Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/linux@6.12.73-1
Typedeb
Namespacedebian
Namelinux
Version6.12.73-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version6.12.74-2~bpo12+1
Latest_non_vulnerable_version7.0-1~exp1
Affected_by_vulnerabilities
0
url VCID-142k-7wgv-pfh6
vulnerability_id VCID-142k-7wgv-pfh6
summary 
In the Linux kernel, the following vulnerability has been resolved:

wifi: radiotap: reject radiotap with unknown bits

The radiotap parser is currently only used with the radiotap
namespace (not with vendor namespaces), but if the undefined
field 18 is used, the alignment/size is unknown as well. In
this case, iterator->_next_ns_data isn't initialized (it's
only set for skipping vendor namespaces), and syzbot points
out that we later compare against this uninitialized value.

Fix this by moving the rejection of unknown radiotap fields
down to after the in-namespace lookup, so it will really use
iterator->_next_ns_data only for vendor namespaces, even in
case undefined fields are present.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23367.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23367.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23367
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23367
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23367
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23367
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23367
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-142k-7wgv-pfh6
1
url VCID-14ey-bdy6-5qe9
vulnerability_id VCID-14ey-bdy6-5qe9
summary In the Linux kernel, the following vulnerability has been resolved: ext4: validate p_idx bounds in ext4_ext_correct_indexes ext4_ext_correct_indexes() walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing path[k].p_idx->ei_block, there is no validation that p_idx falls within the valid range of index entries for that level. If the on-disk extent header contains a corrupted or crafted eh_entries value, p_idx can point past the end of the allocated buffer, causing a slab-out-of-bounds read. Fix this by validating path[k].p_idx against EXT_LAST_INDEX() at both access sites: before the while loop and inside it. Return -EFSCORRUPTED if the index pointer is out of range, consistent with how other bounds violations are handled in the ext4 extent tree code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31449.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31449.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31449
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31449
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31449
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460717
reference_id 2460717
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460717
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31449
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14ey-bdy6-5qe9
2
url VCID-16bf-g26g-z3db
vulnerability_id VCID-16bf-g26g-z3db
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() l2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer and id_addr_timer while holding conn->lock. However, the work functions l2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire conn->lock, creating a potential AB-BA deadlock if the work is already executing when l2cap_conn_del() takes the lock. Move the work cancellations before acquiring conn->lock and use disable_delayed_work_sync() to additionally prevent the works from being rearmed after cancellation, consistent with the pattern used in hci_conn_del().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31499.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31499.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31499
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31499
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460692
reference_id 2460692
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460692
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31499
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16bf-g26g-z3db
3
url VCID-16es-2z99-a3hu
vulnerability_id VCID-16es-2z99-a3hu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31405.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31405
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01159
published_at 2026-04-08T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01154
published_at 2026-04-07T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01161
published_at 2026-04-09T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01146
published_at 2026-04-11T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02263
published_at 2026-04-16T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02283
published_at 2026-04-12T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0228
published_at 2026-04-13T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03441
published_at 2026-04-24T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03337
published_at 2026-04-18T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03455
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31405
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31405
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455336
reference_id 2455336
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455336
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31405
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16es-2z99-a3hu
4
url VCID-179u-b611-z7hc
vulnerability_id VCID-179u-b611-z7hc
summary In the Linux kernel, the following vulnerability has been resolved: net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written. gem_get_sset_count() correctly computes the number of stats based on the active queues, whereas gem_get_ethtool_stats() indiscriminately copies data using the maximum number of queues, and in the case the number of active queues is less than MACB_MAX_QUEUES, this results in a OOB write as observed in the KASAN splat. ================================================================== BUG: KASAN: vmalloc-out-of-bounds in gem_get_ethtool_stats+0x54/0x78 [macb] Write of size 760 at addr ffff80008080b000 by task ethtool/1027 CPU: [...] Tainted: [E]=UNSIGNED_MODULE Hardware name: raspberrypi rpi/rpi, BIOS 2025.10 10/01/2025 Call trace: show_stack+0x20/0x38 (C) dump_stack_lvl+0x80/0xf8 print_report+0x384/0x5e0 kasan_report+0xa0/0xf0 kasan_check_range+0xe8/0x190 __asan_memcpy+0x54/0x98 gem_get_ethtool_stats+0x54/0x78 [macb 926c13f3af83b0c6fe64badb21ec87d5e93fcf65] dev_ethtool+0x1220/0x38c0 dev_ioctl+0x4ac/0xca8 sock_do_ioctl+0x170/0x1d8 sock_ioctl+0x484/0x5d8 __arm64_sys_ioctl+0x12c/0x1b8 invoke_syscall+0xd4/0x258 el0_svc_common.constprop.0+0xb4/0x240 do_el0_svc+0x48/0x68 el0_svc+0x40/0xf8 el0t_64_sync_handler+0xa0/0xe8 el0t_64_sync+0x1b0/0x1b8 The buggy address belongs to a 1-page vmalloc region starting at 0xffff80008080b000 allocated at dev_ethtool+0x11f0/0x38c0 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff00000a333000 pfn:0xa333 flags: 0x7fffc000000000(node=0|zone=0|lastcpupid=0x1ffff) raw: 007fffc000000000 0000000000000000 dead000000000122 0000000000000000 raw: ffff00000a333000 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff80008080b080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff80008080b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffff80008080b180: 00 00 00 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffff80008080b200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffff80008080b280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ================================================================== Fix it by making sure the copied size only considers the active number of queues.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31494.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31494.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31494
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09524
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31494
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31494
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31494
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460665
reference_id 2460665
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460665
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31494
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-179u-b611-z7hc
5
url VCID-17tu-a4wu-b3hv
vulnerability_id VCID-17tu-a4wu-b3hv
summary kernel: blktrace: fix __this_cpu_read/write in preemptible context
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23374.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23374.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23374
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23374
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23374
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23374
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451165
reference_id 2451165
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451165
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23374
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-17tu-a4wu-b3hv
6
url VCID-188w-9sxd-5khx
vulnerability_id VCID-188w-9sxd-5khx
summary In the Linux kernel, the following vulnerability has been resolved: iavf: fix out-of-bounds writes in iavf_get_ethtool_stats() iavf incorrectly uses real_num_tx_queues for ETH_SS_STATS. Since the value could change in runtime, we should use num_tx_queues instead. Moreover iavf_get_ethtool_stats() uses num_active_queues while iavf_get_sset_count() and iavf_get_stat_strings() use real_num_tx_queues, which triggers out-of-bounds writes when we do "ethtool -L" and "ethtool -S" simultaneously [1]. For example when we change channels from 1 to 8, Thread 3 could be scheduled before Thread 2, and out-of-bounds writes could be triggered in Thread 3: Thread 1 (ethtool -L) Thread 2 (work) Thread 3 (ethtool -S) iavf_set_channels() ... iavf_alloc_queues() -> num_active_queues = 8 iavf_schedule_finish_config() iavf_get_sset_count() real_num_tx_queues: 1 -> buffer for 1 queue iavf_get_ethtool_stats() num_active_queues: 8 -> out-of-bounds! iavf_finish_config() -> real_num_tx_queues = 8 Use immutable num_tx_queues in all related functions to avoid the issue. [1] BUG: KASAN: vmalloc-out-of-bounds in iavf_add_one_ethtool_stat+0x200/0x270 Write of size 8 at addr ffffc900031c9080 by task ethtool/5800 CPU: 1 UID: 0 PID: 5800 Comm: ethtool Not tainted 6.19.0-enjuk-08403-g8137e3db7f1c #241 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: <TASK> dump_stack_lvl+0x6f/0xb0 print_report+0x170/0x4f3 kasan_report+0xe1/0x180 iavf_add_one_ethtool_stat+0x200/0x270 iavf_get_ethtool_stats+0x14c/0x2e0 __dev_ethtool+0x3d0c/0x5830 dev_ethtool+0x12d/0x270 dev_ioctl+0x53c/0xe30 sock_do_ioctl+0x1a9/0x270 sock_ioctl+0x3d4/0x5e0 __x64_sys_ioctl+0x137/0x1c0 do_syscall_64+0xf3/0x690 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f7da0e6e36d ... </TASK> The buggy address belongs to a 1-page vmalloc region starting at 0xffffc900031c9000 allocated at __dev_ethtool+0x3cc9/0x5830 The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88813a013de0 pfn:0x13a013 flags: 0x200000000000000(node=0|zone=2) raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 raw: ffff88813a013de0 0000000000000000 00000001ffffffff 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffffc900031c8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc900031c9000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 >ffffc900031c9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffffc900031c9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc900031c9180: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31505.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31505.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31505
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31505
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460688
reference_id 2460688
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460688
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31505
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-188w-9sxd-5khx
7
url VCID-1cac-quc3-2bcf
vulnerability_id VCID-1cac-quc3-2bcf
summary kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40139.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40139.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40139
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05995
published_at 2026-04-12T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05961
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06113
published_at 2026-04-21T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40139
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40139
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40139
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414464
reference_id 2414464
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414464
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40139
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1cac-quc3-2bcf
8
url VCID-1dxt-yy4z-y7cs
vulnerability_id VCID-1dxt-yy4z-y7cs
summary kernel: can: ucan: Fix infinite loop from zero-length messages
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23298.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23298.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23298
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23298
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23298
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23298
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451227
reference_id 2451227
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451227
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23298
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dxt-yy4z-y7cs
9
url VCID-1g77-qwuy-nkg8
vulnerability_id VCID-1g77-qwuy-nkg8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31416.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31416.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31416
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31416
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31416
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31416
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457825
reference_id 2457825
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457825
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31416
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1g77-qwuy-nkg8
10
url VCID-1g8r-w5jy-6kes
vulnerability_id VCID-1g8r-w5jy-6kes
summary kernel: iommu/s390: Make attach succeed when the device was surprise removed
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39958.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39958.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39958
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04774
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04797
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04846
published_at 2026-04-08T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04857
published_at 2026-04-09T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04844
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04821
published_at 2026-04-12T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04801
published_at 2026-04-13T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04753
published_at 2026-04-16T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04762
published_at 2026-04-18T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04907
published_at 2026-04-21T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04941
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39958
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2402698
reference_id 2402698
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2402698
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39958
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1g8r-w5jy-6kes
11
url VCID-1h5j-qg28-fka7
vulnerability_id VCID-1h5j-qg28-fka7
summary In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs() macro on s32 operands. The abs() macro documentation (include/linux/math.h) explicitly states the result is undefined when the input is the type minimum. When DST contains S32_MIN (0x80000000), abs((s32)DST) triggers undefined behavior and returns S32_MIN unchanged on arm64/x86. This value is then sign-extended to u64 as 0xFFFFFFFF80000000, causing do_div() to compute the wrong result. The verifier's abstract interpretation (scalar32_min_max_sdiv) computes the mathematically correct result for range tracking, creating a verifier/interpreter mismatch that can be exploited for out-of-bounds map value access. Introduce abs_s32() which handles S32_MIN correctly by casting to u32 before negating, avoiding signed overflow entirely. Replace all 8 abs((s32)...) call sites in the interpreter's sdiv32/smod32 handlers. s32 is the only affected case -- the s64 division/modulo handlers do not use abs().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31525.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31525.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31525
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31525
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460672
reference_id 2460672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460672
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31525
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1h5j-qg28-fka7
12
url VCID-1kgs-19ue-wbe1
vulnerability_id VCID-1kgs-19ue-wbe1
summary In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations ieee80211_chan_bw_change() iterates all stations and accesses link->reserved.oper via sta->sdata->link[link_id]. For stations on AP_VLAN interfaces (e.g. 4addr WDS clients), sta->sdata points to the VLAN sdata, whose link never participates in chanctx reservations. This leaves link->reserved.oper zero-initialized with chan == NULL, causing a NULL pointer dereference in __ieee80211_sta_cap_rx_bw() when accessing chandef->chan->band during CSA. Resolve the VLAN sdata to its parent AP sdata using get_bss_sdata() before accessing link data. [also change sta->sdata in ARRAY_SIZE even if it doesn't matter]
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31394.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31394.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31394
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31394
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31394
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454814
reference_id 2454814
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454814
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31394
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1kgs-19ue-wbe1
13
url VCID-1n5v-auw6-wbcd
vulnerability_id VCID-1n5v-auw6-wbcd
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23420.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23420
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23420
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23420
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454770
reference_id 2454770
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454770
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23420
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1n5v-auw6-wbcd
14
url VCID-1s26-havx-dkey
vulnerability_id VCID-1s26-havx-dkey
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2cap_ecred_data_rcv() l2cap_ecred_data_rcv() reads the SDU length field from skb->data using get_unaligned_le16() without first verifying that skb contains at least L2CAP_SDULEN_SIZE (2) bytes. When skb->len is less than 2, this reads past the valid data in the skb. The ERTM reassembly path correctly calls pskb_may_pull() before reading the SDU length (l2cap_reassemble_sdu, L2CAP_SAR_START case). Apply the same validation to the Enhanced Credit Based Flow Control data path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31512.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31512.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31512
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31512
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31512
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31512
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460696
reference_id 2460696
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460696
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31512
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1s26-havx-dkey
15
url VCID-1s77-djzb-xffp
vulnerability_id VCID-1s77-djzb-xffp
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31417.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31417.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31417
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31417
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31417
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457837
reference_id 2457837
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457837
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31417
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1s77-djzb-xffp
16
url VCID-1xj4-m963-nkb2
vulnerability_id VCID-1xj4-m963-nkb2
summary kernel: ice: fix devlink reload call trace
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23104.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23104.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23104
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03066
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03079
published_at 2026-04-07T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03084
published_at 2026-04-08T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03109
published_at 2026-04-09T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03071
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03047
published_at 2026-04-12T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23104
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436834
reference_id 2436834
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436834
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23104
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xj4-m963-nkb2
17
url VCID-1xws-te5q-8fh4
vulnerability_id VCID-1xws-te5q-8fh4
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmt_add_adv_patterns_monitor_complete This fixes the condition checking so mgmt_pending_valid is executed whenever status != -ECANCELED otherwise calling mgmt_pending_free(cmd) would kfree(cmd) without unlinking it from the list first, leaving a dangling pointer. Any subsequent list traversal (e.g., mgmt_pending_foreach during __mgmt_power_off, or another mgmt_pending_valid call) would dereference freed memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31511.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31511
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31511
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460703
reference_id 2460703
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460703
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31511
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xws-te5q-8fh4
18
url VCID-1ygk-whua-gbcq
vulnerability_id VCID-1ygk-whua-gbcq
summary kernel: ALSA: usb-audio: Use correct version for UAC3 header validation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23318.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23318.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23318
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23318
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23318
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23318
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451189
reference_id 2451189
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451189
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23318
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1ygk-whua-gbcq
19
url VCID-1zbm-pnj5-xqb4
vulnerability_id VCID-1zbm-pnj5-xqb4
summary kernel: mptcp: pm: in-kernel: always mark signal+subflow endp as used
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23321.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23321.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23321
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23321
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451159
reference_id 2451159
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451159
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23321
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zbm-pnj5-xqb4
20
url VCID-2198-cz4u-87hu
vulnerability_id VCID-2198-cz4u-87hu
summary kernel: ksmbd: Compare MACs in constant time
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23364.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23364
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14543
published_at 2026-04-04T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.14351
published_at 2026-04-07T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14435
published_at 2026-04-08T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14489
published_at 2026-04-09T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14438
published_at 2026-04-11T12:55:00Z
6
value 0.00047
scoring_system epss
scoring_elements 0.14402
published_at 2026-04-12T12:55:00Z
7
value 0.00047
scoring_system epss
scoring_elements 0.14346
published_at 2026-04-13T12:55:00Z
8
value 0.00047
scoring_system epss
scoring_elements 0.14237
published_at 2026-04-16T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14238
published_at 2026-04-18T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14309
published_at 2026-04-21T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14338
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23364
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451167
reference_id 2451167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451167
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23364
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2198-cz4u-87hu
21
url VCID-24dm-m1bk-t7fv
vulnerability_id VCID-24dm-m1bk-t7fv
summary In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qman_destroy_fq When QMAN_FQ_FLAG_DYNAMIC_FQID is set, there's a race condition between fq_table[fq->idx] state and freeing/allocating from the pool and WARN_ON(fq_table[fq->idx]) in qman_create_fq() gets triggered. Indeed, we can have: Thread A Thread B qman_destroy_fq() qman_create_fq() qman_release_fqid() qman_shutdown_fq() gen_pool_free() -- At this point, the fqid is available again -- qman_alloc_fqid() -- so, we can get the just-freed fqid in thread B -- fq->fqid = fqid; fq->idx = fqid * 2; WARN_ON(fq_table[fq->idx]); fq_table[fq->idx] = fq; fq_table[fq->idx] = NULL; And adding some logs between qman_release_fqid() and fq_table[fq->idx] = NULL makes the WARN_ON() trigger a lot more. To prevent that, ensure that fq_table[fq->idx] is set to NULL before gen_pool_free() is called by using smp_wmb().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23463.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23463.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23463
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23463
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23463
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23463
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454847
reference_id 2454847
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454847
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23463
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24dm-m1bk-t7fv
22
url VCID-25nt-fa4m-97fm
vulnerability_id VCID-25nt-fa4m-97fm
summary kernel: binfmt_misc: restore write access before closing files opened by open_exec()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68239.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68239.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68239
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07494
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07533
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07514
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07573
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07593
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.0759
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07576
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07564
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07488
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10211
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10098
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10231
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68239
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68239
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68239
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422758
reference_id 2422758
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422758
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68239
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-25nt-fa4m-97fm
23
url VCID-286c-64ry-67cz
vulnerability_id VCID-286c-64ry-67cz
summary kernel: idpf: detach and close netdevs while handling a reset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22981.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22981.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22981
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04239
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04259
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.0427
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04301
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04317
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04309
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04295
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22981
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432386
reference_id 2432386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432386
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-22981
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-286c-64ry-67cz
24
url VCID-2bbj-94mj-rfa7
vulnerability_id VCID-2bbj-94mj-rfa7
summary In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 ("drm/amd/display: Add dsc pre-validation in atomic check"), amdgpu resets the CRTC state mode_changed flag to false when recomputing the DSC configuration results in no timing change for a particular stream. However, this is incorrect in scenarios where a change in MST/DSC configuration happens in the same KMS commit as another (unrelated) mode change. For example, the integrated panel of a laptop may be configured differently (e.g., HDR enabled/disabled) depending on whether external screens are attached. In this case, plugging in external DP-MST screens may result in the mode_changed flag being dropped incorrectly for the integrated panel if its DSC configuration did not change during precomputation in pre_validate_dsc(). At this point, however, dm_update_crtc_state() has already created new streams for CRTCs with DSC-independent mode changes. In turn, amdgpu_dm_commit_streams() will never release the old stream, resulting in a memory leak. amdgpu_dm_atomic_commit_tail() will never acquire a reference to the new stream either, which manifests as a use-after-free when the stream gets disabled later on: BUG: KASAN: use-after-free in dc_stream_release+0x25/0x90 [amdgpu] Write of size 4 at addr ffff88813d836524 by task kworker/9:9/29977 Workqueue: events drm_mode_rmfb_work_fn Call Trace: <TASK> dump_stack_lvl+0x6e/0xa0 print_address_description.constprop.0+0x88/0x320 ? dc_stream_release+0x25/0x90 [amdgpu] print_report+0xfc/0x1ff ? srso_alias_return_thunk+0x5/0xfbef5 ? __virt_addr_valid+0x225/0x4e0 ? dc_stream_release+0x25/0x90 [amdgpu] kasan_report+0xe1/0x180 ? dc_stream_release+0x25/0x90 [amdgpu] kasan_check_range+0x125/0x200 dc_stream_release+0x25/0x90 [amdgpu] dc_state_destruct+0x14d/0x5c0 [amdgpu] dc_state_release.part.0+0x4e/0x130 [amdgpu] dm_atomic_destroy_state+0x3f/0x70 [amdgpu] drm_atomic_state_default_clear+0x8ee/0xf30 ? drm_mode_object_put.part.0+0xb1/0x130 __drm_atomic_state_free+0x15c/0x2d0 atomic_remove_fb+0x67e/0x980 Since there is no reliable way of figuring out whether a CRTC has unrelated mode changes pending at the time of DSC validation, remember the value of the mode_changed flag from before the point where a CRTC was marked as potentially affected by a change in DSC configuration. Reset the mode_changed flag to this earlier value instead in pre_validate_dsc(). (cherry picked from commit cc7c7121ae082b7b82891baa7280f1ff2608f22b)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31488.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31488.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31488
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31488
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460619
reference_id 2460619
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460619
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31488
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2bbj-94mj-rfa7
25
url VCID-2cxv-ay17-4kh2
vulnerability_id VCID-2cxv-ay17-4kh2
summary kernel: Linux kernel: Denial of Service due to sleepable page allocation in KASAN
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38029.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38029.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38029
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09964
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10077
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09976
published_at 2026-04-07T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10053
published_at 2026-04-08T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10113
published_at 2026-04-09T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10152
published_at 2026-04-11T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10112
published_at 2026-04-12T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.1009
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38029
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38029
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38029
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373378
reference_id 2373378
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373378
5
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
6
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
7
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
8
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
9
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
10
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
11
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38029
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2cxv-ay17-4kh2
26
url VCID-2k4e-em5c-m3bv
vulnerability_id VCID-2k4e-em5c-m3bv
summary kernel: sysfs: check visibility before changing group attribute ownership
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40355.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40355.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40355
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40355
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40355
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40355
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422664
reference_id 2422664
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422664
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40355
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k4e-em5c-m3bv
27
url VCID-33re-7rh6-2bg4
vulnerability_id VCID-33re-7rh6-2bg4
summary kernel: net: add proper RCU protection to /proc/net/ptype
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23255.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23255.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23255
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06546
published_at 2026-04-21T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06562
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23255
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23255
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448703
reference_id 2448703
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448703
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23255
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-33re-7rh6-2bg4
28
url VCID-341t-wy9a-p7fz
vulnerability_id VCID-341t-wy9a-p7fz
summary kernel: btrfs: do not free data reservation in fallback from inline due to -ENOSPC
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71269.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71269.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71269
