9.3
CVE-2026-6911 - Authentication Bypass via Missing JWT Signature Verification in AWS Ops Wheel
Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application, including the ability to read, modify, and delete all application data across tenants and manage Cognito user accounts within the deβ¦
9.3
CVE-2026-39920 - BridgeHead FileStore < 24A Apache Axis2 Default Credentials RCE
BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that allows unauthenticated remote attackers to execute arbitrary OS commands. Attackers can authenticate to the admin console uβ¦
0.0
CVE-2026-31672 - wifi: rt2x00usb: fix devres lifetime
In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00usb: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drβ¦
0.0
CVE-2026-31671 - xfrm_user: fix info leak in build_report()
In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a __u8 proto field followed by a struct xfrm_selector which means there is three "empty" bytes of padding, but the padding is never zeroed before copying to usβ¦
0.0
CVE-2026-31670 - net: rfkill: prevent unlimited numbers of rfkill events from being created
In the Linux kernel, the following vulnerability has been resolved: net: rfkill: prevent unlimited numbers of rfkill events from being created Userspace can create an unlimited number of rfkill events if the system is so configured, while not consuming them from the rfkill file descriptor, causinβ¦
0.0
CVE-2026-31669 - mptcp: fix slab-use-after-free in __inet_lookup_established
In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability during RCU read-side critical sections. Both tcp_prot and tcpvβ¦
0.0
CVE-2026-31668 - seg6: separate dst_cache for input and output paths in seg6 lwtunnel
In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dst_cache per encap route, shared between seg6_input_core() and seg6_output_core(). These two paths can perform the post-encap Sβ¦
0.0
CVE-2026-31667 - Input: uinput - fix circular locking dependency with ff-core
In the Linux kernel, the following vulnerability has been resolved: Input: uinput - fix circular locking dependency with ff-core A lockdep circular locking dependency warning can be triggered reproducibly when using a force-feedback gamepad with uinput (for example, playing ELDEN RING under Wine β¦
0.0
CVE-2026-31666 - btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref()
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref() After commit 1618aa3c2e01 ("btrfs: simplify return variables in lookup_extent_data_ref()"), the err and ret variables were merged into a single retβ¦
0.0
CVE-2026-31665 - netfilter: nft_ct: fix use-after-free in timeout object destroy
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: fix use-after-free in timeout object destroy nft_ct_timeout_obj_destroy() frees the timeout object with kfree() immediately after nf_ct_untimeout(), without waiting for an RCU grace period. Concurrent packet prβ¦