Write in Spell File Prefix DumpInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53154 mm/hugetlb: restore reservation on error in hugetlb folio copy pathsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52941 net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepointInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53263 6lowpan: fix off-by-one in multicast context address compressionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_removeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52991 sched/psi: fix race between file release and pressure writeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52988 netfilter: nf_tables: join hook list via splice_list_rcu() in commit phaseInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57454 Vim: Out-of-bounds Read with Text PropertiesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-46243 smb: client: reject userspace cifs.spnego descriptionsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-46254 AppArmor: Allow apparmor to handle unaligned dfa tablesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52948 i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctlInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array sizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53227 net: openvswitch: fix possible kfree_skb of ERR_PTRInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56407 libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56404 libexpat before 2.8.2 has an integer overflow in addBinding.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53207 mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoisonInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52913 batman-adv: v: stop OGMv2 on disabled interfaceInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53027 fs/ntfs3: fix missing run load for vcn0 in attr_data_get_block_locked()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56403 libexpat before 2.8.2 has an integer overflow in storeAtts.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengthsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52921 netfilter: ipset: stop hash:* range iteration at endInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnectInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53270 ipvs: clear the svc scheduler ptr early on editInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-11525 undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matchingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56132 In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53129 fs/mbcache: cancel shrink work before destroying the cacheInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-48142 NGINX ngx_http_charset_module vulnerabilityInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streamsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53236 tcp: restrict SO_ATTACH_FILTER to priv usersInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53118 vdpa: use generic driver_override infrastructureInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-56412 libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53266 netfilter: bridge: make ebt_snat ARP rewrite writableInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53138 drm/amd/display: Bound VBIOS record-chain walk loopsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53146 thunderbolt: Limit XDomain response copy to actual frame sizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53264 net/sched: act_api: use RCU with deferred freeing for action lifecycleInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocationInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53182 wifi: nl80211: reject oversized EMA RNR listsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-11972 tarfile opened in streaming mode mishandles EOFInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52924 sctp: purge outqueue on stale COOKIE-ECHO handlingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-0864 Configuration Injection via Carriage Return (\r) in write() methodInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO HandlerInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.cInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53150 thunderbolt: Reject zero-length property entries in validatorInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53149 thunderbolt: Bound root directory content to block sizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53181 vsock/vmci: fix sk_ack_backlog leak on failed handshakeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53018 f2fs: avoid reading already updated pages during GCInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-15661 libssh2 - Heap Buffer Over-read via sftp_symlink() in sftp.cInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53184 udp: clear skb->dev before running a sockmap verdictInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52923 ipc: limit next_id allocation to the valid ID rangeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53178 staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtractionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53143 drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53209 Bluetooth: hci_sync: reject oversized Broadcast Announcement prependInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53275 ipv6: mcast: Fix use-after-free when processing MLD queriesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53192 ALSA: timer: Fix UAF at snd_timer_user_params()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52960 ceph: put folios not suitable for writebackInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53133 RDMA/umem: Fix truncation for block sizes >= 4GInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52919 batman-adv: fix tp_meter counter underflow during shutdownInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53078 bpf: Fix same-register dst/src OOB read and pointer leak in sock_opsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52946 fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signalingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53255 Bluetooth: MGMT: validate advertising TLV before type checksInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53113 wifi: ath11k: fix memory leaks in beacon template setupInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53015 erofs: unify lcn as u64 for 32-bit platformsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53265 dm cache policy smq: check allocation under invalidate lockInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52922 batman-adv: dat: handle forward allocation errorInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53237 