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.0721
published_at 2026-04-21T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07181
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71269
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71269
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71269
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448690
reference_id 2448690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448690
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71269
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-341t-wy9a-p7fz
29
url VCID-3453-ez2g-97ax
vulnerability_id VCID-3453-ez2g-97ax
summary kernel: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39830.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39830.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39830
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39830
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395776
reference_id 2395776
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395776
4
reference_url https://git.kernel.org/stable/c/2c0a959bebdc1ada13cf9a8242f177c5400299e6
reference_id 2c0a959bebdc1ada13cf9a8242f177c5400299e6
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:36Z/
url https://git.kernel.org/stable/c/2c0a959bebdc1ada13cf9a8242f177c5400299e6
5
reference_url https://git.kernel.org/stable/c/86d13a6f49cb68aa91bd718b1b627e72e77285c1
reference_id 86d13a6f49cb68aa91bd718b1b627e72e77285c1
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:36Z/
url https://git.kernel.org/stable/c/86d13a6f49cb68aa91bd718b1b627e72e77285c1
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39830
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3453-ez2g-97ax
30
url VCID-37t1-1qg2-hqc4
vulnerability_id VCID-37t1-1qg2-hqc4
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23414.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23414
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04588
published_at 2026-04-02T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17368
published_at 2026-04-24T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17455
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23414
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454314
reference_id 2454314
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454314
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
aliases CVE-2026-23414
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-37t1-1qg2-hqc4
31
url VCID-3aa5-4rp5-g7h3
vulnerability_id VCID-3aa5-4rp5-g7h3
summary kernel: Linux kernel: Memory Corruption and Kernel Crashes via IOMMU SVA coherency issue
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71202.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71202.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71202
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03908
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03922
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03951
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03919
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03864
published_at 2026-04-18T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03984
published_at 2026-04-21T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-12T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03875
published_at 2026-04-13T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03854
published_at 2026-04-16T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05225
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71202
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71202
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71202
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439859
reference_id 2439859
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439859
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71202
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3aa5-4rp5-g7h3
32
url VCID-3ans-72mm-sfh1
vulnerability_id VCID-3ans-72mm-sfh1
summary In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path meson_spicc_probe() registers the controller with devm_spi_register_controller(), so teardown already drops the controller reference via devm cleanup. Calling spi_controller_put() again in meson_spicc_remove() causes a double-put.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31489.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31489.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31489
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31489
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31489
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31489
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460729
reference_id 2460729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460729
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31489
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ans-72mm-sfh1
33
url VCID-3ay8-sdv3-3ydv
vulnerability_id VCID-3ay8-sdv3-3ydv
summary In the Linux kernel, the following vulnerability has been resolved: tracing: Fix potential deadlock in cpu hotplug with osnoise The following sequence may leads deadlock in cpu hotplug: task1 task2 task3 ----- ----- ----- mutex_lock(&interface_lock) [CPU GOING OFFLINE] cpus_write_lock(); osnoise_cpu_die(); kthread_stop(task3); wait_for_completion(); osnoise_sleep(); mutex_lock(&interface_lock); cpus_read_lock(); [DEAD LOCK] Fix by swap the order of cpus_read_lock() and mutex_lock(&interface_lock).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31480.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31480.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31480
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31480
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460642
reference_id 2460642
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460642
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31480
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ay8-sdv3-3ydv
34
url VCID-3btm-9twv-8kdh
vulnerability_id VCID-3btm-9twv-8kdh
summary kernel: pidfs: validate extensible ioctls
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40217.json
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40217
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10572
published_at 2026-04-11T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-12T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10517
published_at 2026-04-13T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10384
published_at 2026-04-16T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40217
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418805
reference_id 2418805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418805
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40217
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3btm-9twv-8kdh
35
url VCID-3fpy-fq8u-r3gb
vulnerability_id VCID-3fpy-fq8u-r3gb
summary kernel: jfs: add check read-only before txBeginAnon() call
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58095.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58095.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-58095
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.23467
published_at 2026-04-02T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23504
published_at 2026-04-04T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.23288
published_at 2026-04-07T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23361
published_at 2026-04-08T12:55:00Z
4
value 0.00079
scoring_system epss
scoring_elements 0.23411
published_at 2026-04-09T12:55:00Z
5
value 0.00079
scoring_system epss
scoring_elements 0.23431
published_at 2026-04-11T12:55:00Z
6
value 0.00079
scoring_system epss
scoring_elements 0.23393
published_at 2026-04-12T12:55:00Z
7
value 0.00079
scoring_system epss
scoring_elements 0.2334
published_at 2026-04-13T12:55:00Z
8
value 0.00079
scoring_system epss
scoring_elements 0.23357
published_at 2026-04-16T12:55:00Z
9
value 0.00079
scoring_system epss
scoring_elements 0.23351
published_at 2026-04-18T12:55:00Z
10
value 0.00079
scoring_system epss
scoring_elements 0.23331
published_at 2026-04-21T12:55:00Z
11
value 0.00079
scoring_system epss
scoring_elements 0.2314
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-58095
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58095
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58095
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360197
reference_id 2360197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360197
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-58095
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fpy-fq8u-r3gb
36
url VCID-3jmx-jfhk-yqh5
vulnerability_id VCID-3jmx-jfhk-yqh5
summary kernel: usb: gadget: f_ncm: align net_device lifecycle with bind/unbind
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23320.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23320.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23320
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23320
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23320
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23320
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451162
reference_id 2451162
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451162
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23320
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3jmx-jfhk-yqh5
37
url VCID-3kg4-jbwg-zffk
vulnerability_id VCID-3kg4-jbwg-zffk
summary kernel: spi: fix statistics allocation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23475.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23475.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23475
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23475
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454842
reference_id 2454842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454842
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23475
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kg4-jbwg-zffk
38
url VCID-3km6-xsxg-4bcr
vulnerability_id VCID-3km6-xsxg-4bcr
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31426.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31426
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31426
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457827
reference_id 2457827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457827
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31426
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3km6-xsxg-4bcr
39
url VCID-3ng4-wb1y-wyem
vulnerability_id VCID-3ng4-wb1y-wyem
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23422.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23422.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23422
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23422
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23422
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ng4-wb1y-wyem
40
url VCID-3pv5-s5r1-vkdg
vulnerability_id VCID-3pv5-s5r1-vkdg
summary Linux kernel: nfnetlink_osf: Linux kernel: Denial of Service in nfnetlink_osf via crafted network packets
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23397.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23397.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23397
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17455
published_at 2026-04-21T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17368
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23397
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23397
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451664
reference_id 2451664
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451664
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23397
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3pv5-s5r1-vkdg
41
url VCID-3tns-khmb-aqbn
vulnerability_id VCID-3tns-khmb-aqbn
summary In the Linux kernel, the following vulnerability has been resolved: xfs: avoid dereferencing log items after push callbacks After xfsaild_push_item() calls iop_push(), the log item may have been freed if the AIL lock was dropped during the push. Background inode reclaim or the dquot shrinker can free the log item while the AIL lock is not held, and the tracepoints in the switch statement dereference the log item after iop_push() returns. Fix this by capturing the log item type, flags, and LSN before calling xfsaild_push_item(), and introducing a new xfs_ail_push_class trace event class that takes these pre-captured values and the ailp pointer instead of the log item pointer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31453.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31453.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31453
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31453
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31453
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31453
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460731
reference_id 2460731
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460731
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31453
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3tns-khmb-aqbn
42
url VCID-3usq-zn13-r3hx
vulnerability_id VCID-3usq-zn13-r3hx
summary kernel: gve: fix incorrect buffer cleanup in gve_tx_clean_pending_packets for QPL
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23386.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23386
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23386
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451273
reference_id 2451273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451273
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23386
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3usq-zn13-r3hx
43
url VCID-3yzs-sjd2-53d7
vulnerability_id VCID-3yzs-sjd2-53d7
summary kernel: HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23382.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23382.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23382
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23382
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23382
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451252
reference_id 2451252
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451252
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23382
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3yzs-sjd2-53d7
44
url VCID-4399-j8sn-t3b1
vulnerability_id VCID-4399-j8sn-t3b1
summary kernel: bpf/bonding: reject vlan+srcmac xmit_hash_policy change when XDP is loaded
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23310.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23310.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23310
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23310
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451187
reference_id 2451187
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451187
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23310
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4399-j8sn-t3b1
45
url VCID-4avh-yaub-uqg2
vulnerability_id VCID-4avh-yaub-uqg2
summary kernel: soc: microchip: mpfs: Fix memory leak in mpfs_sys_controller_probe()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23464.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23464.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23464
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23464
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454841
reference_id 2454841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454841
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23464
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4avh-yaub-uqg2
46
url VCID-4g8h-bz4a-uydk
vulnerability_id VCID-4g8h-bz4a-uydk
summary In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in get_file_all_info() for compound requests When a compound request consists of QUERY_DIRECTORY + QUERY_INFO (FILE_ALL_INFORMATION) and the first command consumes nearly the entire max_trans_size, get_file_all_info() would blindly call smbConvertToUTF16() with PATH_MAX, causing out-of-bounds write beyond the response buffer. In get_file_all_info(), there was a missing validation check for the client-provided OutputBufferLength before copying the filename into FileName field of the smb2_file_all_info structure. If the filename length exceeds the available buffer space, it could lead to potential buffer overflows or memory corruption during smbConvertToUTF16 conversion. This calculating the actual free buffer size using smb2_calc_max_out_buf_len() and returning -EINVAL if the buffer is insufficient and updating smbConvertToUTF16 to use the actual filename length (clamped by PATH_MAX) to ensure a safe copy operation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31433.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31433.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31433
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02004
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31433
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460536
reference_id 2460536
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460536
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31433
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4g8h-bz4a-uydk
47
url VCID-4jvb-unxd-3qg3
vulnerability_id VCID-4jvb-unxd-3qg3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31423.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31423.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31423
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31423
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31423
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31423
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457839
reference_id 2457839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457839
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31423
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4jvb-unxd-3qg3
48
url VCID-4qwu-fw8y-t7et
vulnerability_id VCID-4qwu-fw8y-t7et
summary kernel: jfs: Fix null-ptr-deref in jfs_ioc_trim
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38203.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38203
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07305
published_at 2026-04-21T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07158
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07203
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07183
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07237
published_at 2026-04-13T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07263
published_at 2026-04-24T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.0726
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07246
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07168
published_at 2026-04-16T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07163
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38203
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38203
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38203
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376389
reference_id 2376389
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376389
5
reference_url https://usn.ubuntu.com/7774-1/
reference_id USN-7774-1
reference_type
scores
url https://usn.ubuntu.com/7774-1/
6
reference_url https://usn.ubuntu.com/7774-2/
reference_id USN-7774-2
reference_type
scores
url https://usn.ubuntu.com/7774-2/
7
reference_url https://usn.ubuntu.com/7774-3/
reference_id USN-7774-3
reference_type
scores
url https://usn.ubuntu.com/7774-3/
8
reference_url https://usn.ubuntu.com/7774-4/
reference_id USN-7774-4
reference_type
scores
url https://usn.ubuntu.com/7774-4/
9
reference_url https://usn.ubuntu.com/7774-5/
reference_id USN-7774-5
reference_type
scores
url https://usn.ubuntu.com/7774-5/
10
reference_url https://usn.ubuntu.com/7775-1/
reference_id USN-7775-1
reference_type
scores
url https://usn.ubuntu.com/7775-1/
11
reference_url https://usn.ubuntu.com/7775-2/
reference_id USN-7775-2
reference_type
scores
url https://usn.ubuntu.com/7775-2/
12
reference_url https://usn.ubuntu.com/7775-3/
reference_id USN-7775-3
reference_type
scores
url https://usn.ubuntu.com/7775-3/
13
reference_url https://usn.ubuntu.com/7776-1/
reference_id USN-7776-1
reference_type
scores
url https://usn.ubuntu.com/7776-1/
14
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
15
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
16
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
17
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
18
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
19
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38203
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4qwu-fw8y-t7et
49
url VCID-4spt-a3n7-z7fu
vulnerability_id VCID-4spt-a3n7-z7fu
summary kernel: Linux kernel: Denial of Service due to missing power management handler for AMD Van Gogh SoC
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68334.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68334.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68334
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07346
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.0739
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07372
published_at 2026-04-07T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07427
published_at 2026-04-08T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07451
published_at 2026-04-09T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-11T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-18T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07456
published_at 2026-04-21T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07424
published_at 2026-04-12T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07413
published_at 2026-04-13T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-16T12:55:00Z
11
value 0.00034
scoring_system epss
scoring_elements 0.10037
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68334
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424331
reference_id 2424331
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424331
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68334
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4spt-a3n7-z7fu
50
url VCID-4tj5-m3wf-xkca
vulnerability_id VCID-4tj5-m3wf-xkca
summary kernel: ksmbd: fix use-after-free in durable v2 replay of active file handles
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23427.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23427.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23427
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02338
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23427
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454817
reference_id 2454817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454817
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23427
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4tj5-m3wf-xkca
51
url VCID-4vs9-vhrd-zfgn
vulnerability_id VCID-4vs9-vhrd-zfgn
summary kernel: jfs: add check read-only before truncation in jfs_truncate_nolock()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58094.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58094.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-58094
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29814
published_at 2026-04-02T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.29861
published_at 2026-04-04T12:55:00Z
2
value 0.00112
scoring_system epss
scoring_elements 0.29676
published_at 2026-04-07T12:55:00Z
3
value 0.00112
scoring_system epss
scoring_elements 0.29738
published_at 2026-04-08T12:55:00Z
4
value 0.00112
scoring_system epss
scoring_elements 0.29774
published_at 2026-04-09T12:55:00Z
5
value 0.00112
scoring_system epss
scoring_elements 0.29778
published_at 2026-04-11T12:55:00Z
6
value 0.00112
scoring_system epss
scoring_elements 0.29732
published_at 2026-04-12T12:55:00Z
7
value 0.00112
scoring_system epss
scoring_elements 0.29682
published_at 2026-04-13T12:55:00Z
8
value 0.00112
scoring_system epss
scoring_elements 0.297
published_at 2026-04-16T12:55:00Z
9
value 0.00112
scoring_system epss
scoring_elements 0.29678
published_at 2026-04-18T12:55:00Z
10
value 0.00112
scoring_system epss
scoring_elements 0.29634
published_at 2026-04-21T12:55:00Z
11
value 0.00112
scoring_system epss
scoring_elements 0.29554
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-58094
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58094
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58094
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360196
reference_id 2360196
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360196
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-58094
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4vs9-vhrd-zfgn
52
url VCID-514d-7urs-m7ge
vulnerability_id VCID-514d-7urs-m7ge
summary kernel: tracing: Fix WARN_ON in tracing_buffers_mmap_close
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23380.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23380.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23380
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23380
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451266
reference_id 2451266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451266
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23380
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-514d-7urs-m7ge
53
url VCID-5ahq-saw1-suf1
vulnerability_id VCID-5ahq-saw1-suf1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31420.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31420.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31420
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05662
published_at 2026-04-16T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05673
published_at 2026-04-18T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.0789
published_at 2026-04-21T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.07846
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31420
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31420
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31420
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457838
reference_id 2457838
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457838
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31420
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ahq-saw1-suf1
54
url VCID-5b4f-sket-kuge
vulnerability_id VCID-5b4f-sket-kuge
summary kernel: f2fs: quota: fix to avoid warning in dquot_writeback_dquots()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23132.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23132.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23132
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23132
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23132
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23132
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360191
reference_id 2360191
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360191
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-23132
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5b4f-sket-kuge
55
url VCID-5eks-kg2z-5ye1
vulnerability_id VCID-5eks-kg2z-5ye1
summary In the Linux kernel, the following vulnerability has been resolved: drm: Fix use-after-free on framebuffers and property blobs when calling drm_dev_unplug When trying to do a rather aggressive test of igt's "xe_module_load --r reload" with a full desktop environment and game running I noticed a few OOPSes when dereferencing freed pointers, related to framebuffers and property blobs after the compositor exits. Solve this by guarding the freeing in drm_file with drm_dev_enter/exit, and immediately put the references from struct drm_file objects during drm_dev_unplug(). Related warnings for framebuffers on the subtest: [ 739.713076] ------------[ cut here ]------------ WARN_ON(!list_empty(&dev->mode_config.fb_list)) [ 739.713079] WARNING: drivers/gpu/drm/drm_mode_config.c:584 at drm_mode_config_cleanup+0x30b/0x320 [drm], CPU#12: xe_module_load/13145 .... [ 739.713328] Call Trace: [ 739.713330] <TASK> [ 739.713335] ? intel_pmdemand_destroy_state+0x11/0x20 [xe] [ 739.713574] ? intel_atomic_global_obj_cleanup+0xe4/0x1a0 [xe] [ 739.713794] intel_display_driver_remove_noirq+0x51/0xb0 [xe] [ 739.714041] xe_display_fini_early+0x33/0x50 [xe] [ 739.714284] devm_action_release+0xf/0x20 [ 739.714294] devres_release_all+0xad/0xf0 [ 739.714301] device_unbind_cleanup+0x12/0xa0 [ 739.714305] device_release_driver_internal+0x1b7/0x210 [ 739.714311] device_driver_detach+0x14/0x20 [ 739.714315] unbind_store+0xa6/0xb0 [ 739.714319] drv_attr_store+0x21/0x30 [ 739.714322] sysfs_kf_write+0x48/0x60 [ 739.714328] kernfs_fop_write_iter+0x16b/0x240 [ 739.714333] vfs_write+0x266/0x520 [ 739.714341] ksys_write+0x72/0xe0 [ 739.714345] __x64_sys_write+0x19/0x20 [ 739.714347] x64_sys_call+0xa15/0xa30 [ 739.714355] do_syscall_64+0xd8/0xab0 [ 739.714361] entry_SYSCALL_64_after_hwframe+0x4b/0x53 and [ 739.714459] ------------[ cut here ]------------ [ 739.714461] xe 0000:67:00.0: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 739.714464] WARNING: drivers/gpu/drm/drm_framebuffer.c:833 at drm_framebuffer_free+0x6c/0x90 [drm], CPU#12: xe_module_load/13145 [ 739.714715] RIP: 0010:drm_framebuffer_free+0x7a/0x90 [drm] ... [ 739.714869] Call Trace: [ 739.714871] <TASK> [ 739.714876] drm_mode_config_cleanup+0x26a/0x320 [drm] [ 739.714998] ? __drm_printfn_seq_file+0x20/0x20 [drm] [ 739.715115] ? drm_mode_config_cleanup+0x207/0x320 [drm] [ 739.715235] intel_display_driver_remove_noirq+0x51/0xb0 [xe] [ 739.715576] xe_display_fini_early+0x33/0x50 [xe] [ 739.715821] devm_action_release+0xf/0x20 [ 739.715828] devres_release_all+0xad/0xf0 [ 739.715843] device_unbind_cleanup+0x12/0xa0 [ 739.715850] device_release_driver_internal+0x1b7/0x210 [ 739.715856] device_driver_detach+0x14/0x20 [ 739.715860] unbind_store+0xa6/0xb0 [ 739.715865] drv_attr_store+0x21/0x30 [ 739.715868] sysfs_kf_write+0x48/0x60 [ 739.715873] kernfs_fop_write_iter+0x16b/0x240 [ 739.715878] vfs_write+0x266/0x520 [ 739.715886] ksys_write+0x72/0xe0 [ 739.715890] __x64_sys_write+0x19/0x20 [ 739.715893] x64_sys_call+0xa15/0xa30 [ 739.715900] do_syscall_64+0xd8/0xab0 [ 739.715905] entry_SYSCALL_64_after_hwframe+0x4b/0x53 and then finally file close blows up: [ 743.186530] Oops: general protection fault, probably for non-canonical address 0xdead000000000122: 0000 [#1] SMP [ 743.186535] CPU: 3 UID: 1000 PID: 3453 Comm: kwin_wayland Tainted: G W 7.0.0-rc1-valkyria+ #110 PREEMPT_{RT,(lazy)} [ 743.186537] Tainted: [W]=WARN [ 743.186538] Hardware name: Gigabyte Technology Co., Ltd. X299 AORUS Gaming 3/X299 AORUS Gaming 3-CF, BIOS F8n 12/06/2021 [ 743.186539] RIP: 0010:drm_framebuffer_cleanup+0x55/0xc0 [drm] [ 743.186588] Code: d8 72 73 0f b6 42 05 ff c3 39 c3 72 e8 49 8d bd 50 07 00 00 31 f6 e8 3a 80 d3 e1 49 8b 44 24 10 49 8d 7c 24 08 49 8b 54 24 08 <48> 3b 38 0f 85 95 7f 02 00 48 3b 7a 08 0f 85 8b 7f 02 00 48 89 42 [ 743.186589] RSP: 0018:ffffc900085e3cf8 EFLAGS: 00 ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23471.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23471
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23471
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23471
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454808
reference_id 2454808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454808
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23471
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5eks-kg2z-5ye1
56
url VCID-5g2a-qj5r-uub4
vulnerability_id VCID-5g2a-qj5r-uub4
summary kernel: wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23336.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23336.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23336
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23336
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23336
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23336
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451255
reference_id 2451255
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451255
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23336
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g2a-qj5r-uub4
57
url VCID-5kdh-vgcu-kkf3
vulnerability_id VCID-5kdh-vgcu-kkf3
summary In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to trigger a crash in skb_put() [1] Issue is that pfkey_send_migrate() does not check old/new families, and that set_ipsecrequest() @family argument was truncated, thus possibly overfilling the skb. Validate families early, do not wait set_ipsecrequest(). [1] skbuff: skb_over_panic: text:ffffffff8a752120 len:392 put:16 head:ffff88802a4ad040 data:ffff88802a4ad040 tail:0x188 end:0x180 dev:<NULL> kernel BUG at net/core/skbuff.c:214 ! Call Trace: <TASK> skb_over_panic net/core/skbuff.c:219 [inline] skb_put+0x159/0x210 net/core/skbuff.c:2655 skb_put_zero include/linux/skbuff.h:2788 [inline] set_ipsecrequest net/key/af_key.c:3532 [inline] pfkey_send_migrate+0x1270/0x2e50 net/key/af_key.c:3636 km_migrate+0x155/0x260 net/xfrm/xfrm_state.c:2848 xfrm_migrate+0x2140/0x2450 net/xfrm/xfrm_policy.c:4705 xfrm_do_migrate+0x8ff/0xaa0 net/xfrm/xfrm_user.c:3150
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31515.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31515.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31515
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31515
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31515
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460723
reference_id 2460723
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460723
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31515
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5kdh-vgcu-kkf3
58
url VCID-5v5u-d5mg-53bv
vulnerability_id VCID-5v5u-d5mg-53bv
summary kernel: net: ethernet: mtk_eth_soc: Reset prog ptr to old_prog in case of error in mtk_xdp_setup()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23284.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23284
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23284
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451176
reference_id 2451176
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451176
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23284
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5v5u-d5mg-53bv
59
url VCID-63m2-phjq-kuav
vulnerability_id VCID-63m2-phjq-kuav
summary kernel: RISC-V: KVM: Write hgatp register with valid mode bits
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40065.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40065.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40065
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07327
published_at 2026-04-08T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07272
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40065
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406737
reference_id 2406737
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406737
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40065
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63m2-phjq-kuav
60
url VCID-64bq-3uw9-yua2
vulnerability_id VCID-64bq-3uw9-yua2
summary In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wol_irq since it was instantiated with devm_request_irq(). So devres will free for us.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31506.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31506.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31506
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31506
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460711
reference_id 2460711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460711
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31506
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64bq-3uw9-yua2
61
url VCID-651u-f45c-57de
vulnerability_id VCID-651u-f45c-57de
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: clamp SCO altsetting table indices btusb_work() maps the number of active SCO links to USB alternate settings through a three-entry lookup table when CVSD traffic uses transparent voice settings. The lookup currently indexes alts[] with data->sco_num - 1 without first constraining sco_num to the number of available table entries. While the table only defines alternate settings for up to three SCO links, data->sco_num comes from hci_conn_num() and is used directly. Cap the lookup to the last table entry before indexing it so the driver keeps selecting the highest supported alternate setting without reading past alts[].
