7.0
CVE-2026-43261 - arm64: Add support for TSV110 Spectre-BHB mitigation
In the Linux kernel, the following vulnerability has been resolved: arm64: Add support for TSV110 Spectre-BHB mitigation The TSV110 processor is vulnerable to the Spectre-BHB (Branch History Buffer) attack, which can be exploited to leak information through branch prediction side channels. This cβ¦
5.5
CVE-2026-43265 - KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block()
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpu_block() Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit, uβ¦
7.8
CVE-2026-43126 - ALSA: mixer: oss: Add card disconnect checkpoints
In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarioβ¦
0.0
CVE-2026-43121 - io_uring/zcrx: fix user_ref race between scrub and refill paths
In the Linux kernel, the following vulnerability has been resolved: io_uring/zcrx: fix user_ref race between scrub and refill paths The io_zcrx_put_niov_uref() function uses a non-atomic check-then-decrement pattern (atomic_read followed by separate atomic_dec) to manipulate user_refs. This is seβ¦
3.4
CVE-2026-44405 - paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use
In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm.
7.6
CVE-2026-40934 - jupyter-server authentication cookies remain valid after password reset due to static cookie secret
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at ~/.local/share/jupyter/runtime/jupyter_cookie_secret and is never rotated when a user changes their password. After a password β¦
9.8
CVE-2026-28780 - Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()
Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy_ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This iβ¦
7.6
CVE-2026-40110 - jupyter-server CORS origin validation bypass via unanchored regex in allow_origin_pat
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string and does not requiβ¦
8.2
CVE-2026-40075 - OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet
OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesystem path from user-coβ¦
7.7
CVE-2026-40068 - Claude Code arbitrary code execution via git worktree commondir trust dialog bypass
In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Codeβ¦