0.0
CVE-2026-23347 - can: usb: f81604: correctly anchor the urb in the read bulk callback
In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usb_kill_anchored_urbs() β¦
0.0
CVE-2026-23325 - wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() Check frame length before accessing the mgmt fields in mt7996_mac_write_txwi_80211 in order to avoid a possible oob access.
5.8
CVE-2026-23317 - drm/vmwgfx: Return the correct value in vmw_translate_ptr functions
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error coβ¦
0.0
CVE-2026-23291 - nfc: pn533: properly drop the usb interface reference on disconnect
In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: properly drop the usb interface reference on disconnect When the device is disconnected from the driver, there is a "dangling" reference count on the usb interface that was grabbed in the probe callback. Fix this up β¦
0.0
CVE-2026-23283 - regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read()
In the Linux kernel, the following vulnerability has been resolved: regulator: fp9931: Fix PM runtime reference leak in fp9931_hwmon_read() In fp9931_hwmon_read(), if regmap_read() failed, the function returned the error code without calling pm_runtime_put_autosuspend(), causing a PM reference leβ¦
7.2
CVE-2024-51347 - Buffer Overflow in LSC Smart Indoor IP Camera ONVIF Time Zone Configuration
A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone (TZ) parameter within the ONVIF configuration interface. The time zone (TZ) parameter does not have its length properly validated before being copied into a fiβ¦
9.8
CVE-2026-26832 - nodeβtesseractβocr OS Command Injection via Unsanitized File Path
node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to child_process.execβ¦
5.4
CVE-2026-30587 - Seafile Server: Seadoc editor: seahub: seadoc-editor: Seafile Server: Arbitrary client-side code exβ¦
Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc (sdoc) editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allowsβ¦
7.0
CVE-2026-23375 - mm: thp: deny THP for files on anonymous inodes
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes file_thp_enabled() incorrectly allows THP for files on anonymous inodes (e.g. guest_memfd and secretmem). These files are created via alloc_file_pseudo(), which does not call get_wrβ¦
8.8
CVE-2026-23395 - Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending (FLAG_DEFER_SETUP) which β¦