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31497.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31497.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31497
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31497
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31497
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460657
reference_id 2460657
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460657
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31497
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-651u-f45c-57de
62
url VCID-6cqc-um2d-1kfk
vulnerability_id VCID-6cqc-um2d-1kfk
summary kernel: wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23315.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23315.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23315
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23315
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23315
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23315
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451177
reference_id 2451177
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451177
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23315
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6cqc-um2d-1kfk
63
url VCID-6ggj-8ema-x7f6
vulnerability_id VCID-6ggj-8ema-x7f6
summary kernel: mm: thp: deny THP for files on anonymous inodes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23375.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23375.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23375
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23375
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451199
reference_id 2451199
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451199
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23375
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ggj-8ema-x7f6
64
url VCID-6hur-ug1s-83am
vulnerability_id VCID-6hur-ug1s-83am
summary In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN uart_write_room() and uart_write() behave inconsistently when xmit_buf is NULL (which happens for PORT_UNKNOWN ports that were never properly initialized): - uart_write_room() returns kfifo_avail() which can be > 0 - uart_write() checks xmit_buf and returns 0 if NULL This inconsistency causes an infinite loop in drivers that rely on tty_write_room() to determine if they can write: while (tty_write_room(tty) > 0) { written = tty->ops->write(...); // written is always 0, loop never exits } For example, caif_serial's handle_tx() enters an infinite loop when used with PORT_UNKNOWN serial ports, causing system hangs. Fix by making uart_write_room() also check xmit_buf and return 0 if it's NULL, consistent with uart_write(). Reproducer: https://gist.github.com/mrpre/d9a694cc0e19828ee3bc3b37983fde13
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23472.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23472.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23472
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-08T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03962
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03975
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23472
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23472
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23472
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454862
reference_id 2454862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454862
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23472
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hur-ug1s-83am
65
url VCID-6pmj-r187-kqcb
vulnerability_id VCID-6pmj-r187-kqcb
summary kernel: wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23325.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23325.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23325
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02338
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23325
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451213
reference_id 2451213
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451213
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23325
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6pmj-r187-kqcb
66
url VCID-6rpd-ws7d-4qeg
vulnerability_id VCID-6rpd-ws7d-4qeg
summary kernel: PCI/pwrctrl: Cancel outstanding rescan work when unregistering
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38137.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38137.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38137
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08076
published_at 2026-04-02T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08118
published_at 2026-04-04T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08068
published_at 2026-04-07T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08129
published_at 2026-04-08T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08151
published_at 2026-04-09T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08144
published_at 2026-04-11T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08124
published_at 2026-04-12T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08107
published_at 2026-04-13T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08014
published_at 2026-04-16T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.07999
published_at 2026-04-18T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08172
published_at 2026-04-21T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08128
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38137
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376078
reference_id 2376078
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376078
4
reference_url https://access.redhat.com/errata/RHSA-2025:13598
reference_id RHSA-2025:13598
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13598
5
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
6
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
7
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
8
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
9
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
10
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
11
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38137
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6rpd-ws7d-4qeg
67
url VCID-6wrr-yr71-xuhk
vulnerability_id VCID-6wrr-yr71-xuhk
summary kernel: tcp: secure_seq: add back ports to TS offset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23247.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23247
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06546
published_at 2026-04-21T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06562
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23247
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448598
reference_id 2448598
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448598
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23247
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wrr-yr71-xuhk
68
url VCID-744r-rpqc-k3gx
vulnerability_id VCID-744r-rpqc-k3gx
summary kernel: net/mlx5e: Fix race condition during IPSec ESN update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23440.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23440.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23440
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01721
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23440
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454857
reference_id 2454857
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454857
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23440
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-744r-rpqc-k3gx
69
url VCID-7b27-phbd-fqbq
vulnerability_id VCID-7b27-phbd-fqbq
summary In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue (UAF) There is a teardown order issue in the driver. The SPI controller is registered using devm_spi_register_controller(), which delays unregistration of the SPI controller until after the fsl_lpspi_remove() function returns. As the fsl_lpspi_remove() function synchronously tears down the DMA channels, a running SPI transfer triggers the following NULL pointer dereference due to use after free: | fsl_lpspi 42550000.spi: I/O Error in DMA RX | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 [...] | Call trace: | fsl_lpspi_dma_transfer+0x260/0x340 [spi_fsl_lpspi] | fsl_lpspi_transfer_one+0x198/0x448 [spi_fsl_lpspi] | spi_transfer_one_message+0x49c/0x7c8 | __spi_pump_transfer_message+0x120/0x420 | __spi_sync+0x2c4/0x520 | spi_sync+0x34/0x60 | spidev_message+0x20c/0x378 [spidev] | spidev_ioctl+0x398/0x750 [spidev] [...] Switch from devm_spi_register_controller() to spi_register_controller() in fsl_lpspi_probe() and add the corresponding spi_unregister_controller() in fsl_lpspi_remove().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31485.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31485.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31485
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31485
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31485
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31485
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460648
reference_id 2460648
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460648
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31485
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7b27-phbd-fqbq
70
url VCID-7bmu-z2mb-cbbe
vulnerability_id VCID-7bmu-z2mb-cbbe
summary kernel: xfs: get rid of the xchk_xfile_*_descr calls
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23252.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23252.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23252
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.07078
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.07063
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23252
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448704
reference_id 2448704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448704
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23252
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7bmu-z2mb-cbbe
71
url VCID-7dx8-ys84-zuac
vulnerability_id VCID-7dx8-ys84-zuac
summary kernel: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38041.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38041
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08357
published_at 2026-04-13T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08299
published_at 2026-04-02T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08399
published_at 2026-04-04T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.0832
published_at 2026-04-07T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08384
published_at 2026-04-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08401
published_at 2026-04-09T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08392
published_at 2026-04-11T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08373
published_at 2026-04-12T12:55:00Z
8
value 0.00079
scoring_system epss
scoring_elements 0.2314
published_at 2026-04-24T12:55:00Z
9
value 0.00079
scoring_system epss
scoring_elements 0.23357
published_at 2026-04-16T12:55:00Z
10
value 0.00079
scoring_system epss
scoring_elements 0.23351
published_at 2026-04-18T12:55:00Z
11
value 0.00079
scoring_system epss
scoring_elements 0.23331
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38041
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373351
reference_id 2373351
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373351
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38041
risk_score 1.0
exploitability 0.5
weighted_severity 2.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7dx8-ys84-zuac
72
url VCID-7eh9-dqkv-j3bm
vulnerability_id VCID-7eh9-dqkv-j3bm
summary kernel: dmaengine: ti: k3-udma-glue: Drop skip_fdq argument from k3_udma_glue_reset_rx_chn
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38042.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38042.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38042
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09964
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10077
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09976
published_at 2026-04-07T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10053
published_at 2026-04-08T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10113
published_at 2026-04-09T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10152
published_at 2026-04-11T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10112
published_at 2026-04-12T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.1009
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38042
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38042
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38042
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373324
reference_id 2373324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373324
5
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
6
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
7
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
8
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
9
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
10
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
11
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38042
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7eh9-dqkv-j3bm
73
url VCID-7ey4-wrhk-zfce
vulnerability_id VCID-7ey4-wrhk-zfce
summary kernel: coresight: holding cscfg_csdev_lock while removing cscfg from csdev
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38132.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38132.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38132
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07226
published_at 2026-04-18T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09964
published_at 2026-04-02T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10011
published_at 2026-04-04T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09908
published_at 2026-04-07T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.09984
published_at 2026-04-08T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10033
published_at 2026-04-09T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10049
published_at 2026-04-11T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.10009
published_at 2026-04-12T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09988
published_at 2026-04-13T12:55:00Z
9
value 0.00034
scoring_system epss
scoring_elements 0.09861
published_at 2026-04-16T12:55:00Z
10
value 0.00034
scoring_system epss
scoring_elements 0.10073
published_at 2026-04-21T12:55:00Z
11
value 0.00034
scoring_system epss
scoring_elements 0.10051
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38132
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376061
reference_id 2376061
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376061
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38132
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ey4-wrhk-zfce
74
url VCID-7gw9-7kbs-2uh2
vulnerability_id VCID-7gw9-7kbs-2uh2
summary kernel: landlock: Fix handling of disconnected directories
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68736.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68736.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68736
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05431
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05465
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05472
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05508
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05529
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05503
published_at 2026-04-11T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05489
published_at 2026-04-12T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05482
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05432
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.0544
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05602
published_at 2026-04-21T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05637
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68736
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425066
reference_id 2425066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425066
4
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
5
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
6
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
7
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68736
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7gw9-7kbs-2uh2
75
url VCID-7j8j-s3am-6bgv
vulnerability_id VCID-7j8j-s3am-6bgv
summary kernel: Linux kernel: Denial of Service via double-increment of reference count in netfilter
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39764.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39764.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39764
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04923
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04687
published_at 2026-04-16T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04743
published_at 2026-04-18T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04889
published_at 2026-04-21T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.0472
published_at 2026-04-07T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04753
published_at 2026-04-08T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04766
published_at 2026-04-09T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04757
published_at 2026-04-11T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04738
published_at 2026-04-12T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04721
published_at 2026-04-13T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.04826
published_at 2026-04-02T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.04852
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39764
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39764
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39764
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394639
reference_id 2394639
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394639
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39764
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7j8j-s3am-6bgv
76
url VCID-7kxd-yjnx-m7f2
vulnerability_id VCID-7kxd-yjnx-m7f2
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref on l2cap_sock_ready_cb Before using sk pointer, check if it is null. Fix the following: KASAN: null-ptr-deref in range [0x0000000000000260-0x0000000000000267] CPU: 0 UID: 0 PID: 5985 Comm: kworker/0:5 Not tainted 7.0.0-rc4-00029-ga989fde763f4 #1 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.17.0-9.fc43 06/10/2025 Workqueue: events l2cap_info_timeout RIP: 0010:kasan_byte_accessible+0x12/0x30 Code: 79 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cce veth0_macvtap: entered promiscuous mode RSP: 0018:ffffc90006e0f808 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffffffff89746018 RCX: 0000000080000001 RDX: 0000000000000000 RSI: ffffffff89746018 RDI: 000000000000004c RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: dffffc0000000000 R11: ffffffff8aae3e70 R12: 0000000000000000 R13: 0000000000000260 R14: 0000000000000260 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8880983c2000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005582615a5008 CR3: 000000007007e000 CR4: 0000000000752ef0 PKRU: 55555554 Call Trace: <TASK> __kasan_check_byte+0x12/0x40 lock_acquire+0x79/0x2e0 lock_sock_nested+0x48/0x100 ? l2cap_sock_ready_cb+0x46/0x160 l2cap_sock_ready_cb+0x46/0x160 l2cap_conn_start+0x779/0xff0 ? __pfx_l2cap_conn_start+0x10/0x10 ? l2cap_info_timeout+0x60/0xa0 ? __pfx___mutex_lock+0x10/0x10 l2cap_info_timeout+0x68/0xa0 ? process_scheduled_works+0xa8d/0x18c0 process_scheduled_works+0xb6e/0x18c0 ? __pfx_process_scheduled_works+0x10/0x10 ? assign_work+0x3d5/0x5e0 worker_thread+0xa53/0xfc0 kthread+0x388/0x470 ? __pfx_worker_thread+0x10/0x10 ? __pfx_kthread+0x10/0x10 ret_from_fork+0x51e/0xb90 ? __pfx_ret_from_fork+0x10/0x10 veth1_macvtap: entered promiscuous mode ? __switch_to+0xc7d/0x1450 ? __pfx_kthread+0x10/0x10 ret_from_fork_asm+0x1a/0x30 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- batman_adv: batadv0: Interface activated: batadv_slave_0 batman_adv: batadv0: Interface activated: batadv_slave_1 netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 RIP: 0010:kasan_byte_accessible+0x12/0x30 Code: 79 ff ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 40 d6 48 c1 ef 03 48 b8 00 00 00 00 00 fc ff df <0f> b6 04 07 3c 08 0f 92 c0 c3 cc cce ieee80211 phy39: Selected rate control algorithm 'minstrel_ht' RSP: 0018:ffffc90006e0f808 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffffffff89746018 RCX: 0000000080000001 RDX: 0000000000000000 RSI: ffffffff89746018 RDI: 000000000000004c RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: dffffc0000000000 R11: ffffffff8aae3e70 R12: 0000000000000000 R13: 0000000000000260 R14: 0000000000000260 R15: 0000000000000001 FS: 0000000000000000(0000) GS:ffff8880983c2000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f7e16139e9c CR3: 000000000e74e000 CR4: 0000000000752ef0 PKRU: 55555554 Kernel panic - not syncing: Fatal exception
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31510.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31510.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31510
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31510
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31510
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31510
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460732
reference_id 2460732
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460732
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31510
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7kxd-yjnx-m7f2
77
url VCID-7t89-3m8t-1ydq
vulnerability_id VCID-7t89-3m8t-1ydq
summary In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix drm_edid leak in amdgpu_dm [WHAT] When a sink is connected, aconnector->drm_edid was overwritten without freeing the previous allocation, causing a memory leak on resume. [HOW] Free the previous drm_edid before updating it. (cherry picked from commit 52024a94e7111366141cfc5d888b2ef011f879e5)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31461.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31461.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31461
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31461
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460691
reference_id 2460691
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460691
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31461
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7t89-3m8t-1ydq
78
url VCID-7v66-8w2u-duf9
vulnerability_id VCID-7v66-8w2u-duf9
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2cap_conn reference when user->remove callback is called: [ 97.809249] l2cap_conn_free: freeing conn ffff88810a171c00 [ 97.809907] CPU: 1 UID: 0 PID: 1419 Comm: repro_standalon Not tainted 7.0.0-rc1-dirty #14 PREEMPT(lazy) [ 97.809935] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014 [ 97.809947] Call Trace: [ 97.809954] <TASK> [ 97.809961] dump_stack_lvl (lib/dump_stack.c:122) [ 97.809990] l2cap_conn_free (net/bluetooth/l2cap_core.c:1808) [ 97.810017] l2cap_conn_del (./include/linux/kref.h:66 net/bluetooth/l2cap_core.c:1821 net/bluetooth/l2cap_core.c:1798) [ 97.810055] l2cap_disconn_cfm (net/bluetooth/l2cap_core.c:7347 (discriminator 1) net/bluetooth/l2cap_core.c:7340 (discriminator 1)) [ 97.810086] ? __pfx_l2cap_disconn_cfm (net/bluetooth/l2cap_core.c:7341) [ 97.810117] hci_conn_hash_flush (./include/net/bluetooth/hci_core.h:2152 (discriminator 2) net/bluetooth/hci_conn.c:2644 (discriminator 2)) [ 97.810148] hci_dev_close_sync (net/bluetooth/hci_sync.c:5360) [ 97.810180] ? __pfx_hci_dev_close_sync (net/bluetooth/hci_sync.c:5285) [ 97.810212] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810242] ? up_write (./arch/x86/include/asm/atomic64_64.h:87 (discriminator 5) ./include/linux/atomic/atomic-arch-fallback.h:2852 (discriminator 5) ./include/linux/atomic/atomic-long.h:268 (discriminator 5) ./include/linux/atomic/atomic-instrumented.h:3391 (discriminator 5) kernel/locking/rwsem.c:1385 (discriminator 5) kernel/locking/rwsem.c:1643 (discriminator 5)) [ 97.810267] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810290] ? rcu_is_watching (./arch/x86/include/asm/atomic.h:23 ./include/linux/atomic/atomic-arch-fallback.h:457 ./include/linux/context_tracking.h:128 kernel/rcu/tree.c:752) [ 97.810320] hci_unregister_dev (net/bluetooth/hci_core.c:504 net/bluetooth/hci_core.c:2716) [ 97.810346] vhci_release (drivers/bluetooth/hci_vhci.c:691) [ 97.810375] ? __pfx_vhci_release (drivers/bluetooth/hci_vhci.c:678) [ 97.810404] __fput (fs/file_table.c:470) [ 97.810430] task_work_run (kernel/task_work.c:235) [ 97.810451] ? __pfx_task_work_run (kernel/task_work.c:201) [ 97.810472] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810495] ? do_raw_spin_unlock (./include/asm-generic/qspinlock.h:128 (discriminator 5) kernel/locking/spinlock_debug.c:142 (discriminator 5)) [ 97.810527] do_exit (kernel/exit.c:972) [ 97.810547] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810574] ? __pfx_do_exit (kernel/exit.c:897) [ 97.810594] ? lock_acquire (kernel/locking/lockdep.c:470 (discriminator 6) kernel/locking/lockdep.c:5870 (discriminator 6) kernel/locking/lockdep.c:5825 (discriminator 6)) [ 97.810616] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810639] ? do_raw_spin_lock (kernel/locking/spinlock_debug.c:95 (discriminator 4) kernel/locking/spinlock_debug.c:118 (discriminator 4)) [ 97.810664] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810688] ? find_held_lock (kernel/locking/lockdep.c:5350 (discriminator 1)) [ 97.810721] do_group_exit (kernel/exit.c:1093) [ 97.810745] get_signal (kernel/signal.c:3007 (discriminator 1)) [ 97.810772] ? security_file_permission (./arch/x86/include/asm/jump_label.h:37 security/security.c:2366) [ 97.810803] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810826] ? vfs_read (fs/read_write.c:555) [ 97.810854] ? __pfx_get_signal (kernel/signal.c:2800) [ 97.810880] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810905] ? __pfx_vfs_read (fs/read_write.c:555) [ 97.810932] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 97.810960] arch_do_signal_or_restart (arch/ ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23462.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23462
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23462
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23462
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454809
reference_id 2454809
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454809
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23462
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7v66-8w2u-duf9
79
url VCID-7xah-5pdm-eqfb
vulnerability_id VCID-7xah-5pdm-eqfb
summary kernel: net: ipv4: fix ARM64 alignment fault in multipath hash seed
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23316.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23316.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23316
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02112
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23316
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451258
reference_id 2451258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451258
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23316
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7xah-5pdm-eqfb
80
url VCID-7y4h-xvdh-s3bs
vulnerability_id VCID-7y4h-xvdh-s3bs
summary In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parent_port in cxl_detach_ep() cxl_detach_ep() is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port and its parent, removes the endpoint, and if the port is now empty, marks it dead and unregisters the port by calling delete_switch_port(). There are two places during this work where the parent_port may be used after freeing: First, a concurrent detach may have already processed a port by the time a second worker finds it via bus_find_device(). Without pinning parent_port, it may already be freed when we discover port->dead and attempt to unlock the parent_port. In a production kernel that's a silent memory corruption, with lock debug, it looks like this: []DEBUG_LOCKS_WARN_ON(__owner_task(owner) != get_current()) []WARNING: kernel/locking/mutex.c:949 at __mutex_unlock_slowpath+0x1ee/0x310 []Call Trace: []mutex_unlock+0xd/0x20 []cxl_detach_ep+0x180/0x400 [cxl_core] []devm_action_release+0x10/0x20 []devres_release_all+0xa8/0xe0 []device_unbind_cleanup+0xd/0xa0 []really_probe+0x1a6/0x3e0 Second, delete_switch_port() releases three devm actions registered against parent_port. The last of those is unregister_port() and it calls device_unregister() on the child port, which can cascade. If parent_port is now also empty the device core may unregister and free it too. So by the time delete_switch_port() returns, parent_port may be free, and the subsequent device_unlock(&parent_port->dev) operates on freed memory. The kernel log looks same as above, with a different offset in cxl_detach_ep(). Both of these issues stem from the absence of a lifetime guarantee between a child port and its parent port. Establish a lifetime rule for ports: child ports hold a reference to their parent device until release. Take the reference when the port is allocated and drop it when released. This ensures the parent is valid for the full lifetime of the child and eliminates the use after free window in cxl_detach_ep(). This is easily reproduced with a reload of cxl_acpi in QEMU with CXL devices present.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31530
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31530
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31530
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7y4h-xvdh-s3bs
81
url VCID-81z1-7axu-rqep
vulnerability_id VCID-81z1-7axu-rqep
summary kernel: wifi: mac80211: correctly decode TTLM with default link map
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23152.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23152.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23152
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03908
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03922
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03951
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03919
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03864
published_at 2026-04-18T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03984
published_at 2026-04-21T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-12T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03875
published_at 2026-04-13T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03854
published_at 2026-04-16T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05225
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23152
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439883
reference_id 2439883
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439883
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23152
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81z1-7axu-rqep
82
url VCID-851j-pvmm-8yc7
vulnerability_id VCID-851j-pvmm-8yc7
summary kernel: ice: fix using untrusted value of pkt_len in ice_vc_fdir_parse_raw()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22117.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22117.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22117
reference_id
reference_type
scores
0
value 0.00083
scoring_system epss
scoring_elements 0.244
published_at 2026-04-02T12:55:00Z
1
value 0.00083
scoring_system epss
scoring_elements 0.24433
published_at 2026-04-04T12:55:00Z
2
value 0.00083
scoring_system epss
scoring_elements 0.24216
published_at 2026-04-07T12:55:00Z
3
value 0.00083
scoring_system epss
scoring_elements 0.24282
published_at 2026-04-08T12:55:00Z
4
value 0.00083
scoring_system epss
scoring_elements 0.24325
published_at 2026-04-09T12:55:00Z
5
value 0.00083
scoring_system epss
scoring_elements 0.24342
published_at 2026-04-11T12:55:00Z
6
value 0.00083
scoring_system epss
scoring_elements 0.24299
published_at 2026-04-12T12:55:00Z
7
value 0.00083
scoring_system epss
scoring_elements 0.24242
published_at 2026-04-13T12:55:00Z
8
value 0.00083
scoring_system epss
scoring_elements 0.24258
published_at 2026-04-16T12:55:00Z
9
value 0.00083
scoring_system epss
scoring_elements 0.24246
published_at 2026-04-18T12:55:00Z
10
value 0.00083
scoring_system epss
scoring_elements 0.24223
published_at 2026-04-21T12:55:00Z
11
value 0.00083
scoring_system epss
scoring_elements 0.24099
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22117
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360228
reference_id 2360228
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360228
4
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
5
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
6
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22117
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-851j-pvmm-8yc7
83
url VCID-898p-crnv-w7cb
vulnerability_id VCID-898p-crnv-w7cb
summary In the Linux kernel, the following vulnerability has been resolved: HID: apple: avoid memory leak in apple_report_fixup() The apple_report_fixup() function was returning a newly kmemdup()-allocated buffer, but never freeing it. The caller of report_fixup() does not take ownership of the returned pointer, but it *is* permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31520.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31520.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31520
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31520
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460675
reference_id 2460675
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460675
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31520
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-898p-crnv-w7cb
84
url VCID-8a31-1mz8-17cu
vulnerability_id VCID-8a31-1mz8-17cu
summary kernel: can: usb: f81604: correctly anchor the urb in the read bulk callback
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23347.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23347.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23347
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23347
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451173
reference_id 2451173
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451173
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23347
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8a31-1mz8-17cu
85
url VCID-8ab4-cv5e-2kff
vulnerability_id VCID-8ab4-cv5e-2kff
summary kernel: i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock"
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23369.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23369.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23369
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23369
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451235
reference_id 2451235
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451235
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23369
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ab4-cv5e-2kff
86
url VCID-8bmx-4nbw-6qcn
vulnerability_id VCID-8bmx-4nbw-6qcn
summary kernel: ice: Fix memory leak in ice_set_ringparam()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23389.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23389.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23389
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23389
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23389
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451263
reference_id 2451263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451263
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23389
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8bmx-4nbw-6qcn
87
url VCID-8edx-kmgw-jue5
vulnerability_id VCID-8edx-kmgw-jue5
summary kernel: can: j1939: implement NETDEV_UNREGISTER notification handler
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39925.json
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39925.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39925
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-24T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-12T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.0477
published_at 2026-04-13T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04723
published_at 2026-04-16T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04731
published_at 2026-04-18T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-21T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39925
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39925
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39925
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2400629
reference_id 2400629
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2400629
5
reference_url https://git.kernel.org/stable/c/7fcbe5b2c6a4b5407bf2241fdb71e0a390f6ab9a
reference_id 7fcbe5b2c6a4b5407bf2241fdb71e0a390f6ab9a
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:39:05Z/
url https://git.kernel.org/stable/c/7fcbe5b2c6a4b5407bf2241fdb71e0a390f6ab9a
6
reference_url https://git.kernel.org/stable/c/da9e8f429139928570407e8f90559b5d46c20262
reference_id da9e8f429139928570407e8f90559b5d46c20262
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:39:05Z/
url https://git.kernel.org/stable/c/da9e8f429139928570407e8f90559b5d46c20262
7
reference_url https://access.redhat.com/errata/RHSA-2025:22854
reference_id RHSA-2025:22854
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22854
8
reference_url https://access.redhat.com/errata/RHSA-2025:22865
reference_id RHSA-2025:22865
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22865
9
reference_url https://access.redhat.com/errata/RHSA-2025:23789
reference_id RHSA-2025:23789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23789
10
reference_url https://access.redhat.com/errata/RHSA-2026:0173
reference_id RHSA-2026:0173
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0173
11
reference_url https://access.redhat.com/errata/RHSA-2026:0271
reference_id RHSA-2026:0271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0271
12
reference_url https://access.redhat.com/errata/RHSA-2026:0534
reference_id RHSA-2026:0534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0534
13
reference_url https://access.redhat.com/errata/RHSA-2026:0535
reference_id RHSA-2026:0535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0535
14
reference_url https://access.redhat.com/errata/RHSA-2026:0537
reference_id RHSA-2026:0537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0537
15
reference_url https://access.redhat.com/errata/RHSA-2026:0576
reference_id RHSA-2026:0576
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0576
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39925
risk_score 2.2
exploitability 0.5
weighted_severity 4.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8edx-kmgw-jue5
88
url VCID-8hgk-zrmy-tbba
vulnerability_id VCID-8hgk-zrmy-tbba
summary kernel: io_uring/kbuf: fix signedness in this_len calculation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39822.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39822.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39822
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05287
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05375
published_at 2026-04-08T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05319
published_at 2026-04-04T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05341
published_at 2026-04-07T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05398
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05366
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05726
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05737
published_at 2026-04-18T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05881
published_at 2026-04-21T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05911
published_at 2026-04-24T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05771
published_at 2026-04-12T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05764
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39822