gpio: mvebu: fix NULL pointer dereference in suspend/resumeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52954 libceph: handle rbtree insertion error in decode_choose_args()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation sizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53000 netfilter: nat: use kfree_rcu to release opsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53245 net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattrInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53199 hv_netvsc: use kmap_local_page in netvsc_copy_to_send_bufInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53258 wifi: fix leak if split 6 GHz scanning failsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53160 misc: fastrpc: fix use-after-free race in fastrpc_map_createInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53226 gpio: rockchip: fix generic IRQ chip leak on removeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52930 ipc/shm: serialize orphan cleanup with shm_nattch updatesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53135 drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53080 net/sched: cls_fw: fix NULL dereference of "old" filters before change()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53108 powerpc/64s: Fix unmap race with PMD migration entriesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53091 net: pull headers in qdisc_pkt_len_segs_init()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53232 net: phy: clean the sfp upstream if phy probing failsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-52962 ceph: fix a buffer leak in __ceph_setxattr()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53176 IB/isert: Reject login PDUs shorter than ISER_HEADERS_LENInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53070 sctp: disable BH before calling udp_tunnel_xmit_skb()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53156 nvmem: core: fix use-after-free bugs in error pathsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-57451 Vim: Out-of-bounds Read in Text Property CountInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53252 Bluetooth: fix memory leak in error path of hci_alloc_dev()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53320 nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53296 mailbox: mailbox-test: free channels on probe errorInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53292 net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bindInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53284 btrfs: only release the dirty pages io tree after successful writesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53309 ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparisonInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53304 scsi: sg: Resolve soft lockup issue when opening /dev/sgXInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53313 drm/amd/display: Avoid NULL dereference in dc_dmub_srv error pathsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53306 tty: hvc_iucv: fix off-by-one in number of supported devicesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53291 ALSA: hda/conexant: Fix missing error check for jack detectionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53297 net: mana: Guard mana_remove against double invocationInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53293 drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REGInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53294 mailbox: mailbox-test: don't free the reused channelInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53289 ice: fix NULL pointer dereference in ice_reset_all_vfs()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53287 audit: fix incorrect inheritable capability in CAPSET recordsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53303 f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53314 padata: Put CPU offline callback in ONLINE section to allow failureInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-44889 WebOb: Location header normalization during redirect leads to open redirectInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53295 mailbox: add sanity check for channel arrayInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53279 drm/gma500/oaktrail_lvds: fix hang on init failureInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-53655 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-42123 drm/amdgpu: fix double free err_addr pointer warningsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-42155 s390/pkey: Wipe copies of protected- and secure-keysInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-42227 drm/amd/display: Fix overlapping copy within dml_core_mode_programmingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-41085 cxl/mem: Fix no cxl_nvd during pmem region auto-assemblingInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-42158 s390/pkey: Use kfree_sensitive() to fix Coccinelle warningsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-58012 ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during paramsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50225 btrfs: fix error propagation of split biosInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-53056 drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-53084 drm/imagination: Break an object reference loopInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50091 dm vdo: don't refer to dedupe_context after releasing itInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50090 drm/xe/oa: Fix overflow in oa batch bufferInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50102 x86: fix user address masking non-canonical speculation issueInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50178 cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-53051 drm/i915/hdcp: Add encoder check in intel_hdcp_get_capabilityInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-27010 net/sched: Fix mirred deadlock on device recursionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-26962 dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshapeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-27079 iommu/vt-d: Fix NULL domain on device releaseInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-53187 io_uring: check for overflows in io_pin_pagesInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-56544 udmabuf: change folios array from kmalloc to kvmallocInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-56702 bpf: Mark raw_tp arguments with PTR_MAYBE_NULLInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-56742 vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49908 drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2)Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49918 drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layerInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49990 drm/xe/hdcp: Check GSC structure validityInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-47703 bpf, lsm: Add check for BPF LSM return valueInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49910 drm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_funcInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49916 drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hwInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-49970 drm/amd/display: Implement bounds check for stream encoder creation in DCN401Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-50004 drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46681 pktgen: use cpus_read_lock() in pg_net_init()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46701 libfs: fix infinite directory reads for offset dirInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46775 drm/amd/display: Validate function returnsInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-44956 drm/xe/preempt_fence: enlarge the fence critical sectionInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46698 video/aperture: optionally match the device in sysfb_disable()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46778 drm/amd/display: Check UnboundedRequestEnabled's valueInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46808 drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_rangeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-46842 scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_infoInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoupInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-43886 drm/amd/display: Add null check in resource_log_pipe_topology_updateInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-43824 PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()Information published.MSRC.MICROSOFT.COM
28 JunCVE-2023-6606 Kernel: out-of-bounds read vulnerability in smbcalcsizeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCEInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_completeInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflowInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol sideInformation published.MSRC.MICROSOFT.COM
28 JunCVE-2024-24864 Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()Information published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
28 JunWeek in review: Fortibleed campaign’s impact on orgs, Cisco Unified CM flaw exploitedHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: Encrypted DNS still tells an eavesdropper where to look Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone wa…HELPNETSECURITY.COM
28 JunData breach exposes up to 14.2 million email logins at six ISPsJapanese telecommunications operator KDDI Corporation disclosed a data breach where threat actors gained access to one of its email systems used by five other internet service providers (ISPs) in the country. [...]BLEEPINGCOMPUTER.COM
28 JunAssuranceAmerica breach may have affected more than 1.1 million people in seven statesKrys Shahin and Christopher Buchanan report: State officials are warning at least 1.1 million people across seven states may be impacted by an AssuranceAmerica data breach. Notices about the breach were sent to California, Massachusetts, Nebraska, South Carolina, Texas, Vermont, …DATABREACHES.NET
28 JunNZ pharmacy scrambles to scrub internet of patients’ private messagesMary Argue reports: A Wellington pharmacy at the centre of a data leak says sensitive patient information has now been scrubbed from the internet. Unichem Petone said it was contacting 29 patients affected by what it described as an error on the website that saw patients’ p…DATABREACHES.NET
28 JunSysco - 2,691,852 breached accountsIn June 2026, the food distribution company Sysco was targeted by a ShinyHunters "pay or leak" extortion campaign . Data was subsequently published containing 2.7M unique email addresses belonging to staff and customers. The data also contained largely corporate contact informati…HAVEIBEENPWNED.COM
28 JunKDDI Data Breach Impacts up to 14.2 Million Email Accounts at Six ISPsKDDI Corporation disclosed a breach affecting up to 14.2 million email accounts after attackers exploited a vulnerability in third-party software. KDDI Corporation disclosed a data breach that exposed up to 14.2 million email accounts across six Japanese internet service provider…SECURITYAFFAIRS.COM
28 JunA KDDI data breach has put up to 14.2 million ISP email logins at risk across JapanJames Whitmore reports: Data breach at Japanese telecoms operator KDDI may have exposed up to 14.22 million email addresses and passwords linked to ISP mail services, after attackers gained unauthorised access to a system used by six providers in Japan. KDDI said it confirmed the…DATABREACHES.NET
🔥 INCIDENT REPORTING 1[−]
28 JunSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 103Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers A VBScript …SECURITYAFFAIRS.COM
🕵️ THREAT INTELLIGENCE 1[−]
28 JunYARA-X 1.18.0 and 1.19.0 Release, (Sun, Jun 28th)YARA-X&#;x26;#;39;s 1.18.0 release brings 3 improvements and 2 bugfixes.
ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 2[−]
28 JunSpace supply chain pressures.Despite the space sector seeing greater investment and attention year-over-year, the sector still remains bound by an outdated and ineffective supply chain, especially in the United States. In this week’s episode, host Maria Varmazis sits down with Doug Anderson, Partner at Pw…THECYBERWIRE.COM
28 JunSpace’s fragile supply chain.This week on T-Minus: Space-Cyber Briefing: we look at recent research that examines the US’s current space supply chain. Despite increased investment and growing demand for space capabilities, the industry’s supply chain remains vulnerable to bottlenecks, shortages, and external…THECYBERWIRE.COM
🎙️ PODCASTS 1[−]
28 JunUniting Women in Cyber Podcast: Breaking Barriers in Cybersecurity with Cybersecurity Girl.In this Special Edition episode, N2K CyberWire's Dave Bittner sits down with Caitlin Sarian, widely known as Cybersecurity Girl, to explore how storytelling, authenticity, and community are reshaping a more human-centered cybersecurity landscape.THECYBERWIRE.COM
📡 INFOSEC NEWS 1[−]
28 JunSecurity Affairs newsletter Round 583 by Pierluigi Paganini – INTERNATIONAL EDITIONA new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New FBI Alert: Russian Intell…SECURITYAFFAIRS.COM