8.4
CVE-2026-20979 - Local Privilege Escalation via Improper Settings Activity Launch in Samsung Android
Improper privilege management in Settings prior to SMR Feb-2026 Release 1 allows local attackers to launch arbitrary activity with Settings privilege.
5.8
CVE-2026-20978 - KnoxGuardManager Authorization Bypass
Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Release 1 allows local attackers to bypass the persistence configuration of the application.
6.9
CVE-2026-20977 - Local Attacker Can Interrupt Emergency Sharing
Improper access control in Emergency Sharing prior to SMR Feb-2026 Release 1 allows local attackers to interrupt its functioning.
0.0
CVE-2026-25630 -
Reason: This candidate was issued in error.
8.5
CVE-2025-29867 -
Access of Resource Using Incompatible Type ('Type Confusion') vulnerability in Hancom Inc. Hancom Office 2018, Hancom Inc. Hancom Office 2020, Hancom Inc. Hancom Office 2022, Hancom Inc. Hancom Office 2024 allows File Content Injection.This issue affects Hancom Office 2018: before 10.0.0.12681; Hanβ¦
2.7
CVE-2026-1791 - Arbitrary File Upload Vulnerability in Operation and Maintenance Security Gateway
Unrestricted Upload of File with Dangerous Type vulnerability in Hillstone Networks Operation and Maintenance Security Gateway on Linux allows Upload a Web Shell to a Web Server.This issue affects Operation and Maintenance Security Gateway: V5.5ST00001B113.
5.3
CVE-2026-1835 - lcg0124 BootDo cross-site request forgery
A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. This affects an unknown part. The manipulation leads to cross-site request forgery. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. This product aβ¦
7.0
CVE-2026-23054 - net: hv_netvsc: reject RSS hash key programming without RX indirection table
In the Linux kernel, the following vulnerability has been resolved: net: hv_netvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndis_filter_device_add() does not allocate an β¦
0.0
CVE-2025-71198 - iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection
In the Linux kernel, the following vulnerability has been resolved: iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection The st_lsm6dsx_acc_channels array of struct iio_chan_spec has a non-NULL event_spec field, indicating support for IIO events. However, event detection isβ¦
5.5
CVE-2026-23080 - can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak
In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a ("can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak"). In mcba_usb_probe() -> mcba_usb_start(), tβ¦