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395774
reference_id 2395774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395774
4
reference_url https://git.kernel.org/stable/c/c64eff368ac676e8540344d27a3de47e0ad90d21
reference_id c64eff368ac676e8540344d27a3de47e0ad90d21
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:04Z/
url https://git.kernel.org/stable/c/c64eff368ac676e8540344d27a3de47e0ad90d21
5
reference_url https://git.kernel.org/stable/c/f4f411c068402c370c4f9a9d4950a97af97bbbb1
reference_id f4f411c068402c370c4f9a9d4950a97af97bbbb1
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:17:04Z/
url https://git.kernel.org/stable/c/f4f411c068402c370c4f9a9d4950a97af97bbbb1
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39822
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8hgk-zrmy-tbba
89
url VCID-8kug-7bk5-t3bf
vulnerability_id VCID-8kug-7bk5-t3bf
summary kernel: wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23373.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23373.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23373
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23373
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451244
reference_id 2451244
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451244
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23373
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kug-7bk5-t3bf
90
url VCID-8q1z-p2qp-nkbf
vulnerability_id VCID-8q1z-p2qp-nkbf
summary In the Linux kernel, the following vulnerability has been resolved: xfs: stop reclaim before pushing AIL during unmount The unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while background reclaim and inodegc are still running. This is broken independently of any use-after-free issues - background reclaim and inodegc should not be running while the AIL is being pushed during unmount, as inodegc can dirty and insert inodes into the AIL during the flush, and background reclaim can race to abort and free dirty inodes. Reorder xfs_unmount_flush_inodes() to stop inodegc and cancel background reclaim before pushing the AIL. Stop inodegc before cancelling m_reclaim_work because the inodegc worker can re-queue m_reclaim_work via xfs_inodegc_set_reclaimable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31455.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31455.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31455
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31455
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31455
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31455
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460673
reference_id 2460673
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460673
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31455
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8q1z-p2qp-nkbf
91
url VCID-8qcc-chc3-yuaa
vulnerability_id VCID-8qcc-chc3-yuaa
summary In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place to start abandonment from, but it doesn't always have a useful value (it will be uninitialised on the first pass through the loop and it may point to a deleted subrequest on later passes). Fix the first jump to "abandon:" to set subreq to the start of the first subrequest expected to need retry (which, in this abandonment case, turned out unexpectedly to no longer have NEED_RETRY set). Also clear the subreq pointer after discarding superfluous retryable subrequests to cause an oops if we do try to access it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31435.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31435.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31435
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31435
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460660
reference_id 2460660
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460660
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31435
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qcc-chc3-yuaa
92
url VCID-8qua-yr2x-s7fd
vulnerability_id VCID-8qua-yr2x-s7fd
summary kernel: af_unix: Give up GC if MSG_PEEK intervened
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23394.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23394.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23394
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.09468
published_at 2026-04-21T12:55:00Z
11
value 0.00033
scoring_system epss
scoring_elements 0.0952
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23394
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451201
reference_id 2451201
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451201
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23394
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qua-yr2x-s7fd
93
url VCID-8swc-xby9-cygu
vulnerability_id VCID-8swc-xby9-cygu
summary kernel: blk-throttle: fix access race during throttle policy activation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40147.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40147.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40147
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05412
published_at 2026-04-11T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.054
published_at 2026-04-12T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05391
published_at 2026-04-13T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.0534
published_at 2026-04-16T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05343
published_at 2026-04-18T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05506
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06555
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09202
published_at 2026-04-02T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09249
published_at 2026-04-04T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09297
published_at 2026-04-09T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09175
published_at 2026-04-07T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09254
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40147
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414463
reference_id 2414463
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414463
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40147
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8swc-xby9-cygu
94
url VCID-8vkt-e4d8-qfgn
vulnerability_id VCID-8vkt-e4d8-qfgn
summary kernel: amd/amdkfd: enhance kfd process check in switch partition
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68174.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68174.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68174
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68174
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422691
reference_id 2422691
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422691
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68174
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vkt-e4d8-qfgn
95
url VCID-8xay-cepn-vfdd
vulnerability_id VCID-8xay-cepn-vfdd
summary In the Linux kernel, the following vulnerability has been resolved: ksmbd: do not expire session on binding failure When a multichannel session binding request fails (e.g. wrong password), the error path unconditionally sets sess->state = SMB2_SESSION_EXPIRED. However, during binding, sess points to the target session looked up via ksmbd_session_lookup_slowpath() -- which belongs to another connection's user. This allows a remote attacker to invalidate any active session by simply sending a binding request with a wrong password (DoS). Fix this by skipping session expiration when the failed request was a binding attempt, since the session does not belong to the current connection. The reference taken by ksmbd_session_lookup_slowpath() is still correctly released via ksmbd_user_session_put().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31476.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31476.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31476
reference_id
reference_type
scores
0
value 0.00076
scoring_system epss
scoring_elements 0.22561
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31476
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460626
reference_id 2460626
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460626
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31476
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xay-cepn-vfdd
96
url VCID-8xmp-5z38-1qaa
vulnerability_id VCID-8xmp-5z38-1qaa
summary kernel: drbd: fix null-pointer dereference on local read error
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23285.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23285
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23285
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451168
reference_id 2451168
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451168
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23285
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8xmp-5z38-1qaa
97
url VCID-915z-uxfx-3uh1
vulnerability_id VCID-915z-uxfx-3uh1
summary kernel: audit: add fchmodat2() to change attributes class
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71239.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71239.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71239
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10266
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10153
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10286
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71239
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448336
reference_id 2448336
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448336
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71239
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-915z-uxfx-3uh1
98
url VCID-93h7-cr4j-sbfn
vulnerability_id VCID-93h7-cr4j-sbfn
summary In the Linux kernel, the following vulnerability has been resolved: team: fix header_ops type confusion with non-Ethernet ports Similar to commit 950803f72547 ("bonding: fix type confusion in bond_setup_by_slave()") team has the same class of header_ops type confusion. For non-Ethernet ports, team_setup_by_port() copies port_dev->header_ops directly. When the team device later calls dev_hard_header() or dev_parse_header(), these callbacks can run with the team net_device instead of the real lower device, so netdev_priv(dev) is interpreted as the wrong private type and can crash. The syzbot report shows a crash in bond_header_create(), but the root cause is in team: the topology is gre -> bond -> team, and team calls the inherited header_ops with its own net_device instead of the lower device, so bond_header_create() receives a team device and interprets netdev_priv() as bonding private data, causing a type confusion crash. Fix this by introducing team header_ops wrappers for create/parse, selecting a team port under RCU, and calling the lower device callbacks with port->dev, so each callback always sees the correct net_device context. Also pass the selected lower device to the lower parse callback, so recursion is bounded in stacked non-Ethernet topologies and parse callbacks always run with the correct device context.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31502.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31502.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31502
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31502
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31502
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31502
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460684
reference_id 2460684
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460684
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31502
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93h7-cr4j-sbfn
99
url VCID-94ed-vp4v-mqeg
vulnerability_id VCID-94ed-vp4v-mqeg
summary kernel: Kernel: Denial of Service via NULL pointer dereference in VXLAN module
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68353.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68353.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68353
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-24T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07684
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07837
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68353
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424860
reference_id 2424860
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424860
4
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
5
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
6
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
7
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68353
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94ed-vp4v-mqeg
100
url VCID-94k1-ja9w-2fd2
vulnerability_id VCID-94k1-ja9w-2fd2
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31421.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31421
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31421
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31421
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31421
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457824
reference_id 2457824
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457824
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31421
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94k1-ja9w-2fd2
101
url VCID-95hc-n74c-s3bv
vulnerability_id VCID-95hc-n74c-s3bv
summary In the Linux kernel, the following vulnerability has been resolved: s390/entry: Scrub r12 register on kernel entry Before commit f33f2d4c7c80 ("s390/bp: remove TIF_ISOLATE_BP"), all entry handlers loaded r12 with the current task pointer (lg %r12,__LC_CURRENT) for use by the BPENTER/BPEXIT macros. That commit removed TIF_ISOLATE_BP, dropping both the branch prediction macros and the r12 load, but did not add r12 to the register clearing sequence. Add the missing xgr %r12,%r12 to make the register scrub consistent across all entry points.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31482.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31482.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31482
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31482
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460705
reference_id 2460705
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460705
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31482
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-95hc-n74c-s3bv
102
url VCID-98mp-5h68-73eg
vulnerability_id VCID-98mp-5h68-73eg
summary kernel: Linux kernel: Denial of Service during UFS power down
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68236.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68236.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68236
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68236
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68236
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422752
reference_id 2422752
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422752
5
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
6
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
7
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
8
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
9
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
10
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68236
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98mp-5h68-73eg
103
url VCID-98ws-1jnk-67hr
vulnerability_id VCID-98ws-1jnk-67hr
summary In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value `quote_buf->out_len` that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote attestation, quotes are not considered private, and can be forwarded to an attestation server. Catch scenarios where the host specifies a response length larger than the guest's allocation, or otherwise races modifying the response while the guest consumes it. This prevents contents beyond the pages allocated for `quote_buf` (up to TSM_REPORT_OUTBLOB_MAX) from being read out to guest userspace, and possibly forwarded in attestation requests. Recall that some deployments want per-container configs-tsm-report interfaces, so the leak may cross container protection boundaries, not just local root.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31470.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31470.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31470
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31470
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460674
reference_id 2460674
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460674
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31470
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98ws-1jnk-67hr
104
url VCID-98y4-8sve-mfbz
vulnerability_id VCID-98y4-8sve-mfbz
summary kernel: mlx5: Fix default values in create CQ
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68209.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68209.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68209
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68209
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422698
reference_id 2422698
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422698
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68209
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-98y4-8sve-mfbz
105
url VCID-9axb-sz3w-ubcx
vulnerability_id VCID-9axb-sz3w-ubcx
summary In the Linux kernel, the following vulnerability has been resolved: udp_tunnel: fix NULL deref caused by udp_sock_create6 when CONFIG_IPV6=n When CONFIG_IPV6 is disabled, the udp_sock_create6() function returns 0 (success) without actually creating a socket. Callers such as fou_create() then proceed to dereference the uninitialized socket pointer, resulting in a NULL pointer dereference. The captured NULL deref crash: BUG: kernel NULL pointer dereference, address: 0000000000000018 RIP: 0010:fou_nl_add_doit (net/ipv4/fou_core.c:590 net/ipv4/fou_core.c:764) [...] Call Trace: <TASK> genl_family_rcv_msg_doit.constprop.0 (net/netlink/genetlink.c:1114) genl_rcv_msg (net/netlink/genetlink.c:1194 net/netlink/genetlink.c:1209) [...] netlink_rcv_skb (net/netlink/af_netlink.c:2550) genl_rcv (net/netlink/genetlink.c:1219) netlink_unicast (net/netlink/af_netlink.c:1319 net/netlink/af_netlink.c:1344) netlink_sendmsg (net/netlink/af_netlink.c:1894) __sock_sendmsg (net/socket.c:727 (discriminator 1) net/socket.c:742 (discriminator 1)) __sys_sendto (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:2183 (discriminator 1)) __x64_sys_sendto (net/socket.c:2213 (discriminator 1) net/socket.c:2209 (discriminator 1) net/socket.c:2209 (discriminator 1)) do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1)) entry_SYSCALL_64_after_hwframe (net/arch/x86/entry/entry_64.S:130) This patch makes udp_sock_create6 return -EPFNOSUPPORT instead, so callers correctly take their error paths. There is only one caller of the vulnerable function and only privileged users can trigger it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23439.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23439.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23439
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23439
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23439
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23439
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454835
reference_id 2454835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454835
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23439
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9axb-sz3w-ubcx
106
url VCID-9cpj-kd98-33bz
vulnerability_id VCID-9cpj-kd98-33bz
summary kernel: net/sched: act_gate: snapshot parameters with RCU on replace
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23245.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23245.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23245
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23245
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23245
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23245
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448593
reference_id 2448593
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448593
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23245
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cpj-kd98-33bz
107
url VCID-9cuj-t2sc-bbdj
vulnerability_id VCID-9cuj-t2sc-bbdj
summary kernel: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23317.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23317.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23317
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23317
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451188
reference_id 2451188
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451188
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23317
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9cuj-t2sc-bbdj
108
url VCID-9dfd-an6h-67gp
vulnerability_id VCID-9dfd-an6h-67gp
summary kernel: btrfs: do not strictly require dirty metadata threshold for metadata writepages
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23157.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23157.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23157
reference_id
reference_type
scores
0
value 6e-05
scoring_system epss
scoring_elements 0.0042
published_at 2026-04-24T12:55:00Z
1
value 6e-05
scoring_system epss
scoring_elements 0.00395
published_at 2026-04-16T12:55:00Z
2
value 6e-05
scoring_system epss
scoring_elements 0.00399
published_at 2026-04-18T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00425
published_at 2026-04-21T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00606
published_at 2026-04-07T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00593
published_at 2026-04-12T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00595
published_at 2026-04-13T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00597
published_at 2026-04-11T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00611
published_at 2026-04-02T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00604
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23157
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23157
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23157
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439903
reference_id 2439903
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439903
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23157
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9dfd-an6h-67gp
109
url VCID-9ej7-7tra-zqcm
vulnerability_id VCID-9ej7-7tra-zqcm
summary kernel: netfilter: nft_set_rbtree: validate open interval overlap
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23333.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23333.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23333
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23333
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23333
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23333
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451243
reference_id 2451243
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451243
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23333
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ej7-7tra-zqcm
110
url VCID-9jgy-8b6j-ayfz
vulnerability_id VCID-9jgy-8b6j-ayfz
summary kernel: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39834.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39834.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39834
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39834
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://git.kernel.org/stable/c/051fd8576a2e4e95d5870c5c9f8679c5b16882e4
reference_id 051fd8576a2e4e95d5870c5c9f8679c5b16882e4
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:18:41Z/
url https://git.kernel.org/stable/c/051fd8576a2e4e95d5870c5c9f8679c5b16882e4
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395775
reference_id 2395775
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395775
5
reference_url https://git.kernel.org/stable/c/a630f83592cdad1253523a1b760cfe78fef6cd9c
reference_id a630f83592cdad1253523a1b760cfe78fef6cd9c
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:18:41Z/
url https://git.kernel.org/stable/c/a630f83592cdad1253523a1b760cfe78fef6cd9c
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39834
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jgy-8b6j-ayfz
111
url VCID-9kuz-7fag-4qhv
vulnerability_id VCID-9kuz-7fag-4qhv
summary kernel: kernel: Privilege escalation or denial of service via use-after-free in nf_tables_addchain()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23231.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23231.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23231
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02315
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03404
published_at 2026-04-09T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03362
published_at 2026-04-11T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03333
published_at 2026-04-12T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.0331
published_at 2026-04-13T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03286
published_at 2026-04-16T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03297
published_at 2026-04-18T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03379
published_at 2026-04-07T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03383
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23231
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2444376
reference_id 2444376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2444376
5
reference_url https://access.redhat.com/errata/RHSA-2026:10108
reference_id RHSA-2026:10108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10108
6
reference_url https://access.redhat.com/errata/RHSA-2026:6053
reference_id RHSA-2026:6053
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6053
7
reference_url https://access.redhat.com/errata/RHSA-2026:6570
reference_id RHSA-2026:6570
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6570
8
reference_url https://access.redhat.com/errata/RHSA-2026:6571
reference_id RHSA-2026:6571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6571
9
reference_url https://access.redhat.com/errata/RHSA-2026:6572
reference_id RHSA-2026:6572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6572
10
reference_url https://access.redhat.com/errata/RHSA-2026:6940
reference_id RHSA-2026:6940
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6940
11
reference_url https://access.redhat.com/errata/RHSA-2026:9095
reference_id RHSA-2026:9095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9095
12
reference_url https://access.redhat.com/errata/RHSA-2026:9512
reference_id RHSA-2026:9512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9512
13
reference_url https://access.redhat.com/errata/RHSA-2026:9513
reference_id RHSA-2026:9513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9513
14
reference_url https://access.redhat.com/errata/RHSA-2026:9514
reference_id RHSA-2026:9514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9514
15
reference_url https://access.redhat.com/errata/RHSA-2026:9515
reference_id RHSA-2026:9515
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9515
16
reference_url https://access.redhat.com/errata/RHSA-2026:9643
reference_id RHSA-2026:9643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9643
17
reference_url https://access.redhat.com/errata/RHSA-2026:9644
reference_id RHSA-2026:9644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9644
18
reference_url https://access.redhat.com/errata/RHSA-2026:9835
reference_id RHSA-2026:9835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9835
19
reference_url https://access.redhat.com/errata/RHSA-2026:9836
reference_id RHSA-2026:9836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9836
20
reference_url https://access.redhat.com/errata/RHSA-2026:9870
reference_id RHSA-2026:9870
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9870
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23231
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kuz-7fag-4qhv
112
url VCID-9m2t-y1zb-hfar
vulnerability_id VCID-9m2t-y1zb-hfar
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31412.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31412.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31412
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01146
published_at 2026-04-11T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01139
published_at 2026-04-12T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01141
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02364
published_at 2026-04-21T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02343
published_at 2026-04-24T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02263
published_at 2026-04-16T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0227
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31412
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31412
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31412
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457276
reference_id 2457276
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457276
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31412
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9m2t-y1zb-hfar
113
url VCID-9qhe-6xhk-hfhf
vulnerability_id VCID-9qhe-6xhk-hfhf
summary kernel: IB/mthca: Add missed mthca_unmap_user_db() for mthca_create_srq()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23289.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23289.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23289
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23289
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23289
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23289
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451253
reference_id 2451253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451253
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23289
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qhe-6xhk-hfhf
114
url VCID-9sm6-shj5-cqh5
vulnerability_id VCID-9sm6-shj5-cqh5
summary In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure ieee80211_tx_prepare_skb() has three error paths, but only two of them free the skb. The first error path (ieee80211_tx_prepare() returning TX_DROP) does not free it, while invoke_tx_handlers() failure and the fragmentation check both do. Add kfree_skb() to the first error path so all three are consistent, and remove the now-redundant frees in callers (ath9k, mt76, mac80211_hwsim) to avoid double-free. Document the skb ownership guarantee in the function's kdoc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23444.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23444.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23444
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02176
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03975
published_at 2026-04-07T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-08T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03962
published_at 2026-04-04T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23444
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23444
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23444
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454876
reference_id 2454876
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454876
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23444
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9sm6-shj5-cqh5
115
url VCID-9tbh-mrhu-v3am
vulnerability_id VCID-9tbh-mrhu-v3am
summary kernel: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38597.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38597.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38597
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04312
published_at 2026-04-21T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04177
published_at 2026-04-02T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04197
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04213
published_at 2026-04-07T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04244
published_at 2026-04-08T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04259
published_at 2026-04-09T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-11T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.0423
published_at 2026-04-12T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04207
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04176
published_at 2026-04-16T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.04185
published_at 2026-04-18T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04485
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38597
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2389493
reference_id 2389493
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2389493
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38597
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9tbh-mrhu-v3am
116
url VCID-9ur7-ynkr-rydr
vulnerability_id VCID-9ur7-ynkr-rydr
summary kernel: wifi: ath12k: Fix MSDU buffer types handling in RX error path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68729.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68729.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68729
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68729
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424866
reference_id 2424866
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424866
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68729
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ur7-ynkr-rydr
117
url VCID-a1ez-xh2w-7ba6
vulnerability_id VCID-a1ez-xh2w-7ba6
summary In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4_inode_attach_jinode() publishes ei->jinode to concurrent users. It used to set ei->jinode before jbd2_journal_init_jbd_inode(), allowing a reader to observe a non-NULL jinode with i_vfs_inode still unset. The fast commit flush path can then pass this jinode to jbd2_wait_inode_data(), which dereferences i_vfs_inode->i_mapping and may crash. Below is the crash I observe: ``` BUG: unable to handle page fault for address: 000000010beb47f4 PGD 110e51067 P4D 110e51067 PUD 0 Oops: Oops: 0000 [#1] SMP NOPTI CPU: 1 UID: 0 PID: 4850 Comm: fc_fsync_bench_ Not tainted 6.18.0-00764-g795a690c06a5 #1 PREEMPT(voluntary) Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Arch Linux 1.17.0-2-2 04/01/2014 RIP: 0010:xas_find_marked+0x3d/0x2e0 Code: e0 03 48 83 f8 02 0f 84 f0 01 00 00 48 8b 47 08 48 89 c3 48 39 c6 0f 82 fd 01 00 00 48 85 c9 74 3d 48 83 f9 03 77 63 4c 8b 0f <49> 8b 71 08 48 c7 47 18 00 00 00 00 48 89 f1 83 e1 03 48 83 f9 02 RSP: 0018:ffffbbee806e7bf0 EFLAGS: 00010246 RAX: 000000000010beb4 RBX: 000000000010beb4 RCX: 0000000000000003 RDX: 0000000000000001 RSI: 0000002000300000 RDI: ffffbbee806e7c10 RBP: 0000000000000001 R08: 0000002000300000 R09: 000000010beb47ec R10: ffff9ea494590090 R11: 0000000000000000 R12: 0000002000300000 R13: ffffbbee806e7c90 R14: ffff9ea494513788 R15: ffffbbee806e7c88 FS: 00007fc2f9e3e6c0(0000) GS:ffff9ea6b1444000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000010beb47f4 CR3: 0000000119ac5000 CR4: 0000000000750ef0 PKRU: 55555554 Call Trace: <TASK> filemap_get_folios_tag+0x87/0x2a0 __filemap_fdatawait_range+0x5f/0xd0 ? srso_alias_return_thunk+0x5/0xfbef5 ? __schedule+0x3e7/0x10c0 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? cap_safe_nice+0x37/0x70 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 filemap_fdatawait_range_keep_errors+0x12/0x40 ext4_fc_commit+0x697/0x8b0 ? ext4_file_write_iter+0x64b/0x950 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ? srso_alias_return_thunk+0x5/0xfbef5 ? vfs_write+0x356/0x480 ? srso_alias_return_thunk+0x5/0xfbef5 ? preempt_count_sub+0x5f/0x80 ext4_sync_file+0xf7/0x370 do_fsync+0x3b/0x80 ? syscall_trace_enter+0x108/0x1d0 __x64_sys_fdatasync+0x16/0x20 do_syscall_64+0x62/0x2c0 entry_SYSCALL_64_after_hwframe+0x76/0x7e ... ``` Fix this by initializing the jbd2_inode first. Use smp_wmb() and WRITE_ONCE() to publish ei->jinode after initialization. Readers use READ_ONCE() to fetch the pointer.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31450.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31450.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31450
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31450
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31450
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31450
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460634
reference_id 2460634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460634
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31450
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a1ez-xh2w-7ba6
118
url VCID-a1xg-dyn3-skb6
vulnerability_id VCID-a1xg-dyn3-skb6
summary kernel: Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23395.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23395.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23395
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.08494
published_at 2026-04-02T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.0855
published_at 2026-04-04T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.0847
published_at 2026-04-07T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.08543
published_at 2026-04-08T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08564
published_at 2026-04-09T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08558
published_at 2026-04-11T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08539
published_at 2026-04-12T12:55:00Z
7
value 0.0003
scoring_system epss
scoring_elements 0.08523
published_at 2026-04-13T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10086
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10064
published_at 2026-04-18T12:55:00Z
10
value 0.00041
scoring_system epss
scoring_elements 0.12449
published_at 2026-04-24T12:55:00Z
11
value 0.00041
scoring_system epss
scoring_elements 0.12443
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23395
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23395
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23395
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451160
reference_id 2451160
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451160
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23395
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a1xg-dyn3-skb6
119
url VCID-a28q-pf9z-abdm
vulnerability_id VCID-a28q-pf9z-abdm
summary kernel: ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23377.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23377.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23377
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06675
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06682
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23377
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451261
reference_id 2451261
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451261
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23377
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a28q-pf9z-abdm
120
url VCID-a29y-u4f3-nkfk
vulnerability_id VCID-a29y-u4f3-nkfk
summary kernel: staging: most: remove broken i2c driver
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68755.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68755.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68755
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07417
published_at 2026-04-24T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07346
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.0739
published_at 2026-04-04T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07372
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07427
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07451
published_at 2026-04-09T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07437
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07424
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07413
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-18T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07456
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68755
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68755
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68755
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427119
reference_id 2427119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427119
5
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
6
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
7
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
8
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
9
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
10
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
11
reference_url https://usn.ubuntu.com/8179-1/
reference_id USN-8179-1
reference_type
scores
url https://usn.ubuntu.com/8179-1/
12
reference_url https://usn.ubuntu.com/8179-2/
reference_id USN-8179-2
reference_type
scores
url https://usn.ubuntu.com/8179-2/
13
reference_url https://usn.ubuntu.com/8179-3/
reference_id USN-8179-3
reference_type
scores
url https://usn.ubuntu.com/8179-3/
14
reference_url https://usn.ubuntu.com/8184-1/
reference_id USN-8184-1
reference_type
scores
url https://usn.ubuntu.com/8184-1/
15
reference_url https://usn.ubuntu.com/8185-1/
reference_id USN-8185-1
reference_type
scores
url https://usn.ubuntu.com/8185-1/
16
reference_url https://usn.ubuntu.com/8203-1/
reference_id USN-8203-1
reference_type
scores
url https://usn.ubuntu.com/8203-1/
17
reference_url https://usn.ubuntu.com/8204-1/
reference_id USN-8204-1
reference_type
scores
url https://usn.ubuntu.com/8204-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68755
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a29y-u4f3-nkfk
121
url VCID-a36h-pqj3-9bhe
vulnerability_id VCID-a36h-pqj3-9bhe
summary kernel: xdp: produce a warning when calculated tailroom is negative
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23343.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23343.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23343
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03536
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23343
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451237
reference_id 2451237
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451237
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23343
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a36h-pqj3-9bhe
122
url VCID-a3d8-8qvy-ykdr
vulnerability_id VCID-a3d8-8qvy-ykdr
summary kernel: sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23371.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23371.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23371
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06682
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06675
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23371
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23371
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23371
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451161
reference_id 2451161
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451161
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23371
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3d8-8qvy-ykdr
123
url VCID-a5tz-dm6g-zqch
vulnerability_id VCID-a5tz-dm6g-zqch
summary kernel: smb: client: Don't log plaintext credentials in cifs_set_cifscreds
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23303.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23303
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23303
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451217
reference_id 2451217
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451217
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23303
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5tz-dm6g-zqch
124
url VCID-a6bg-yemv-4kcf
vulnerability_id VCID-a6bg-yemv-4kcf
summary kernel: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40098.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40098.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40098
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05977
published_at 2026-04-08T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05939
published_at 2026-04-07T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40098
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2407347
reference_id 2407347
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2407347
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40098
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a6bg-yemv-4kcf
125
url VCID-a7fc-8bje-hugq
vulnerability_id VCID-a7fc-8bje-hugq
summary In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmu_ctx->pmu for groups Oliver reported that x86_pmu_del() ended up doing an out-of-bound memory access when group_sched_in() fails and needs to roll back. This *should* be handled by the transaction callbacks, but he found that when the group leader is a software event, the transaction handlers of the wrong PMU are used. Despite the move_group case in perf_event_open() and group_sched_in() using pmu_ctx->pmu. Turns out, inherit uses event->pmu to clone the events, effectively undoing the move_group case for all inherited contexts. Fix this by also making inherit use pmu_ctx->pmu, ensuring all inherited counters end up in the same pmu context. Similarly, __perf_event_read() should use equally use pmu_ctx->pmu for the group case.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31528.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31528.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31528
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31528
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460668
reference_id 2460668
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460668
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31528
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7fc-8bje-hugq
126
url VCID-abfm-ssmn-1fap
vulnerability_id VCID-abfm-ssmn-1fap
summary kernel: fs/ntfs3: Mark inode as bad as soon as error detected in mi_enum_attr()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52560.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52560.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-52560
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13938
published_at 2026-04-24T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13841
published_at 2026-04-16T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13835
published_at 2026-04-18T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13906
published_at 2026-04-21T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13943
published_at 2026-04-07T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.14025
published_at 2026-04-08T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.14078
published_at 2026-04-09T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.14023
published_at 2026-04-11T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.13986
published_at 2026-04-12T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.13937
published_at 2026-04-13T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14502
published_at 2026-04-02T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14572
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-52560
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2348538
reference_id 2348538
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2348538
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-52560
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-abfm-ssmn-1fap
127
url VCID-ackw-rsbh-rubp
vulnerability_id VCID-ackw-rsbh-rubp
summary kernel: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38187.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38187.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38187
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08128
published_at 2026-04-24T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08076
published_at 2026-04-02T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08118
published_at 2026-04-04T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08068
published_at 2026-04-07T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08129
published_at 2026-04-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08151
published_at 2026-04-09T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08144
published_at 2026-04-11T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08124
published_at 2026-04-12T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08107
published_at 2026-04-13T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08014
published_at 2026-04-16T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.07999
published_at 2026-04-18T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08172
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38187
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376404
reference_id 2376404
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376404
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38187
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ackw-rsbh-rubp
128
url VCID-ajfm-hpzg-uqck
vulnerability_id VCID-ajfm-hpzg-uqck
summary kernel: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23327.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23327.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23327
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02863
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06675
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23327
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451279
reference_id 2451279
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451279
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23327
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajfm-hpzg-uqck
129
url VCID-ajr2-wmhj-fbbj
vulnerability_id VCID-ajr2-wmhj-fbbj
summary kernel: ksmbd: fix use-after-free of share_conf in compound request
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23428.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23428.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23428
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23428
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454864
reference_id 2454864
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454864
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23428
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajr2-wmhj-fbbj
130
url VCID-akq2-c6hp-tfda
vulnerability_id VCID-akq2-c6hp-tfda
summary kernel: crypto: hisilicon/qm - request reserved interrupt for virtual function
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40136.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40136.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40136
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06113
published_at 2026-04-21T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05961
published_at 2026-04-18T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-13T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05995
published_at 2026-04-12T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40136
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414486
reference_id 2414486
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414486
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40136
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akq2-c6hp-tfda
131
url VCID-akv9-pdny-1yh6
vulnerability_id VCID-akv9-pdny-1yh6
summary kernel: fs: ntfs3: check return value of indx_find to avoid infinite loop
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71266.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71266.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71266
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10266
published_at 2026-04-24T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10286
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71266
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448597
reference_id 2448597
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448597
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71266
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-akv9-pdny-1yh6
132
url VCID-an5c-5rea-u3aq
vulnerability_id VCID-an5c-5rea-u3aq
summary kernel: dlm: prevent NPD when writing a positive value to event_done
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23131.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23131.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23131
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23131
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23131
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23131
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360285
reference_id 2360285
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360285
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-23131
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-an5c-5rea-u3aq
133
url VCID-ans1-wmuz-e3bw
vulnerability_id VCID-ans1-wmuz-e3bw
summary kernel: memory leak in ubi driver
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25740.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-25740.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-25740
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01675
published_at 2026-04-24T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01436
published_at 2026-04-16T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.0145
published_at 2026-04-18T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01664
published_at 2026-04-21T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01571
published_at 2026-04-02T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01575
published_at 2026-04-04T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01451
published_at 2026-04-07T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01456
published_at 2026-04-08T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01459
published_at 2026-04-09T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01453
published_at 2026-04-11T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.01447
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-25740
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25740
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263881
reference_id 2263881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263881
5
reference_url https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T/
reference_id T
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-02-12T16:42:50Z/
url https://lore.kernel.org/lkml/0171b6cc-95ee-3538-913b-65a391a446b3%40huawei.com/T/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-25740
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ans1-wmuz-e3bw
134
url VCID-apfq-mqch-jkgr
vulnerability_id VCID-apfq-mqch-jkgr
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fix Content-Length u32 truncation in sip_help_tcp() sip_help_tcp() parses the SIP Content-Length header with simple_strtoul(), which returns unsigned long, but stores the result in unsigned int clen. On 64-bit systems, values exceeding UINT_MAX are silently truncated before computing the SIP message boundary. For example, Content-Length 4294967328 (2^32 + 32) is truncated to 32, causing the parser to miscalculate where the current message ends. The loop then treats trailing data in the TCP segment as a second SIP message and processes it through the SDP parser. Fix this by changing clen to unsigned long to match the return type of simple_strtoul(), and reject Content-Length values that exceed the remaining TCP payload length.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23457.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23457.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23457
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23457
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23457
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23457
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454800
reference_id 2454800
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454800
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23457
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apfq-mqch-jkgr
135
url VCID-asy4-m48b-xydu
vulnerability_id VCID-asy4-m48b-xydu
summary kernel: netfilter: nf_tables: release flowtable after rcu grace period on error
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23392.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23392.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23392
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03605
published_at 2026-04-24T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.03598
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23392
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23392
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23392
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451218
reference_id 2451218
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451218
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23392
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asy4-m48b-xydu
136
url VCID-awyz-zwdv-quaa
vulnerability_id VCID-awyz-zwdv-quaa
summary kernel: bnxt_en: Mask the bd_cnt field in the TX BD properly
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22108.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22108.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22108
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22108
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360268
reference_id 2360268
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360268
4
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
5
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
6
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22108
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-awyz-zwdv-quaa
137
url VCID-aymw-na2d-bqfy
vulnerability_id VCID-aymw-na2d-bqfy
summary kernel: coresight: ETR: Fix ETR buffer use-after-free issue
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68376.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68376.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68376
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68376
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424870
reference_id 2424870
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424870
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68376
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aymw-na2d-bqfy
138
url VCID-azqr-xmc7-13b5
vulnerability_id VCID-azqr-xmc7-13b5
summary kernel: xfs: check for deleted cursors when revalidating two btrees
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23249.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23249.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23249
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.07078
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.07063
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23249
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448700
reference_id 2448700
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448700
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23249
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-azqr-xmc7-13b5
139
url VCID-b1an-t4b8-4bd1
vulnerability_id VCID-b1an-t4b8-4bd1
summary kernel: net: usb: pegasus: validate USB endpoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23290.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23290.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23290
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23290
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23290
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23290
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451179
reference_id 2451179
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451179
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23290
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b1an-t4b8-4bd1
140
url VCID-b2kt-hmz5-yuhb
vulnerability_id VCID-b2kt-hmz5-yuhb
summary kernel: mm: fix uprobe pte be overwritten when expanding vma
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38207.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38207.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38207
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08193
published_at 2026-04-02T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08246
published_at 2026-04-04T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08194
published_at 2026-04-07T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08257
published_at 2026-04-08T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08277
published_at 2026-04-09T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08268
published_at 2026-04-11T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08248
published_at 2026-04-12T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08231
published_at 2026-04-13T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08125
published_at 2026-04-16T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08111
published_at 2026-04-18T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08286
published_at 2026-04-21T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08263
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38207
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38207
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376371
reference_id 2376371
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376371
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38207
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b2kt-hmz5-yuhb
141
url VCID-b51x-3ss2-67ex
vulnerability_id VCID-b51x-3ss2-67ex
summary kernel: RDMA/siw: Fix potential NULL pointer dereference in header processing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23242.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23242.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23242
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00068
scoring_system epss
scoring_elements 0.20889
published_at 2026-04-07T12:55:00Z
2
value 0.00068
scoring_system epss
scoring_elements 0.2097
published_at 2026-04-08T12:55:00Z
3
value 0.00068
scoring_system epss
scoring_elements 0.21031
published_at 2026-04-09T12:55:00Z
4
value 0.00068
scoring_system epss
scoring_elements 0.21047
published_at 2026-04-11T12:55:00Z
5
value 0.00068
scoring_system epss
scoring_elements 0.21175
published_at 2026-04-04T12:55:00Z
6
value 0.00068
scoring_system epss
scoring_elements 0.2095
published_at 2026-04-13T12:55:00Z
7
value 0.00068
scoring_system epss
scoring_elements 0.20939
published_at 2026-04-16T12:55:00Z
8
value 0.00068
scoring_system epss
scoring_elements 0.20938
published_at 2026-04-18T12:55:00Z
9
value 0.00068
scoring_system epss
scoring_elements 0.21003
published_at 2026-04-12T12:55:00Z
10
value 0.00074
scoring_system epss
scoring_elements 0.2238
published_at 2026-04-21T12:55:00Z
11
value 0.00074
scoring_system epss
scoring_elements 0.22228
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23242
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23242
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23242
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448602
reference_id 2448602
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448602
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23242
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b51x-3ss2-67ex
142
url VCID-b9uq-ggy1-eyan
vulnerability_id VCID-b9uq-ggy1-eyan
summary kernel: Linux kernel: Denial of Service in qla2xxx SCSI driver due to improper command handling after chip reset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68745.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68745.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68745
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-24T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07684
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07837
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68745
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68745
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425039
reference_id 2425039
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425039
5
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
6
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
7
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
8
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68745
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b9uq-ggy1-eyan
143
url VCID-bd8g-qrbe-23hx
vulnerability_id VCID-bd8g-qrbe-23hx
summary kernel: Linux kernel (erofs): Denial of Service via corrupted subpage compact indexes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68251.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68251.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68251
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68251
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422756
reference_id 2422756
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422756
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68251
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bd8g-qrbe-23hx
144
url VCID-beg3-c4a1-cfay
vulnerability_id VCID-beg3-c4a1-cfay
summary In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leaks and NULL deref in smb2_lock() smb2_lock() has three error handling issues after list_del() detaches smb_lock from lock_list at no_check_cl: 1) If vfs_lock_file() returns an unexpected error in the non-UNLOCK path, goto out leaks smb_lock and its flock because the out: handler only iterates lock_list and rollback_list, neither of which contains the detached smb_lock. 2) If vfs_lock_file() returns -ENOENT in the UNLOCK path, goto out leaks smb_lock and flock for the same reason. The error code returned to the dispatcher is also stale. 3) In the rollback path, smb_flock_init() can return NULL on allocation failure. The result is dereferenced unconditionally, causing a kernel NULL pointer dereference. Add a NULL check to prevent the crash and clean up the bookkeeping; the VFS lock itself cannot be rolled back without the allocation and will be released at file or connection teardown. Fix cases 1 and 2 by hoisting the locks_free_lock()/kfree() to before the if(!rc) check in the UNLOCK branch so all exit paths share one free site, and by freeing smb_lock and flock before goto out in the non-UNLOCK branch. Propagate the correct error code in both cases. Fix case 3 by wrapping the VFS unlock in an if(rlock) guard and adding a NULL check for locks_free_lock(rlock) in the shared cleanup. Found via call-graph analysis using sqry.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31477.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31477.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31477
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31477
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460681
reference_id 2460681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460681
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31477
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-beg3-c4a1-cfay
145
url VCID-bfjx-x5b3-53bg
vulnerability_id VCID-bfjx-x5b3-53bg
summary kernel: of: unittest: Fix memory leak in unittest_data_add()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23137.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23137.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23137
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03984
published_at 2026-04-21T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03908
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03922
published_at 2026-04-07T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-08T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03951
published_at 2026-04-09T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03919
published_at 2026-04-11T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-12T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03875
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03854
published_at 2026-04-16T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03864
published_at 2026-04-18T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05225
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23137
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23137
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23137
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439844
reference_id 2439844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439844
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23137
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bfjx-x5b3-53bg
146
url VCID-bkp8-m2yc-qub7
vulnerability_id VCID-bkp8-m2yc-qub7
summary kernel: cxl: Fix race of nvdimm_bus object when creating nvdimm objects
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23348.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23348.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23348
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23348
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451259
reference_id 2451259
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451259
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23348
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkp8-m2yc-qub7
147
url VCID-bpmy-u7wr-kude
vulnerability_id VCID-bpmy-u7wr-kude
summary kernel: can: mcp251x: fix deadlock in error path of mcp251x_open
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23357.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23357.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23357
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23357
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23357
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23357
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451265
reference_id 2451265
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451265
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23357
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpmy-u7wr-kude
148
url VCID-bq5a-jeg3-9ua7
vulnerability_id VCID-bq5a-jeg3-9ua7
summary kernel: nfc: pn533: properly drop the usb interface reference on disconnect
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23291.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23291.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23291
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23291
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23291
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23291
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451186
reference_id 2451186
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451186
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23291
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bq5a-jeg3-9ua7
149
url VCID-brte-gqy3-r3ax
vulnerability_id VCID-brte-gqy3-r3ax
summary In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix OOB write in QUERY_INFO for compound requests When a compound request such as READ + QUERY_INFO(Security) is received, and the first command (READ) consumes most of the response buffer, ksmbd could write beyond the allocated buffer while building a security descriptor. The root cause was that smb2_get_info_sec() checked buffer space using ppntsd_size from xattr, while build_sec_desc() often synthesized a significantly larger descriptor from POSIX ACLs. This patch introduces smb_acl_sec_desc_scratch_len() to accurately compute the final descriptor size beforehand, performs proper buffer checking with smb2_calc_max_out_buf_len(), and uses exact-sized allocation + iov pinning.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31432.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31432.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31432
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00692
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31432
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460537
reference_id 2460537
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460537
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31432
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-brte-gqy3-r3ax
150
url VCID-bv67-hyh5-j7hm
vulnerability_id VCID-bv67-hyh5-j7hm
summary kernel: Linux kernel: Denial of Service due to incorrect SVE context restoration
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23102.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23102.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23102
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03329
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.0334
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03348
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03353
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03373
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03334
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03305
published_at 2026-04-12T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0463
published_at 2026-04-24T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04475
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04444
published_at 2026-04-16T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04453
published_at 2026-04-18T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04591
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23102
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23102
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23102
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436796
reference_id 2436796
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436796
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23102
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv67-hyh5-j7hm
151
url VCID-c2me-ar1y-y7dw
vulnerability_id VCID-c2me-ar1y-y7dw
summary kernel: dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23004.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23004.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23004
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02318
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02284
published_at 2026-04-08T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02281
published_at 2026-04-07T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02305
published_at 2026-04-09T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02288
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02276
published_at 2026-04-12T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02273
published_at 2026-04-13T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02256
published_at 2026-04-16T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-18T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02358
published_at 2026-04-21T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02335
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23004
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23004
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432662
reference_id 2432662
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432662
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23004
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2me-ar1y-y7dw
152
url VCID-c42q-j659-e3gt
vulnerability_id VCID-c42q-j659-e3gt
summary kernel: Linux kernel: PCI/ASPM use-after-free during hot-unplug
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58093.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58093.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-58093
reference_id
reference_type
scores
0
value 0.00077
scoring_system epss
scoring_elements 0.23007
published_at 2026-04-02T12:55:00Z
1
value 0.00077
scoring_system epss
scoring_elements 0.23051
published_at 2026-04-04T12:55:00Z
2
value 0.00077
scoring_system epss
scoring_elements 0.22842
published_at 2026-04-07T12:55:00Z
3
value 0.00077
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-08T12:55:00Z
4
value 0.00077
scoring_system epss
scoring_elements 0.22968
published_at 2026-04-09T12:55:00Z
5
value 0.00077
scoring_system epss
scoring_elements 0.22986
published_at 2026-04-11T12:55:00Z
6
value 0.00077
scoring_system epss
scoring_elements 0.22949
published_at 2026-04-12T12:55:00Z
7
value 0.00077
scoring_system epss
scoring_elements 0.22893
published_at 2026-04-13T12:55:00Z
8
value 0.00077
scoring_system epss
scoring_elements 0.22907
published_at 2026-04-16T12:55:00Z
9
value 0.00077
scoring_system epss
scoring_elements 0.22901
published_at 2026-04-18T12:55:00Z
10
value 0.00077
scoring_system epss
scoring_elements 0.22864
published_at 2026-04-21T12:55:00Z
11
value 0.00077
scoring_system epss
scoring_elements 0.22697
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-58093
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58093
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-58093
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360287
reference_id 2360287
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360287
5
reference_url https://usn.ubuntu.com/7585-1/
reference_id USN-7585-1
reference_type
scores
url https://usn.ubuntu.com/7585-1/
6
reference_url https://usn.ubuntu.com/7585-2/
reference_id USN-7585-2
reference_type
scores
url https://usn.ubuntu.com/7585-2/
7
reference_url https://usn.ubuntu.com/7585-3/
reference_id USN-7585-3
reference_type
scores
url https://usn.ubuntu.com/7585-3/
8
reference_url https://usn.ubuntu.com/7585-4/
reference_id USN-7585-4
reference_type
scores
url https://usn.ubuntu.com/7585-4/
9
reference_url https://usn.ubuntu.com/7585-5/
reference_id USN-7585-5
reference_type
scores
url https://usn.ubuntu.com/7585-5/
10
reference_url https://usn.ubuntu.com/7585-6/
reference_id USN-7585-6
reference_type
scores
url https://usn.ubuntu.com/7585-6/
11
reference_url https://usn.ubuntu.com/7585-7/
reference_id USN-7585-7
reference_type
scores
url https://usn.ubuntu.com/7585-7/
12
reference_url https://usn.ubuntu.com/7591-1/
reference_id USN-7591-1
reference_type
scores
url https://usn.ubuntu.com/7591-1/
13
reference_url https://usn.ubuntu.com/7591-2/
reference_id USN-7591-2
reference_type
scores
url https://usn.ubuntu.com/7591-2/
14
reference_url https://usn.ubuntu.com/7591-3/
reference_id USN-7591-3
reference_type
scores
url https://usn.ubuntu.com/7591-3/
15
reference_url https://usn.ubuntu.com/7591-4/
reference_id USN-7591-4
reference_type
scores
url https://usn.ubuntu.com/7591-4/
16
reference_url https://usn.ubuntu.com/7591-5/
reference_id USN-7591-5
reference_type
scores
url https://usn.ubuntu.com/7591-5/
17
reference_url https://usn.ubuntu.com/7591-6/
reference_id USN-7591-6
reference_type
scores
url https://usn.ubuntu.com/7591-6/
18
reference_url https://usn.ubuntu.com/7592-1/
reference_id USN-7592-1
reference_type
scores
url https://usn.ubuntu.com/7592-1/
19
reference_url https://usn.ubuntu.com/7593-1/
reference_id USN-7593-1
reference_type
scores
url https://usn.ubuntu.com/7593-1/
20
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
21
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
22
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
23
reference_url https://usn.ubuntu.com/7597-1/
reference_id USN-7597-1
reference_type
scores
url https://usn.ubuntu.com/7597-1/
24
reference_url https://usn.ubuntu.com/7597-2/
reference_id USN-7597-2
reference_type
scores
url https://usn.ubuntu.com/7597-2/
25
reference_url https://usn.ubuntu.com/7598-1/
reference_id USN-7598-1
reference_type
scores
url https://usn.ubuntu.com/7598-1/
26
reference_url https://usn.ubuntu.com/7602-1/
reference_id USN-7602-1
reference_type
scores
url https://usn.ubuntu.com/7602-1/
27
reference_url https://usn.ubuntu.com/7605-1/
reference_id USN-7605-1
reference_type
scores
url https://usn.ubuntu.com/7605-1/
28
reference_url https://usn.ubuntu.com/7605-2/
reference_id USN-7605-2
reference_type
scores
url https://usn.ubuntu.com/7605-2/
29
reference_url https://usn.ubuntu.com/7606-1/
reference_id USN-7606-1
reference_type
scores
url https://usn.ubuntu.com/7606-1/
30
reference_url https://usn.ubuntu.com/7628-1/
reference_id USN-7628-1
reference_type
scores
url https://usn.ubuntu.com/7628-1/
31
reference_url https://usn.ubuntu.com/7640-1/
reference_id USN-7640-1
reference_type
scores
url https://usn.ubuntu.com/7640-1/
32
reference_url https://usn.ubuntu.com/7655-1/
reference_id USN-7655-1
reference_type
scores
url https://usn.ubuntu.com/7655-1/
33
reference_url https://usn.ubuntu.com/7703-1/
reference_id USN-7703-1
reference_type
scores
url https://usn.ubuntu.com/7703-1/
34
reference_url https://usn.ubuntu.com/7703-2/
reference_id USN-7703-2
reference_type
scores
url https://usn.ubuntu.com/7703-2/
35
reference_url https://usn.ubuntu.com/7703-3/
reference_id USN-7703-3
reference_type
scores
url https://usn.ubuntu.com/7703-3/
36
reference_url https://usn.ubuntu.com/7703-4/
reference_id USN-7703-4
reference_type
scores
url https://usn.ubuntu.com/7703-4/
37
reference_url https://usn.ubuntu.com/7719-1/
reference_id USN-7719-1
reference_type
scores
url https://usn.ubuntu.com/7719-1/
38
reference_url https://usn.ubuntu.com/7737-1/
reference_id USN-7737-1
reference_type
scores
url https://usn.ubuntu.com/7737-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-58093
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c42q-j659-e3gt
153
url VCID-c49r-knse-6bc5
vulnerability_id VCID-c49r-knse-6bc5
summary kernel: smb: client: let recv_done verify data_offset, data_length and remaining_data_length
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39933.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39933.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39933
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.0479
published_at 2026-04-12T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.0477
published_at 2026-04-13T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04723
published_at 2026-04-16T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04731
published_at 2026-04-18T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04875
published_at 2026-04-21T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04912
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39933
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39933
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39933
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401432
reference_id 2401432
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401432
5
reference_url https://access.redhat.com/errata/RHSA-2026:0759
reference_id RHSA-2026:0759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0759
6
reference_url https://access.redhat.com/errata/RHSA-2026:0760
reference_id RHSA-2026:0760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0760
7
reference_url https://access.redhat.com/errata/RHSA-2026:0793
reference_id RHSA-2026:0793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0793
8
reference_url https://access.redhat.com/errata/RHSA-2026:1727
reference_id RHSA-2026:1727
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1727
9
reference_url https://access.redhat.com/errata/RHSA-2026:2282
reference_id RHSA-2026:2282
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2282
10
reference_url https://access.redhat.com/errata/RHSA-2026:2759
reference_id RHSA-2026:2759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2759
11
reference_url https://access.redhat.com/errata/RHSA-2026:2766
reference_id RHSA-2026:2766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2766
12
reference_url https://access.redhat.com/errata/RHSA-2026:3267
reference_id RHSA-2026:3267
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3267
13
reference_url https://access.redhat.com/errata/RHSA-2026:3268
reference_id RHSA-2026:3268
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3268
14
reference_url https://access.redhat.com/errata/RHSA-2026:3277
reference_id RHSA-2026:3277
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3277
15
reference_url https://access.redhat.com/errata/RHSA-2026:3293
reference_id RHSA-2026:3293
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3293
16
reference_url https://access.redhat.com/errata/RHSA-2026:3358
reference_id RHSA-2026:3358
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3358
17
reference_url https://access.redhat.com/errata/RHSA-2026:3360
reference_id RHSA-2026:3360
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3360
18
reference_url https://access.redhat.com/errata/RHSA-2026:3375
reference_id RHSA-2026:3375
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3375
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39933
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c49r-knse-6bc5
154
url VCID-c7xf-x7d5-87gn
vulnerability_id VCID-c7xf-x7d5-87gn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31418.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31418
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31418
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457831
reference_id 2457831
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457831
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31418
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c7xf-x7d5-87gn
155
url VCID-c8mr-kkvc-akfv
vulnerability_id VCID-c8mr-kkvc-akfv
summary kernel: wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23363.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23363.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23363
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23363
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451163
reference_id 2451163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451163
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23363
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c8mr-kkvc-akfv
156
url VCID-cayc-j15f-ekdv
vulnerability_id VCID-cayc-j15f-ekdv
summary kernel: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23279.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23279.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23279
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17236
published_at 2026-04-11T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.1728
published_at 2026-04-02T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.1733
published_at 2026-04-04T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.1711
published_at 2026-04-07T12:55:00Z
4
value 0.00055
scoring_system epss
scoring_elements 0.17201
published_at 2026-04-08T12:55:00Z
5
value 0.00055
scoring_system epss
scoring_elements 0.17259
published_at 2026-04-09T12:55:00Z
6
value 0.0007
scoring_system epss
scoring_elements 0.21402
published_at 2026-04-16T12:55:00Z
7
value 0.0007
scoring_system epss
scoring_elements 0.21462
published_at 2026-04-12T12:55:00Z
8
value 0.0007
scoring_system epss
scoring_elements 0.21407
published_at 2026-04-13T12:55:00Z
9
value 0.0007
scoring_system epss
scoring_elements 0.21409
published_at 2026-04-18T12:55:00Z
10
value 0.00117
scoring_system epss
scoring_elements 0.3029
published_at 2026-04-24T12:55:00Z
11
value 0.00117
scoring_system epss
scoring_elements 0.3035
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23279
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23279
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23279
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451170
reference_id 2451170
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451170
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23279
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cayc-j15f-ekdv
157
url VCID-cepf-zr64-zyab
vulnerability_id VCID-cepf-zr64-zyab
summary kernel: Linux kernel: Denial of Service due to a race condition in gpiolib
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22986.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22986.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22986
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02412
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03008
published_at 2026-04-02T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03022
published_at 2026-04-04T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03026
published_at 2026-04-07T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03029
published_at 2026-04-08T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03054
published_at 2026-04-09T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03016
published_at 2026-04-11T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02992
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02984
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.0296
published_at 2026-04-16T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.0297
published_at 2026-04-18T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03091
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22986
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432390
reference_id 2432390
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432390
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-22986
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cepf-zr64-zyab
158
url VCID-cfms-gd2h-v7gd
vulnerability_id VCID-cfms-gd2h-v7gd
summary kernel: f2fs: fix to do sanity check on node footer for non inode dnode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40025.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40025.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40025
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07327
published_at 2026-04-08T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07272
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40025
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406715
reference_id 2406715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406715
5
reference_url https://usn.ubuntu.com/7906-1/
reference_id USN-7906-1
reference_type
scores
url https://usn.ubuntu.com/7906-1/
6
reference_url https://usn.ubuntu.com/7906-2/
reference_id USN-7906-2
reference_type
scores
url https://usn.ubuntu.com/7906-2/
7
reference_url https://usn.ubuntu.com/7906-3/
reference_id USN-7906-3
reference_type
scores
url https://usn.ubuntu.com/7906-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40025
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cfms-gd2h-v7gd
159
url VCID-chgp-ama8-5ycb
vulnerability_id VCID-chgp-ama8-5ycb
summary In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, esp_output_tail_tcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packet for us. With async crypto (esp_output_done), we need to drop the skb when esp_output_tail_tcp returns an error.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31518.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31518.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31518
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31518
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31518
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460653
reference_id 2460653
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460653
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31518
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-chgp-ama8-5ycb
160
url VCID-cjnk-7asz-zuhp
vulnerability_id VCID-cjnk-7asz-zuhp
summary kernel: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23383.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23383.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23383
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02338
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02267
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02359
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02287
published_at 2026-04-08T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02285
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02309
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02292
published_at 2026-04-11T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.0228
published_at 2026-04-12T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02277
published_at 2026-04-13T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.0226
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23383
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451206
reference_id 2451206
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451206
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23383
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjnk-7asz-zuhp
161
url VCID-cpg7-6nst-gkfn
vulnerability_id VCID-cpg7-6nst-gkfn
summary kernel: Linux kernel: Denial of Service via deadlock in block layer sysfs store callbacks
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71117.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71117.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71117
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03008
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03022
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03026
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03029
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03054
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03016
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02992
published_at 2026-04-12T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02984
published_at 2026-04-13T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.0296
published_at 2026-04-16T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.0297
published_at 2026-04-18T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03091
published_at 2026-04-21T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.03087
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71117
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2429589
reference_id 2429589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2429589
4
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
5
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
6
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
7
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71117
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cpg7-6nst-gkfn
162
url VCID-cqrs-uu2s-affj
vulnerability_id VCID-cqrs-uu2s-affj
summary kernel: scsi: pm8001: Fix use-after-free in pm8001_queue_command()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23306.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23306.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23306
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23306
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451240
reference_id 2451240
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451240
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23306
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cqrs-uu2s-affj
163
url VCID-cubf-xau2-hbfv
vulnerability_id VCID-cubf-xau2-hbfv
summary In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: [ 413.361679] WARNING: drivers/gpu/drm/xe/xe_vm.c:1217 at vm_bind_ioctl_ops_unwind+0x1e2/0x2e0 [xe], CPU#7: vkd3d_queue/9925 [ 413.361944] CPU: 7 UID: 1000 PID: 9925 Comm: vkd3d_queue Kdump: loaded Not tainted 7.0.0-070000rc3-generic #202603090038 PREEMPT(lazy) [ 413.361949] RIP: 0010:vm_bind_ioctl_ops_unwind+0x1e2/0x2e0 [xe] [ 413.362074] RSP: 0018:ffffd4c25c3df930 EFLAGS: 00010282 [ 413.362077] RAX: 0000000000000000 RBX: ffff8f3ee817ed10 RCX: 0000000000000000 [ 413.362078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 413.362079] RBP: ffffd4c25c3df980 R08: 0000000000000000 R09: 0000000000000000 [ 413.362081] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8f41fbf99380 [ 413.362082] R13: ffff8f3ee817e968 R14: 00000000ffffffef R15: ffff8f43d00bd380 [ 413.362083] FS: 00000001040ff6c0(0000) GS:ffff8f4696d89000(0000) knlGS:00000000330b0000 [ 413.362085] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 413.362086] CR2: 00007ddfc4747000 CR3: 00000002e6262005 CR4: 0000000000f72ef0 [ 413.362088] PKRU: 55555554 [ 413.362089] Call Trace: [ 413.362092] <TASK> [ 413.362096] xe_vm_bind_ioctl+0xa9a/0xc60 [xe] Which seems to hint that the vma we are re-inserting for the ops unwind is either invalid or overlapping with something already inserted in the vm. It shouldn't be invalid since this is a re-insertion, so must have worked before. Leaving the likely culprit as something already placed where we want to insert the vma. Following from that, for the case where we do something like a rebind in the middle of a vma, and one or both mapped ends are already compatible, we skip doing the rebind of those vma and set next/prev to NULL. As well as then adjust the original unmap va range, to avoid unmapping the ends. However, if we trigger the unwind path, we end up with three va, with the two ends never being removed and the original va range in the middle still being the shrunken size. If this occurs, one failure mode is when another unwind op needs to interact with that range, which can happen with a vector of binds. For example, if we need to re-insert something in place of the original va. In this case the va is still the shrunken version, so when removing it and then doing a re-insert it can overlap with the ends, which were never removed, triggering a warning like above, plus leaving the vm in a bad state. With that, we need two things here: 1) Stop nuking the prev/next tracking for the skip cases. Instead relying on checking for skip prev/next, where needed. That way on the unwind path, we now correctly remove both ends. 2) Undo the unmap va shrinkage, on the unwind path. With the two ends now removed the unmap va should expand back to the original size again, before re-insertion. v2: - Update the explanation in the commit message, based on an actual IGT of triggering this issue, rather than conjecture. - Also undo the unmap shrinkage, for the skip case. With the two ends now removed, the original unmap va range should expand back to the original range. v3: - Track the old start/range separately. vma_size/start() uses the va info directly. (cherry picked from commit aec6969f75afbf4e01fd5fb5850ed3e9c27043ac)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31479.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31479.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31479
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31479
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460699
reference_id 2460699
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460699
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31479
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cubf-xau2-hbfv
164
url VCID-cv97-j139-vbfz
vulnerability_id VCID-cv97-j139-vbfz
summary In the Linux kernel, the following vulnerability has been resolved: ext4: convert inline data to extents when truncate exceeds inline size Add a check in ext4_setattr() to convert files from inline data storage to extent-based storage when truncate() grows the file size beyond the inline capacity. This prevents the filesystem from entering an inconsistent state where the inline data flag is set but the file size exceeds what can be stored inline. Without this fix, the following sequence causes a kernel BUG_ON(): 1. Mount filesystem with inode that has inline flag set and small size 2. truncate(file, 50MB) - grows size but inline flag remains set 3. sendfile() attempts to write data 4. ext4_write_inline_data() hits BUG_ON(write_size > inline_capacity) The crash occurs because ext4_write_inline_data() expects inline storage to accommodate the write, but the actual inline capacity (~60 bytes for i_block + ~96 bytes for xattrs) is far smaller than the file size and write request. The fix checks if the new size from setattr exceeds the inode's actual inline capacity (EXT4_I(inode)->i_inline_size) and converts the file to extent-based storage before proceeding with the size change. This addresses the root cause by ensuring the inline data flag and file size remain consistent during truncate operations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31452.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31452
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31452
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31452
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460722
reference_id 2460722
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460722
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31452
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cv97-j139-vbfz
165
url VCID-cwd1-xgzd-xyb5
vulnerability_id VCID-cwd1-xgzd-xyb5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23417.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23417.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23417
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04389
published_at 2026-04-02T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10185
published_at 2026-04-24T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10206
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23417
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132622
reference_id 1132622
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132622
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454315
reference_id 2454315
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454315
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
aliases CVE-2026-23417
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwd1-xgzd-xyb5
166
url VCID-cwk5-n1mq-kkd2
vulnerability_id VCID-cwk5-n1mq-kkd2
summary In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' match() callback is called without the device lock held, thus accessing the driver_override field without a lock, which can cause a UAF. Fix this by using the driver-core driver_override infrastructure taking care of proper locking internally. Note that calling match() from __driver_attach() without the device lock held is intentional. [1]
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31527.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31527
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31527
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31527
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31527
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460682
reference_id 2460682
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460682
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31527
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwk5-n1mq-kkd2
167
url VCID-cyj2-3f68-23cy
vulnerability_id VCID-cyj2-3f68-23cy
summary In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs process_bpf_exit_full() passes check_lock = !curframe to check_resource_leak(), which is false in cases when bpf_throw() is called from a static subprog. This makes check_resource_leak() to skip validation of active_rcu_locks, active_preempt_locks, and active_irq_id on exception exits from subprogs. At runtime bpf_throw() unwinds the stack via ORC without releasing any user-acquired locks, which may cause various issues as the result. Fix by setting check_lock = true for exception exits regardless of curframe, since exceptions bypass all intermediate frame cleanup. Update the error message prefix to "bpf_throw" for exception exits to distinguish them from normal BPF_EXIT. Fix reject_subprog_with_rcu_read_lock test which was previously passing for the wrong reason. Test program returned directly from the subprog call without closing the RCU section, so the error was triggered by the unclosed RCU lock on normal exit, not by bpf_throw. Update __msg annotations for affected tests to match the new "bpf_throw" error prefix. The spin_lock case is not affected because they are already checked [1] at the call site in do_check_insn() before bpf_throw can run. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/kernel/bpf/verifier.c?h=v7.0-rc4#n21098
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31526.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31526.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31526
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31526
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460702
reference_id 2460702
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460702
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31526
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cyj2-3f68-23cy
168
url VCID-d4u6-bzuu-dubz
vulnerability_id VCID-d4u6-bzuu-dubz
summary kernel: dmaengine: lpc18xx-dmamux: fix device leak on route allocation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71188.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71188.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71188
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00534
published_at 2026-04-07T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.00531
published_at 2026-04-08T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00543
published_at 2026-04-02T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00536
published_at 2026-04-04T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.0072
published_at 2026-04-13T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00724
published_at 2026-04-18T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00765
published_at 2026-04-21T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00763
published_at 2026-04-24T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.0073
published_at 2026-04-09T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00725
published_at 2026-04-11T12:55:00Z
10
value 8e-05
scoring_system epss
scoring_elements 0.00719
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71188
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71188
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71188
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2435660
reference_id 2435660
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2435660
5
reference_url https://usn.ubuntu.com/8162-1/
reference_id USN-8162-1
reference_type
scores
url https://usn.ubuntu.com/8162-1/
6
reference_url https://usn.ubuntu.com/8180-1/
reference_id USN-8180-1
reference_type
scores
url https://usn.ubuntu.com/8180-1/
7
reference_url https://usn.ubuntu.com/8180-2/
reference_id USN-8180-2
reference_type
scores
url https://usn.ubuntu.com/8180-2/
8
reference_url https://usn.ubuntu.com/8180-3/
reference_id USN-8180-3
reference_type
scores
url https://usn.ubuntu.com/8180-3/
9
reference_url https://usn.ubuntu.com/8180-4/
reference_id USN-8180-4
reference_type
scores
url https://usn.ubuntu.com/8180-4/
10
reference_url https://usn.ubuntu.com/8180-5/
reference_id USN-8180-5
reference_type
scores
url https://usn.ubuntu.com/8180-5/
11
reference_url https://usn.ubuntu.com/8186-1/
reference_id USN-8186-1
reference_type
scores
url https://usn.ubuntu.com/8186-1/
12
reference_url https://usn.ubuntu.com/8187-1/
reference_id USN-8187-1
reference_type
scores
url https://usn.ubuntu.com/8187-1/
13
reference_url https://usn.ubuntu.com/8188-1/
reference_id USN-8188-1
reference_type
scores
url https://usn.ubuntu.com/8188-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71188
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4u6-bzuu-dubz
169
url VCID-d8tr-usd8-6yca
vulnerability_id VCID-d8tr-usd8-6yca
summary kernel: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40219.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40219.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40219
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16694
published_at 2026-04-02T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16755
published_at 2026-04-04T12:55:00Z
2
value 0.00068
scoring_system epss
scoring_elements 0.21111
published_at 2026-04-09T12:55:00Z
3
value 0.00068
scoring_system epss
scoring_elements 0.21121
published_at 2026-04-11T12:55:00Z
4
value 0.00068
scoring_system epss
scoring_elements 0.21077
published_at 2026-04-12T12:55:00Z
5
value 0.00068
scoring_system epss
scoring_elements 0.21025
published_at 2026-04-13T12:55:00Z
6
value 0.00068
scoring_system epss
scoring_elements 0.21015
published_at 2026-04-16T12:55:00Z
7
value 0.00068
scoring_system epss
scoring_elements 0.21026
published_at 2026-04-18T12:55:00Z
8
value 0.00068
scoring_system epss
scoring_elements 0.21004
published_at 2026-04-21T12:55:00Z
9
value 0.00068
scoring_system epss
scoring_elements 0.20877
published_at 2026-04-24T12:55:00Z
10
value 0.00068
scoring_system epss
scoring_elements 0.20969
published_at 2026-04-07T12:55:00Z
11
value 0.00068
scoring_system epss
scoring_elements 0.2105
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40219
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40219
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40219
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418804
reference_id 2418804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418804
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8033-1/
reference_id USN-8033-1
reference_type
scores
url https://usn.ubuntu.com/8033-1/
10
reference_url https://usn.ubuntu.com/8033-2/
reference_id USN-8033-2
reference_type
scores
url https://usn.ubuntu.com/8033-2/
11
reference_url https://usn.ubuntu.com/8033-3/
reference_id USN-8033-3
reference_type
scores
url https://usn.ubuntu.com/8033-3/
12
reference_url https://usn.ubuntu.com/8033-4/
reference_id USN-8033-4
reference_type
scores
url https://usn.ubuntu.com/8033-4/
13
reference_url https://usn.ubuntu.com/8033-5/
reference_id USN-8033-5
reference_type
scores
url https://usn.ubuntu.com/8033-5/
14
reference_url https://usn.ubuntu.com/8033-6/
reference_id USN-8033-6
reference_type
scores
url https://usn.ubuntu.com/8033-6/
15
reference_url https://usn.ubuntu.com/8033-7/
reference_id USN-8033-7
reference_type
scores
url https://usn.ubuntu.com/8033-7/
16
reference_url https://usn.ubuntu.com/8033-8/
reference_id USN-8033-8
reference_type
scores
url https://usn.ubuntu.com/8033-8/
17
reference_url https://usn.ubuntu.com/8034-1/
reference_id USN-8034-1
reference_type
scores
url https://usn.ubuntu.com/8034-1/
18
reference_url https://usn.ubuntu.com/8034-2/
reference_id USN-8034-2
reference_type
scores
url https://usn.ubuntu.com/8034-2/
19
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
20
reference_url https://usn.ubuntu.com/8095-1/
reference_id USN-8095-1
reference_type
scores
url https://usn.ubuntu.com/8095-1/
21
reference_url https://usn.ubuntu.com/8095-2/
reference_id USN-8095-2
reference_type
scores
url https://usn.ubuntu.com/8095-2/
22
reference_url https://usn.ubuntu.com/8095-3/
reference_id USN-8095-3
reference_type
scores
url https://usn.ubuntu.com/8095-3/
23
reference_url https://usn.ubuntu.com/8095-4/
reference_id USN-8095-4
reference_type
scores
url https://usn.ubuntu.com/8095-4/
24
reference_url https://usn.ubuntu.com/8095-5/
reference_id USN-8095-5
reference_type
scores
url https://usn.ubuntu.com/8095-5/
25
reference_url https://usn.ubuntu.com/8100-1/
reference_id USN-8100-1
reference_type
scores
url https://usn.ubuntu.com/8100-1/
26
reference_url https://usn.ubuntu.com/8125-1/
reference_id USN-8125-1
reference_type
scores
url https://usn.ubuntu.com/8125-1/
27
reference_url https://usn.ubuntu.com/8126-1/
reference_id USN-8126-1
reference_type
scores
url https://usn.ubuntu.com/8126-1/
28
reference_url https://usn.ubuntu.com/8141-1/
reference_id USN-8141-1
reference_type
scores
url https://usn.ubuntu.com/8141-1/
29
reference_url https://usn.ubuntu.com/8163-1/
reference_id USN-8163-1
reference_type
scores
url https://usn.ubuntu.com/8163-1/
30
reference_url https://usn.ubuntu.com/8163-2/
reference_id USN-8163-2
reference_type
scores
url https://usn.ubuntu.com/8163-2/
31
reference_url https://usn.ubuntu.com/8165-1/
reference_id USN-8165-1
reference_type
scores
url https://usn.ubuntu.com/8165-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40219
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d8tr-usd8-6yca
170
url VCID-dgr2-7fpq-4bgv
vulnerability_id VCID-dgr2-7fpq-4bgv
summary In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFS_ROOT_ORPHAN_CLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Jan 23 16:48 .. d????????? ? ? ? ? ? broken_subvol and similarly stat-ing the file fails. In this state, deleting the subvol fails with ENOENT, but attempting to create a new file or subvol over it errors out with EEXIST and even aborts the fs. Which leaves us a bit stuck. dmesg contains a single notable error message reading: "could not do orphan cleanup -2" 2 is ENOENT and the error comes from the failure handling path of btrfs_orphan_cleanup(), with the stack leading back up to btrfs_lookup(). btrfs_lookup btrfs_lookup_dentry btrfs_orphan_cleanup // prints that message and returns -ENOENT After some detailed inspection of the internal state, it became clear that: - there are no orphan items for the subvol - the subvol is otherwise healthy looking, it is not half-deleted or anything, there is no drop progress, etc. - the subvol was created a while ago and does the meaningful first btrfs_orphan_cleanup() call that sets BTRFS_ROOT_ORPHAN_CLEANUP much later. - after btrfs_orphan_cleanup() fails, btrfs_lookup_dentry() returns -ENOENT, which results in a negative dentry for the subvolume via d_splice_alias(NULL, dentry), leading to the observed behavior. The bug can be mitigated by dropping the dentry cache, at which point we can successfully delete the subvolume if we want. i.e., btrfs_lookup() btrfs_lookup_dentry() if (!sb_rdonly(inode->vfs_inode)->vfs_inode) btrfs_orphan_cleanup(sub_root) test_and_set_bit(BTRFS_ROOT_ORPHAN_CLEANUP) btrfs_search_slot() // finds orphan item for inode N ... prints "could not do orphan cleanup -2" if (inode == ERR_PTR(-ENOENT)) inode = NULL; return d_splice_alias(NULL, dentry) // NEGATIVE DENTRY for valid subvolume btrfs_orphan_cleanup() does test_and_set_bit(BTRFS_ROOT_ORPHAN_CLEANUP) on the root when it runs, so it cannot run more than once on a given root, so something else must run concurrently. However, the obvious routes to deleting an orphan when nlinks goes to 0 should not be able to run without first doing a lookup into the subvolume, which should run btrfs_orphan_cleanup() and set the bit. The final important observation is that create_subvol() calls d_instantiate_new() but does not set BTRFS_ROOT_ORPHAN_CLEANUP, so if the dentry cache gets dropped, the next lookup into the subvolume will make a real call into btrfs_orphan_cleanup() for the first time. This opens up the possibility of concurrently deleting the inode/orphan items but most typical evict() paths will be holding a reference on the parent dentry (child dentry holds parent->d_lockref.count via dget in d_alloc(), released in __dentry_kill()) and prevent the parent from being removed from the dentry cache. The one exception is delayed iputs. Ordered extent creation calls igrab() on the inode. If the file is unlinked and closed while those refs are held, iput() in __dentry_kill() decrements i_count but does not trigger eviction (i_count > 0). The child dentry is freed and the subvol dentry's d_lockref.count drops to 0, making it evictable while the inode is still alive. Since there are two races (the race between writeback and unlink and the race between lookup and delayed iputs), and there are too many moving parts, the following three diagrams show the complete picture. (Only the second and third are races) Phase 1: Create Subvol in dentry cache without BTRFS_ROOT_ORPHAN_CLEANUP set btrfs_mksubvol() lookup_one_len() __lookup_slow() d_alloc_parallel() __d_alloc() // d_lockref.count = 1 create_subvol(dentry) // doesn't touch the bit.. d_instantiate_new(dentry, inode) // dentry in cache with d_lockref.c ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31519.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31519.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31519
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31519
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31519
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460617
reference_id 2460617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460617
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31519
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgr2-7fpq-4bgv
171
url VCID-dq8r-defv-hbg6
vulnerability_id VCID-dq8r-defv-hbg6
summary kernel: nvme: memory corruption via unprivileged user passthrough
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6238.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6238.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-6238
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03058
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02981
published_at 2026-04-02T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.02742
published_at 2026-04-16T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02754
published_at 2026-04-18T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03063
published_at 2026-04-21T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02996
published_at 2026-04-04T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02785
published_at 2026-04-07T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02789
published_at 2026-04-08T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02809
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.0278
published_at 2026-04-11T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.02761
published_at 2026-04-12T12:55:00Z
11
value 0.00015
scoring_system epss
scoring_elements 0.02757
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-6238
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2250834
reference_id 2250834
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:22Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2250834
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
8
reference_url https://access.redhat.com/security/cve/CVE-2023-6238
reference_id CVE-2023-6238
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:15:22Z/
url https://access.redhat.com/security/cve/CVE-2023-6238
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
3
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
4
url pkg:deb/debian/linux@6.19.13-1
purl pkg:deb/debian/linux@6.19.13-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.13-1
5
url pkg:deb/debian/linux@7.0-1~exp1
purl pkg:deb/debian/linux@7.0-1~exp1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@7.0-1~exp1
aliases CVE-2023-6238
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dq8r-defv-hbg6
172
url VCID-dsrd-nv6n-5ygq
vulnerability_id VCID-dsrd-nv6n-5ygq
summary kernel: scsi: core: Fix refcount leak for tagset_refcnt
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23296.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23296.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23296
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23296
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23296
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451174
reference_id 2451174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451174
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23296
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dsrd-nv6n-5ygq
173
url VCID-dxt9-x347-pufy
vulnerability_id VCID-dxt9-x347-pufy
summary kernel: idpf: Fix RSS LUT NULL pointer crash on early ethtool operations
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22985.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22985.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22985
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04239
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04259
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.0427
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04301
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04317
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04309
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04295
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22985
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432381
reference_id 2432381
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432381
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-22985
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dxt9-x347-pufy
174
url VCID-dykz-252m-jkcu
vulnerability_id VCID-dykz-252m-jkcu
summary In the Linux kernel, the following vulnerability has been resolved: hwmon: (pmbus/core) Protect regulator operations with mutex The regulator operations pmbus_regulator_get_voltage(), pmbus_regulator_set_voltage(), and pmbus_regulator_list_voltage() access PMBus registers and shared data but were not protected by the update_lock mutex. This could lead to race conditions. However, adding mutex protection directly to these functions causes a deadlock because pmbus_regulator_notify() (which calls regulator_notifier_call_chain()) is often called with the mutex already held (e.g., from pmbus_fault_handler()). If a regulator callback then calls one of the now-protected voltage functions, it will attempt to acquire the same mutex. Rework pmbus_regulator_notify() to utilize a worker function to send notifications outside of the mutex protection. Events are stored as atomics in a per-page bitmask and processed by the worker. Initialize the worker and its associated data during regulator registration, and ensure it is cancelled on device removal using devm_add_action_or_reset(). While at it, remove the unnecessary include of linux/of.h.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31486.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31486.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31486
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31486
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31486
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31486
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460708
reference_id 2460708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460708
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31486
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dykz-252m-jkcu
175
url VCID-e8ky-fyhz-dqhc
vulnerability_id VCID-e8ky-fyhz-dqhc
summary In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() A malicious or compromised VIO server can return a num_written value in the discover targets MAD response that exceeds max_targets. This value is stored directly in vhost->num_targets without validation, and is then used as the loop bound in ibmvfc_alloc_targets() to index into disc_buf[], which is only allocated for max_targets entries. Indices at or beyond max_targets access kernel memory outside the DMA-coherent allocation. The out-of-bounds data is subsequently embedded in Implicit Logout and PLOGI MADs that are sent back to the VIO server, leaking kernel memory. Fix by clamping num_written to max_targets before storing it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31464.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31464.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31464
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31464
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31464
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31464
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460715
reference_id 2460715
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460715
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31464
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e8ky-fyhz-dqhc
176
url VCID-ecc5-64vs-ekgr
vulnerability_id VCID-ecc5-64vs-ekgr
summary In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31391.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31391.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31391
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31391
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31391
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31391
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454855
reference_id 2454855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454855
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31391
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecc5-64vs-ekgr
177
url VCID-ed3p-sm1w-33am
vulnerability_id VCID-ed3p-sm1w-33am
summary kernel: net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23293.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23293.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23293
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23293
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23293
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23293
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451191
reference_id 2451191
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451191
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23293
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ed3p-sm1w-33am
178
url VCID-edst-7exd-zud8
vulnerability_id VCID-edst-7exd-zud8
summary kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40168.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40168.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40168
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05455
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05415
published_at 2026-04-11T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05402
published_at 2026-04-12T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05395
published_at 2026-04-13T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05344
published_at 2026-04-16T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05346
published_at 2026-04-18T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05509
published_at 2026-04-21T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40168
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40168
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40168
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414482
reference_id 2414482
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414482
5
reference_url https://access.redhat.com/errata/RHSA-2026:2720
reference_id RHSA-2026:2720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2720
6
reference_url https://access.redhat.com/errata/RHSA-2026:2821
reference_id RHSA-2026:2821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2821
7
reference_url https://access.redhat.com/errata/RHSA-2026:3275
reference_id RHSA-2026:3275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3275
8
reference_url https://access.redhat.com/errata/RHSA-2026:3488
reference_id RHSA-2026:3488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3488
9
reference_url https://access.redhat.com/errata/RHSA-2026:4111
reference_id RHSA-2026:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4111
10
reference_url https://access.redhat.com/errata/RHSA-2026:6954
reference_id RHSA-2026:6954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6954
11
reference_url https://access.redhat.com/errata/RHSA-2026:9513
reference_id RHSA-2026:9513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9513
12
reference_url https://access.redhat.com/errata/RHSA-2026:9514
reference_id RHSA-2026:9514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9514
13
reference_url https://access.redhat.com/errata/RHSA-2026:9643
reference_id RHSA-2026:9643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9643
14
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
15
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
16
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
17
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
18
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40168
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-edst-7exd-zud8
179
url VCID-es8r-wvmz-gfe6
vulnerability_id VCID-es8r-wvmz-gfe6
summary kernel: net/sched: Fix backlog accounting in qdisc_dequeue_internal
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39677.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39677.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39677
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05227
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05259
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05284
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.0532
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05342
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.0531
published_at 2026-04-11T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39677
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39677
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39677
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2393536
reference_id 2393536
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2393536
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39677
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-es8r-wvmz-gfe6
180
url VCID-ex4p-ftap-h7fe
vulnerability_id VCID-ex4p-ftap-h7fe
summary kernel: net: annotate data-races around sk->sk_{data_ready,write_space}
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23302.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23302
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23302
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451200
reference_id 2451200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451200
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23302
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ex4p-ftap-h7fe
181
url VCID-ex8u-z3r8-cycq
vulnerability_id VCID-ex8u-z3r8-cycq
summary In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths __in6_dev_get() can return NULL when the device has no IPv6 configuration (e.g. MTU < IPV6_MIN_MTU or after NETDEV_UNREGISTER). Add NULL checks for idev returned by __in6_dev_get() in both seg6_hmac_validate_skb() and ipv6_srh_rcv() to prevent potential NULL pointer dereferences.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23442.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23442.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23442
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02176
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04801
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04818
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04856
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06675
published_at 2026-04-21T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23442
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23442
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23442
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454807
reference_id 2454807
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454807
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23442
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ex8u-z3r8-cycq
182
url VCID-exhn-kypt-2fbd
vulnerability_id VCID-exhn-kypt-2fbd
summary kernel: jfs: fix array-index-out-of-bounds read in add_missing_indices
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38204.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38204.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38204
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.0571
published_at 2026-04-24T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05492
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05527
published_at 2026-04-04T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05526
published_at 2026-04-07T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05563
published_at 2026-04-08T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05586
published_at 2026-04-09T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.0556
published_at 2026-04-11T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05547
published_at 2026-04-12T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05539
published_at 2026-04-13T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05489
published_at 2026-04-16T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.055
published_at 2026-04-18T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05675
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38204
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38204
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38204
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376408
reference_id 2376408
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376408
5
reference_url https://usn.ubuntu.com/7774-1/
reference_id USN-7774-1
reference_type
scores
url https://usn.ubuntu.com/7774-1/
6
reference_url https://usn.ubuntu.com/7774-2/
reference_id USN-7774-2
reference_type
scores
url https://usn.ubuntu.com/7774-2/
7
reference_url https://usn.ubuntu.com/7774-3/
reference_id USN-7774-3
reference_type
scores
url https://usn.ubuntu.com/7774-3/
8
reference_url https://usn.ubuntu.com/7774-4/
reference_id USN-7774-4
reference_type
scores
url https://usn.ubuntu.com/7774-4/
9
reference_url https://usn.ubuntu.com/7774-5/
reference_id USN-7774-5
reference_type
scores
url https://usn.ubuntu.com/7774-5/
10
reference_url https://usn.ubuntu.com/7775-1/
reference_id USN-7775-1
reference_type
scores
url https://usn.ubuntu.com/7775-1/
11
reference_url https://usn.ubuntu.com/7775-2/
reference_id USN-7775-2
reference_type
scores
url https://usn.ubuntu.com/7775-2/
12
reference_url https://usn.ubuntu.com/7775-3/
reference_id USN-7775-3
reference_type
scores
url https://usn.ubuntu.com/7775-3/
13
reference_url https://usn.ubuntu.com/7776-1/
reference_id USN-7776-1
reference_type
scores
url https://usn.ubuntu.com/7776-1/
14
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
15
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
16
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
17
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
18
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
19
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38204
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exhn-kypt-2fbd
183
url VCID-exkr-nw4y-guf2
vulnerability_id VCID-exkr-nw4y-guf2
summary kernel: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31406.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31406.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31406
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01037
published_at 2026-04-13T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01032
published_at 2026-04-16T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01041
published_at 2026-04-18T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01102
published_at 2026-04-24T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.0066
published_at 2026-04-11T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00669
published_at 2026-04-07T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00668
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31406
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455332
reference_id 2455332
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455332
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
aliases CVE-2026-31406
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exkr-nw4y-guf2
184
url VCID-ezn1-bgny-1qdv
vulnerability_id VCID-ezn1-bgny-1qdv
summary kernel: io_uring/rw: free potentially allocated iovec on cache put failure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23259.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23259.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23259
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0653
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0652
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.0657
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06614
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06607
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-13T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06516
published_at 2026-04-16T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06523
published_at 2026-04-18T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06599
published_at 2026-04-12T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07389
published_at 2026-04-21T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07349
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23259
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448689
reference_id 2448689
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448689
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23259
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezn1-bgny-1qdv
185
url VCID-f3sv-pbfs-cqcc
vulnerability_id VCID-f3sv-pbfs-cqcc
summary kernel: um: work around sched_yield not yielding in time-travel mode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37880.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37880.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37880
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19201
published_at 2026-04-02T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19254
published_at 2026-04-04T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.18969
published_at 2026-04-07T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19049
published_at 2026-04-08T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19103
published_at 2026-04-09T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19109
published_at 2026-04-11T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19062
published_at 2026-04-12T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.1901
published_at 2026-04-13T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.18965
published_at 2026-04-16T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.18978
published_at 2026-04-18T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.18983
published_at 2026-04-21T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.18876
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37880
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-37880
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-37880
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2365244
reference_id 2365244
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2365244
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-37880
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f3sv-pbfs-cqcc
186
url VCID-f66d-p3w8-eqfs
vulnerability_id VCID-f66d-p3w8-eqfs
summary In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk_pud_range() can race with a concurrent thread refaulting the PUD leaf entry causing it to try walking a PMD range that has disappeared. An example and reproduction of this is to try reading numa_maps of a process while VFIO-PCI is setting up DMA (specifically the vfio_pin_pages_remote call) on a large BAR for that process. This will trigger a kernel BUG: vfio-pci 0000:03:00.0: enabling device (0000 -> 0002) BUG: unable to handle page fault for address: ffffa23980000000 PGD 0 P4D 0 Oops: Oops: 0000 [#1] SMP NOPTI ... RIP: 0010:walk_pgd_range+0x3b5/0x7a0 Code: 8d 43 ff 48 89 44 24 28 4d 89 ce 4d 8d a7 00 00 20 00 48 8b 4c 24 28 49 81 e4 00 00 e0 ff 49 8d 44 24 ff 48 39 c8 4c 0f 43 e3 <49> f7 06 9f ff ff ff 75 3b 48 8b 44 24 20 48 8b 40 28 48 85 c0 74 RSP: 0018:ffffac23e1ecf808 EFLAGS: 00010287 RAX: 00007f44c01fffff RBX: 00007f4500000000 RCX: 00007f44ffffffff RDX: 0000000000000000 RSI: 000ffffffffff000 RDI: ffffffff93378fe0 RBP: ffffac23e1ecf918 R08: 0000000000000004 R09: ffffa23980000000 R10: 0000000000000020 R11: 0000000000000004 R12: 00007f44c0200000 R13: 00007f44c0000000 R14: ffffa23980000000 R15: 00007f44c0000000 FS: 00007fe884739580(0000) GS:ffff9b7d7a9c0000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffa23980000000 CR3: 000000c0650e2005 CR4: 0000000000770ef0 PKRU: 55555554 Call Trace: <TASK> __walk_page_range+0x195/0x1b0 walk_page_vma+0x62/0xc0 show_numa_map+0x12b/0x3b0 seq_read_iter+0x297/0x440 seq_read+0x11d/0x140 vfs_read+0xc2/0x340 ksys_read+0x5f/0xe0 do_syscall_64+0x68/0x130 ? get_page_from_freelist+0x5c2/0x17e0 ? mas_store_prealloc+0x17e/0x360 ? vma_set_page_prot+0x4c/0xa0 ? __alloc_pages_noprof+0x14e/0x2d0 ? __mod_memcg_lruvec_state+0x8d/0x140 ? __lruvec_stat_mod_folio+0x76/0xb0 ? __folio_mod_stat+0x26/0x80 ? do_anonymous_page+0x705/0x900 ? __handle_mm_fault+0xa8d/0x1000 ? __count_memcg_events+0x53/0xf0 ? handle_mm_fault+0xa5/0x360 ? do_user_addr_fault+0x342/0x640 ? arch_exit_to_user_mode_prepare.constprop.0+0x16/0xa0 ? irqentry_exit_to_user_mode+0x24/0x100 entry_SYSCALL_64_after_hwframe+0x76/0x7e RIP: 0033:0x7fe88464f47e Code: c0 e9 b6 fe ff ff 50 48 8d 3d be 07 0b 00 e8 69 01 02 00 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 66 0f 1f 84 00 00 00 00 00 48 83 ec 28 RSP: 002b:00007ffe6cd9a9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007fe88464f47e RDX: 0000000000020000 RSI: 00007fe884543000 RDI: 0000000000000003 RBP: 00007fe884543000 R08: 00007fe884542010 R09: 0000000000000000 R10: fffffffffffffbc5 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000 </TASK> Fix this by validating the PUD entry in walk_pmd_range() using a stable snapshot (pudp_get()). If the PUD is not present or is a leaf, retry the walk via ACTION_AGAIN instead of descending further. This mirrors the retry logic in walk_pte_range(), which lets walk_pmd_range() retry if the PTE is not being got by pte_offset_map_lock().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31456.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31456
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31456
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460649
reference_id 2460649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460649
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31456
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f66d-p3w8-eqfs
187
url VCID-f76c-qhke-3bag
vulnerability_id VCID-f76c-qhke-3bag
summary kernel: can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23307.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23307.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23307
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.11002
published_at 2026-04-02T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11064
published_at 2026-04-04T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.10887
published_at 2026-04-07T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.10963
published_at 2026-04-08T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.11016
published_at 2026-04-09T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.1102
published_at 2026-04-11T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.10988
published_at 2026-04-12T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.10965
published_at 2026-04-13T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.10829
published_at 2026-04-16T12:55:00Z
9
value 0.00037
scoring_system epss
scoring_elements 0.10843
published_at 2026-04-18T12:55:00Z
10
value 0.00037
scoring_system epss
scoring_elements 0.10962
published_at 2026-04-21T12:55:00Z
11
value 0.00037
scoring_system epss
scoring_elements 0.10917
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23307
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23307
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23307
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451195
reference_id 2451195
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451195
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23307
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f76c-qhke-3bag
188
url VCID-f892-ybkq-kbd7
vulnerability_id VCID-f892-ybkq-kbd7
summary In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize free_qp completion before using it In irdma_create_qp, if ib_copy_to_udata fails, it will call irdma_destroy_qp to clean up which will attempt to wait on the free_qp completion, which is not initialized yet. Fix this by initializing the completion before the ib_copy_to_udata call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31492.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31492.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31492
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31492
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460663
reference_id 2460663
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460663
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31492
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f892-ybkq-kbd7
189
url VCID-ffdb-88yu-3be1
vulnerability_id VCID-ffdb-88yu-3be1
summary kernel: drbd: fix "LOGIC BUG" in drbd_al_begin_io_nonblock()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23356.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23356.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23356
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23356
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23356
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23356
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451196
reference_id 2451196
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451196
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23356
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ffdb-88yu-3be1
190
url VCID-fq82-zz54-kuc6
vulnerability_id VCID-fq82-zz54-kuc6
summary kernel: Linux kernel: Denial of Service in mac80211 Wi-Fi due to out-of-bounds write
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23246.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23246.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23246
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05751
published_at 2026-04-24T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05524
published_at 2026-04-07T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05717
published_at 2026-04-21T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06446
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06489
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06484
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06478
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06467
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06403
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06412
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23246
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448600
reference_id 2448600
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448600
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23246
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fq82-zz54-kuc6
191
url VCID-fs73-5ucn-qke1
vulnerability_id VCID-fs73-5ucn-qke1
summary In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdev_destroy() callback can proceed immediately to the call_rcu() invocation if the IFF_OVS_DATAPATH flag is already cleared on the netdev. The ovs_netdev_detach_dev() function clears the flag before completing the unregistration, and if it gets preempted after clearing the flag (as can happen on an -rt kernel), netdev_destroy() can complete and the device can be freed before the unregistration completes. This leads to a splat like: [ 998.393867] Oops: general protection fault, probably for non-canonical address 0xff00000001000239: 0000 [#1] SMP PTI [ 998.393877] CPU: 42 UID: 0 PID: 55177 Comm: ip Kdump: loaded Not tainted 6.12.0-211.1.1.el10_2.x86_64+rt #1 PREEMPT_RT [ 998.393886] Hardware name: Dell Inc. PowerEdge R740/0JMK61, BIOS 2.24.0 03/27/2025 [ 998.393889] RIP: 0010:dev_set_promiscuity+0x8d/0xa0 [ 998.393901] Code: 00 00 75 d8 48 8b 53 08 48 83 ba b0 02 00 00 00 75 ca 48 83 c4 08 5b c3 cc cc cc cc 48 83 bf 48 09 00 00 00 75 91 48 8b 47 08 <48> 83 b8 b0 02 00 00 00 74 97 eb 81 0f 1f 80 00 00 00 00 90 90 90 [ 998.393906] RSP: 0018:ffffce5864a5f6a0 EFLAGS: 00010246 [ 998.393912] RAX: ff00000000ffff89 RBX: ffff894d0adf5a05 RCX: 0000000000000000 [ 998.393917] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: ffff894d0adf5a05 [ 998.393921] RBP: ffff894d19252000 R08: ffff894d19252000 R09: 0000000000000000 [ 998.393924] R10: ffff894d19252000 R11: ffff894d192521b8 R12: 0000000000000006 [ 998.393927] R13: ffffce5864a5f738 R14: 00000000ffffffe2 R15: 0000000000000000 [ 998.393931] FS: 00007fad61971800(0000) GS:ffff894cc0140000(0000) knlGS:0000000000000000 [ 998.393936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 998.393940] CR2: 000055df0a2a6e40 CR3: 000000011c7fe003 CR4: 00000000007726f0 [ 998.393944] PKRU: 55555554 [ 998.393946] Call Trace: [ 998.393949] <TASK> [ 998.393952] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393961] ? show_trace_log_lvl+0x1b0/0x2f0 [ 998.393975] ? dp_device_event+0x41/0x80 [openvswitch] [ 998.394009] ? __die_body.cold+0x8/0x12 [ 998.394016] ? die_addr+0x3c/0x60 [ 998.394027] ? exc_general_protection+0x16d/0x390 [ 998.394042] ? asm_exc_general_protection+0x26/0x30 [ 998.394058] ? dev_set_promiscuity+0x8d/0xa0 [ 998.394066] ? ovs_netdev_detach_dev+0x3a/0x80 [openvswitch] [ 998.394092] dp_device_event+0x41/0x80 [openvswitch] [ 998.394102] notifier_call_chain+0x5a/0xd0 [ 998.394106] unregister_netdevice_many_notify+0x51b/0xa60 [ 998.394110] rtnl_dellink+0x169/0x3e0 [ 998.394121] ? rt_mutex_slowlock.constprop.0+0x95/0xd0 [ 998.394125] rtnetlink_rcv_msg+0x142/0x3f0 [ 998.394128] ? avc_has_perm_noaudit+0x69/0xf0 [ 998.394130] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 998.394132] netlink_rcv_skb+0x50/0x100 [ 998.394138] netlink_unicast+0x292/0x3f0 [ 998.394141] netlink_sendmsg+0x21b/0x470 [ 998.394145] ____sys_sendmsg+0x39d/0x3d0 [ 998.394149] ___sys_sendmsg+0x9a/0xe0 [ 998.394156] __sys_sendmsg+0x7a/0xd0 [ 998.394160] do_syscall_64+0x7f/0x170 [ 998.394162] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 998.394165] RIP: 0033:0x7fad61bf4724 [ 998.394188] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d c5 e9 0c 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 [ 998.394189] RSP: 002b:00007ffd7e2f7cb8 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [ 998.394191] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007fad61bf4724 [ 998.394193] RDX: 0000000000000000 RSI: 00007ffd7e2f7d20 RDI: 0000000000000003 [ 998.394194] RBP: 00007ffd7e2f7d90 R08: 0000000000000010 R09: 000000000000003f [ 998.394195] R10: 000055df11558010 R11: 0000000000000202 R12: 00007ffd7e2 ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31508.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31508.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31508
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31508
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31508
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31508
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460641
reference_id 2460641
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460641
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31508
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fs73-5ucn-qke1
192
url VCID-fvvb-p7r7-zkbk
vulnerability_id VCID-fvvb-p7r7-zkbk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31422.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31422.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31422
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31422
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31422
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31422
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457834
reference_id 2457834
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457834
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31422
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvvb-p7r7-zkbk
193
url VCID-fx2q-84en-qyah
vulnerability_id VCID-fx2q-84en-qyah
summary kernel: can: bcm: fix locking for bcm_op runtime updates
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23362.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23362.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23362
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23362
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23362
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451256
reference_id 2451256
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451256
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23362
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fx2q-84en-qyah
194
url VCID-g162-81ms-93g7
vulnerability_id VCID-g162-81ms-93g7
summary kernel: ipv6: use RCU in ip6_output()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40158.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40158.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40158
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05415
published_at 2026-04-11T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05402
published_at 2026-04-12T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05395
published_at 2026-04-13T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.05344
published_at 2026-04-16T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05346
published_at 2026-04-18T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05509
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06557
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40158
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40158
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40158
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414523
reference_id 2414523
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414523
5
reference_url https://access.redhat.com/errata/RHSA-2026:1690
reference_id RHSA-2026:1690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1690
6
reference_url https://access.redhat.com/errata/RHSA-2026:2212
reference_id RHSA-2026:2212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2212
7
reference_url https://access.redhat.com/errata/RHSA-2026:2264
reference_id RHSA-2026:2264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2264
8
reference_url https://access.redhat.com/errata/RHSA-2026:2378
reference_id RHSA-2026:2378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2378
9
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
10
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
11
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
12
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
13
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40158
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g162-81ms-93g7
195
url VCID-g2yr-d1ta-93g7
vulnerability_id VCID-g2yr-d1ta-93g7
summary In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol st_shndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplify_symbols(): for (i = 1; i < symsec->sh_size / sizeof(Elf_Sym); i++) { const char *name = info->strtab + sym[i].st_name; switch (sym[i].st_shndx) { case SHN_COMMON: [...] default: /* Divert to percpu allocation if a percpu var. */ if (sym[i].st_shndx == info->index.pcpu) secbase = (unsigned long)mod_percpu(mod); else /** HERE --> **/ secbase = info->sechdrs[sym[i].st_shndx].sh_addr; sym[i].st_value += secbase; break; } } A symbol with an out-of-bounds st_shndx value, for example 0xffff (known as SHN_XINDEX or SHN_HIRESERVE), may cause a kernel panic: BUG: unable to handle page fault for address: ... RIP: 0010:simplify_symbols+0x2b2/0x480 ... Kernel panic - not syncing: Fatal exception This can happen when module ELF is legitimately using SHN_XINDEX or when it is corrupted. Add a bounds check in simplify_symbols() to validate that st_shndx is within the valid range before using it. This issue was discovered due to a bug in llvm-objcopy, see relevant discussion for details [1]. [1] https://lore.kernel.org/linux-modules/20251224005752.201911-1-ihor.solodrai@linux.dev/
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31521.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31521.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31521
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31521
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31521
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460695
reference_id 2460695
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460695
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31521
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g2yr-d1ta-93g7
196
url VCID-g3ku-5npc-v7gc
vulnerability_id VCID-g3ku-5npc-v7gc
summary kernel: net: phy: register phy led_triggers during probe to avoid AB-BA deadlock
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23368.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23368
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23368
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23368
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451175
reference_id 2451175
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451175
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23368
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g3ku-5npc-v7gc
197
url VCID-g48f-w2gu-s7c3
vulnerability_id VCID-g48f-w2gu-s7c3
summary kernel: clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68318.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68318.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68318
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68318
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422817
reference_id 2422817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422817
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68318
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g48f-w2gu-s7c3
198
url VCID-g5sa-v8nq-gqge
vulnerability_id VCID-g5sa-v8nq-gqge
summary kernel: Kernel: Denial of Service in md driver via uninitialized bioset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68368.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68368
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-24T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07684
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07837
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68368
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424882
reference_id 2424882
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424882
4
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
5
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
6
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
7
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68368
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g5sa-v8nq-gqge
199
url VCID-g737-aj6x-r3bd
vulnerability_id VCID-g737-aj6x-r3bd
summary kernel: netconsole: Acquire su_mutex before navigating configs hierarchy
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68319.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68319.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68319
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68319
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422818
reference_id 2422818
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422818
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68319
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g737-aj6x-r3bd
200
url VCID-g77j-7yap-qkgw
vulnerability_id VCID-g77j-7yap-qkgw
summary kernel: pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23387.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23387
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23387
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451229
reference_id 2451229
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451229
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23387
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g77j-7yap-qkgw
201
url VCID-g7k7-e2h7-a7f6
vulnerability_id VCID-g7k7-e2h7-a7f6
summary kernel: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71265.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71265
reference_id
reference_type
scores
0
value 0.00037
scoring_system epss
scoring_elements 0.10843
published_at 2026-04-18T12:55:00Z
1
value 0.00037
scoring_system epss
scoring_elements 0.11002
published_at 2026-04-02T12:55:00Z
2
value 0.00037
scoring_system epss
scoring_elements 0.11064
published_at 2026-04-04T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.10887
published_at 2026-04-07T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.10963
published_at 2026-04-08T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.11016
published_at 2026-04-09T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.1102
published_at 2026-04-11T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.10988
published_at 2026-04-12T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.10965
published_at 2026-04-13T12:55:00Z
9
value 0.00037
scoring_system epss
scoring_elements 0.10829
published_at 2026-04-16T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.12143
published_at 2026-04-24T12:55:00Z
11
value 0.0004
scoring_system epss
scoring_elements 0.12162
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71265
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448595
reference_id 2448595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448595
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71265
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g7k7-e2h7-a7f6
202
url VCID-g82z-3144-u3d2
vulnerability_id VCID-g82z-3144-u3d2
summary In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix use of completion ctx after free On admin queue completion handling, if the admin command completed with error we print data from the completion context. The issue is that we already freed the completion context in polling/interrupts handler which means we print data from context in an unknown state (it might be already used again). Change the admin submission flow so alloc/dealloc of the context will be symmetric and dealloc will be called after any potential use of the context.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31493.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31493.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31493
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04052
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31493
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460632
reference_id 2460632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460632
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31493
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g82z-3144-u3d2
203
url VCID-g8k1-wwq1-yka2
vulnerability_id VCID-g8k1-wwq1-yka2
summary In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policy_hthresh.work from racing with netns teardown A XFRM_MSG_NEWSPDINFO request can queue the per-net work item policy_hthresh.work onto the system workqueue. The queued callback, xfrm_hash_rebuild(), retrieves the enclosing struct net via container_of(). If the net namespace is torn down before that work runs, the associated struct net may already have been freed, and xfrm_hash_rebuild() may then dereference stale memory. xfrm_policy_fini() already flushes policy_hash_work during teardown, but it does not synchronize policy_hthresh.work. Synchronize policy_hthresh.work in xfrm_policy_fini() as well, so the queued work cannot outlive the net namespace teardown and access a freed struct net.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31516.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31516
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31516
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460720
reference_id 2460720
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460720
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31516
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8k1-wwq1-yka2
204
url VCID-gbkk-anun-a3ce
vulnerability_id VCID-gbkk-anun-a3ce
summary
references
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54505
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54505
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://xenbits.xen.org/xsa/advisory-488.html
reference_id XSA-488
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-488.html
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2025-54505, XSA-488
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbkk-anun-a3ce
205
url VCID-gfq9-z9p8-kqhk
vulnerability_id VCID-gfq9-z9p8-kqhk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23413.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23413.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23413
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04588
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23413
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454317
reference_id 2454317
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454317
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23413
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfq9-z9p8-kqhk
206
url VCID-gkap-5jhj-tbff
vulnerability_id VCID-gkap-5jhj-tbff
summary kernel: net/sched: act_ife: Fix metalist update behavior
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23378.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23378.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23378
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23378
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23378
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451271
reference_id 2451271
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451271
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23378
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkap-5jhj-tbff
207
url VCID-gmun-zz47-suap
vulnerability_id VCID-gmun-zz47-suap
summary In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue maps, which would race with the now interrupt driven queue and may cause double completions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31523.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31523.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31523
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31523
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31523
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31523
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460658
reference_id 2460658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460658
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31523
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gmun-zz47-suap
208
url VCID-gpcp-4y8w-fka1
vulnerability_id VCID-gpcp-4y8w-fka1
summary kernel: nfc: nci: complete pending data exchange on device close
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23330.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23330
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02112
published_at 2026-04-24T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23330
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451276
reference_id 2451276
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451276
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23330
risk_score 0.6
exploitability 0.5
weighted_severity 1.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gpcp-4y8w-fka1
209
url VCID-gtjv-ut7g-hqhv
vulnerability_id VCID-gtjv-ut7g-hqhv
summary kernel: spi: tegra210-quad: Protect curr_xfer check in IRQ handler
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23207.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23207.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23207
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02379
published_at 2026-04-02T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02389
published_at 2026-04-04T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02386
published_at 2026-04-07T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02391
published_at 2026-04-08T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02412
published_at 2026-04-24T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02388
published_at 2026-04-11T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02376
published_at 2026-04-13T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.0236
published_at 2026-04-16T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02365
published_at 2026-04-18T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02464
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23207
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439897
reference_id 2439897
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439897
4
reference_url https://usn.ubuntu.com/8100-1/
reference_id USN-8100-1
reference_type
scores
url https://usn.ubuntu.com/8100-1/
5
reference_url https://usn.ubuntu.com/8163-1/
reference_id USN-8163-1
reference_type
scores
url https://usn.ubuntu.com/8163-1/
6
reference_url https://usn.ubuntu.com/8163-2/
reference_id USN-8163-2
reference_type
scores
url https://usn.ubuntu.com/8163-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23207
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtjv-ut7g-hqhv
210
url VCID-gtwd-5z2r-6ue9
vulnerability_id VCID-gtwd-5z2r-6ue9
summary kernel: RISC-V: KVM: Teardown riscv specific bits after kvm_exit
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23135.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23135.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23135
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.18933
published_at 2026-04-24T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19257
published_at 2026-04-02T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19308
published_at 2026-04-04T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19024
published_at 2026-04-07T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19104
published_at 2026-04-08T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19157
published_at 2026-04-09T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19164
published_at 2026-04-11T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19117
published_at 2026-04-12T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19064
published_at 2026-04-13T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.19021
published_at 2026-04-16T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.19033
published_at 2026-04-18T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.1904
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23135
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360267
reference_id 2360267
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360267
4
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
5
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
6
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-23135
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gtwd-5z2r-6ue9
211
url VCID-gu84-p4ru-b7gj
vulnerability_id VCID-gu84-p4ru-b7gj
summary kernel: f2fs: compress: fix UAF of f2fs_inode_info in f2fs_free_dic
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38627.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38627.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38627
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06719
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06554
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0659
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06574
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06624
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06667
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0666
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06652
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06644
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06573
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06565
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06722
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38627
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2390391
reference_id 2390391
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2390391
4
reference_url https://usn.ubuntu.com/8095-1/
reference_id USN-8095-1
reference_type
scores
url https://usn.ubuntu.com/8095-1/
5
reference_url https://usn.ubuntu.com/8095-2/
reference_id USN-8095-2
reference_type
scores
url https://usn.ubuntu.com/8095-2/
6
reference_url https://usn.ubuntu.com/8095-3/
reference_id USN-8095-3
reference_type
scores
url https://usn.ubuntu.com/8095-3/
7
reference_url https://usn.ubuntu.com/8095-4/
reference_id USN-8095-4
reference_type
scores
url https://usn.ubuntu.com/8095-4/
8
reference_url https://usn.ubuntu.com/8095-5/
reference_id USN-8095-5
reference_type
scores
url https://usn.ubuntu.com/8095-5/
9
reference_url https://usn.ubuntu.com/8100-1/
reference_id USN-8100-1
reference_type
scores
url https://usn.ubuntu.com/8100-1/
10
reference_url https://usn.ubuntu.com/8125-1/
reference_id USN-8125-1
reference_type
scores
url https://usn.ubuntu.com/8125-1/
11
reference_url https://usn.ubuntu.com/8126-1/
reference_id USN-8126-1
reference_type
scores
url https://usn.ubuntu.com/8126-1/
12
reference_url https://usn.ubuntu.com/8165-1/
reference_id USN-8165-1
reference_type
scores
url https://usn.ubuntu.com/8165-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38627
risk_score 1.4
exploitability 0.5
weighted_severity 2.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gu84-p4ru-b7gj
212
url VCID-gyhz-a9pm-zqav
vulnerability_id VCID-gyhz-a9pm-zqav
summary Linux privcmd driver can circumvent kernel lockdown
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31788.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31788
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02924
published_at 2026-04-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02932
published_at 2026-04-07T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.02933
published_at 2026-04-08T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02958
published_at 2026-04-09T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.02929
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02901
published_at 2026-04-13T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02881
published_at 2026-04-16T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.02757
published_at 2026-04-18T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02909
published_at 2026-04-12T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05776
published_at 2026-04-21T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05809
published_at 2026-04-24T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.13044
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31788
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31788
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451270
reference_id 2451270
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451270
4
reference_url https://xenbits.xen.org/xsa/advisory-482.html
reference_id XSA-482
reference_type
scores
url https://xenbits.xen.org/xsa/advisory-482.html
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31788
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyhz-a9pm-zqav
213
url VCID-h31q-rcq3-7ud3
vulnerability_id VCID-h31q-rcq3-7ud3
summary kernel: spi: fix use-after-free on controller registration failure
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31389.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31389.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31389
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31389
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454859
reference_id 2454859
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454859
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31389
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h31q-rcq3-7ud3
214
url VCID-h3e8-fux5-3fe2
vulnerability_id VCID-h3e8-fux5-3fe2
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAP_INFO_RSP payload length before access l2cap_information_rsp() checks that cmd_len covers the fixed l2cap_info_rsp header (type + result, 4 bytes) but then reads rsp->data without verifying that the payload is present: - L2CAP_IT_FEAT_MASK calls get_unaligned_le32(rsp->data), which reads 4 bytes past the header (needs cmd_len >= 8). - L2CAP_IT_FIXED_CHAN reads rsp->data[0], 1 byte past the header (needs cmd_len >= 5). A truncated L2CAP_INFO_RSP with result == L2CAP_IR_SUCCESS triggers an out-of-bounds read of adjacent skb data. Guard each data access with the required payload length check. If the payload is too short, skip the read and let the state machine complete with safe defaults (feat_mask and remote_fixed_chan remain zero from kzalloc), so the info timer cleanup and l2cap_conn_start() still run and the connection is not stalled.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31393.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31393.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31393
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31393
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31393
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31393
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454839
reference_id 2454839
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454839
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31393
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3e8-fux5-3fe2
215
url VCID-h57h-xt8g-y3f5
vulnerability_id VCID-h57h-xt8g-y3f5
summary kernel: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38605.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38605.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38605
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02209
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02214
published_at 2026-04-04T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.0221
published_at 2026-04-07T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02211
published_at 2026-04-08T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02233
published_at 2026-04-09T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02215
published_at 2026-04-11T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02204
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02203
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02186
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02197
published_at 2026-04-18T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02281
published_at 2026-04-21T12:55:00Z
11
value 0.00013
scoring_system epss
scoring_elements 0.02382
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38605
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2389490
reference_id 2389490
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2389490
4
reference_url https://usn.ubuntu.com/7879-1/
reference_id USN-7879-1
reference_type
scores
url https://usn.ubuntu.com/7879-1/
5
reference_url https://usn.ubuntu.com/7879-2/
reference_id USN-7879-2
reference_type
scores
url https://usn.ubuntu.com/7879-2/
6
reference_url https://usn.ubuntu.com/7879-3/
reference_id USN-7879-3
reference_type
scores
url https://usn.ubuntu.com/7879-3/
7
reference_url https://usn.ubuntu.com/7879-4/
reference_id USN-7879-4
reference_type
scores
url https://usn.ubuntu.com/7879-4/
8
reference_url https://usn.ubuntu.com/7880-1/
reference_id USN-7880-1
reference_type
scores
url https://usn.ubuntu.com/7880-1/
9
reference_url https://usn.ubuntu.com/7934-1/
reference_id USN-7934-1
reference_type
scores
url https://usn.ubuntu.com/7934-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38605
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h57h-xt8g-y3f5
216
url VCID-h7pm-dyef-1fan
vulnerability_id VCID-h7pm-dyef-1fan
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31409.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31409.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31409
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01159
published_at 2026-04-08T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01161
published_at 2026-04-09T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01146
published_at 2026-04-11T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01154
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0227
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02364
published_at 2026-04-21T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02343
published_at 2026-04-24T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02283
published_at 2026-04-12T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.0228
published_at 2026-04-13T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02263
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31409
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31409
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31409
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455337
reference_id 2455337
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455337
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31409
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h7pm-dyef-1fan
217
url VCID-hbn4-nw7h-abg1
vulnerability_id VCID-hbn4-nw7h-abg1
summary kernel: xfs: only call xf{array,blob}_destroy if we have a valid pointer
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23251.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23251.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23251
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.07078
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.07063
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23251
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448710
reference_id 2448710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448710
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23251
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbn4-nw7h-abg1
218
url VCID-hbzk-b7gn-9bgz
vulnerability_id VCID-hbzk-b7gn-9bgz
summary kernel: riscv: save the SR_SUM status over switches
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38261.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38261.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38261
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07109
published_at 2026-04-02T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08183
published_at 2026-04-04T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.0813
published_at 2026-04-07T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08199
published_at 2026-04-08T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08216
published_at 2026-04-09T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08208
published_at 2026-04-11T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08187
published_at 2026-04-12T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.0817
published_at 2026-04-13T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08068
published_at 2026-04-16T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08052
published_at 2026-04-18T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08211
published_at 2026-04-21T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.0818
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38261
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38261
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38261
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2378994
reference_id 2378994
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2378994
5
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
6
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
7
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
8
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
9
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
10
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38261
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hbzk-b7gn-9bgz
219
url VCID-hh8s-8fc8-pkgq
vulnerability_id VCID-hh8s-8fc8-pkgq
summary kernel: netfilter: nft_set_pipapo: split gc into unlink and reclaim phase
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23351.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23351.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23351
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.01967
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.01894
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.01981
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.01937
published_at 2026-04-08T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.01936
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.01951
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01935
published_at 2026-04-11T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.0192
published_at 2026-04-12T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01915
published_at 2026-04-13T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01895
published_at 2026-04-16T12:55:00Z
10
value 0.00039
scoring_system epss
scoring_elements 0.12077
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23351
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23351
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451254
reference_id 2451254
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451254
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23351
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh8s-8fc8-pkgq
220
url VCID-hjf7-23wz-1qeg
vulnerability_id VCID-hjf7-23wz-1qeg
summary kernel: net: mvpp2: guard flow control update with global_tx_fc in buffer switching
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23438.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23438
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23438
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454812
reference_id 2454812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454812
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23438
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hjf7-23wz-1qeg
221
url VCID-hpqq-mr4h-gbcj
vulnerability_id VCID-hpqq-mr4h-gbcj
summary In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false A UAF issue occurs when the virtio_net driver is configured with napi_tx=N and the device's IFF_XMIT_DST_RELEASE flag is cleared (e.g., during the configuration of tc route filter rules). When IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack expects the driver to hold the reference to skb->dst until the packet is fully transmitted and freed. In virtio_net with napi_tx=N, skbs may remain in the virtio transmit ring for an extended period. If the network namespace is destroyed while these skbs are still pending, the corresponding dst_ops structure has freed. When a subsequent packet is transmitted, free_old_xmit() is triggered to clean up old skbs. It then calls dst_release() on the skb associated with the stale dst_entry. Since the dst_ops (referenced by the dst_entry) has already been freed, a UAF kernel paging request occurs. fix it by adds skb_dst_drop(skb) in start_xmit to explicitly release the dst reference before the skb is queued in virtio_net. Call Trace: Unable to handle kernel paging request at virtual address ffff80007e150000 CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT ... percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P) dst_release+0xe0/0x110 net/core/dst.c:177 skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177 sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255 dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469 napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527 __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net] free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net] start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net] ... Reproduction Steps: NETDEV="enp3s0" config_qdisc_route_filter() { tc qdisc del dev $NETDEV root tc qdisc add dev $NETDEV root handle 1: prio tc filter add dev $NETDEV parent 1:0 \ protocol ip prio 100 route to 100 flowid 1:1 ip route add 192.168.1.100/32 dev $NETDEV realm 100 } test_ns() { ip netns add testns ip link set $NETDEV netns testns ip netns exec testns ifconfig $NETDEV 10.0.32.46/24 ip netns exec testns ping -c 1 10.0.32.1 ip netns del testns } config_qdisc_route_filter test_ns sleep 2 test_ns
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31469.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31469.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31469
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31469
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31469
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31469
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460669
reference_id 2460669
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460669
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31469
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpqq-mr4h-gbcj
222
url VCID-hq39-2qnw-v3dw
vulnerability_id VCID-hq39-2qnw-v3dw
summary In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix circular locking dependency in nci_close_device nci_close_device() flushes rx_wq and tx_wq while holding req_lock. This causes a circular locking dependency because nci_rx_work() running on rx_wq can end up taking req_lock too: nci_rx_work -> nci_rx_data_packet -> nci_data_exchange_complete -> __sk_destruct -> rawsock_destruct -> nfc_deactivate_target -> nci_deactivate_target -> nci_request -> mutex_lock(&ndev->req_lock) Move the flush of rx_wq after req_lock has been released. This should safe (I think) because NCI_UP has already been cleared and the transport is closed, so the work will see it and return -ENETDOWN. NIPA has been hitting this running the nci selftest with a debug kernel on roughly 4% of the runs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31509.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31509.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31509
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31509
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31509
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31509
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460679
reference_id 2460679
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460679
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31509
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hq39-2qnw-v3dw
223
url VCID-j7ng-yctd-3kc4
vulnerability_id VCID-j7ng-yctd-3kc4
summary kernel: block: fix queue freeze vs limits lock order in sysfs store methods
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21807.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21807.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-21807
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.07874
published_at 2026-04-24T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.07869
published_at 2026-04-13T12:55:00Z
2
value 0.00028
scoring_system epss
scoring_elements 0.07784
published_at 2026-04-16T12:55:00Z
3
value 0.00028
scoring_system epss
scoring_elements 0.0776
published_at 2026-04-18T12:55:00Z
4
value 0.00028
scoring_system epss
scoring_elements 0.07913
published_at 2026-04-21T12:55:00Z
5
value 0.00028
scoring_system epss
scoring_elements 0.07882
published_at 2026-04-12T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.07907
published_at 2026-04-09T12:55:00Z
7
value 0.00028
scoring_system epss
scoring_elements 0.07895
published_at 2026-04-11T12:55:00Z
8
value 0.00031
scoring_system epss
scoring_elements 0.08875
published_at 2026-04-07T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.10788
published_at 2026-04-02T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.1085
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-21807
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2348891
reference_id 2348891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2348891
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-21807
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7ng-yctd-3kc4
224
url VCID-j87e-taah-ubbv
vulnerability_id VCID-j87e-taah-ubbv
summary kernel: platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23370.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23370.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23370
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23370
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451225
reference_id 2451225
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451225
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23370
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j87e-taah-ubbv
225
url VCID-j8yy-3tn1-63b5
vulnerability_id VCID-j8yy-3tn1-63b5
summary kernel: ASoC: Intel: avs: Do not share the name pointer between components
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40338.json
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40338.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40338
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10572
published_at 2026-04-11T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-12T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10517
published_at 2026-04-13T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10384
published_at 2026-04-16T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40338
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2420423
reference_id 2420423
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2420423
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40338
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j8yy-3tn1-63b5
226
url VCID-jamx-hf6t-bfcd
vulnerability_id VCID-jamx-hf6t-bfcd
summary kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23243.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23243.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23243
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23243
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23243
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23243
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448594
reference_id 2448594
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448594
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23243
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jamx-hf6t-bfcd
227
url VCID-jr94-175s-s7cy
vulnerability_id VCID-jr94-175s-s7cy
summary kernel: perf/dwc_pcie: fix duplicate pci_dev devices
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37746.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37746.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37746
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37746
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2363282
reference_id 2363282
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2363282
4
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
5
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
6
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-37746
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jr94-175s-s7cy
228
url VCID-jtnv-mefv-qqff
vulnerability_id VCID-jtnv-mefv-qqff
summary kernel: bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23319.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23319.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23319
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23319
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451203
reference_id 2451203
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451203
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23319
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtnv-mefv-qqff
229
url VCID-jx72-vpup-p3gk
vulnerability_id VCID-jx72-vpup-p3gk
summary kernel: f2fs: fix potential deadloop in prepare_compress_overwrite()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22127.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22127.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22127
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21533
published_at 2026-04-24T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.2184
published_at 2026-04-02T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21893
published_at 2026-04-04T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21658
published_at 2026-04-07T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21734
published_at 2026-04-08T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21791
published_at 2026-04-09T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21802
published_at 2026-04-11T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21762
published_at 2026-04-12T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21705
published_at 2026-04-16T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21712
published_at 2026-04-18T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21681
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22127
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22127
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22127
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360296
reference_id 2360296
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360296
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22127
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jx72-vpup-p3gk
230
url VCID-jxkv-jbh3-9fhj
vulnerability_id VCID-jxkv-jbh3-9fhj
summary kernel: drm/amd/display: add null check
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39762.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39762.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39762
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01838
published_at 2026-04-04T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01826
published_at 2026-04-02T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02211
published_at 2026-04-08T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02233
published_at 2026-04-09T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02215
published_at 2026-04-11T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02204
published_at 2026-04-12T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02203
published_at 2026-04-13T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02186
published_at 2026-04-16T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02197
published_at 2026-04-18T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02281
published_at 2026-04-21T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02261
published_at 2026-04-24T12:55:00Z
11
value 0.00013
scoring_system epss
scoring_elements 0.0221
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39762
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39762
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39762
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394632
reference_id 2394632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394632
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39762
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jxkv-jbh3-9fhj
231
url VCID-k1eg-sz6t-skg8
vulnerability_id VCID-k1eg-sz6t-skg8
summary kernel: Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68304.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68304
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68304
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422828
reference_id 2422828
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422828
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68304
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1eg-sz6t-skg8
232
url VCID-k1v3-945q-47eh
vulnerability_id VCID-k1v3-945q-47eh
summary kernel: macvlan: observe an RCU grace period in macvlan_common_newlink() error path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23273.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23273.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23273
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23273
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23273
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23273
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449563
reference_id 2449563
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449563
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23273
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1v3-945q-47eh
233
url VCID-k3na-q9p9-4kbh
vulnerability_id VCID-k3na-q9p9-4kbh
summary kernel: drm/imagination: Synchronize interrupts before suspending the GPU
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23469.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23469.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23469
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03975
published_at 2026-04-07T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-08T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03962
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23469
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454830
reference_id 2454830
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454830
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23469
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3na-q9p9-4kbh
234
url VCID-k4wz-r6rn-rkfs
vulnerability_id VCID-k4wz-r6rn-rkfs
summary kernel: f2fs: fix to avoid migrating empty section
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40150.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40150.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40150
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05772
published_at 2026-04-11T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05876
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0573
published_at 2026-04-18T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05721
published_at 2026-04-16T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05758
published_at 2026-04-13T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05764
published_at 2026-04-12T12:55:00Z
6
value 0.00028
scoring_system epss
scoring_elements 0.07868
published_at 2026-04-24T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.10049
published_at 2026-04-09T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09995
published_at 2026-04-08T12:55:00Z
9
value 0.00034
scoring_system epss
scoring_elements 0.09919
published_at 2026-04-07T12:55:00Z
10
value 0.00034
scoring_system epss
scoring_elements 0.1002
published_at 2026-04-04T12:55:00Z
11
value 0.00034
scoring_system epss
scoring_elements 0.09972
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40150
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414480
reference_id 2414480
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414480
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40150
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4wz-r6rn-rkfs
235
url VCID-k5ww-5ut8-pfg7
vulnerability_id VCID-k5ww-5ut8-pfg7
summary kernel: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68360.json
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68360.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68360
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68360
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424900
reference_id 2424900
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424900
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68360
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ww-5ut8-pfg7
236
url VCID-k68k-tnns-mkga
vulnerability_id VCID-k68k-tnns-mkga
summary kernel: ipv4: start using dst_dev_rcu()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40074.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40074.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40074
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07272
published_at 2026-04-07T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07327
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40074
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40074
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406739
reference_id 2406739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406739
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40074
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k68k-tnns-mkga
237
url VCID-k6tp-a2zd-2bc1
vulnerability_id VCID-k6tp-a2zd-2bc1
summary kernel: nvme: fix admin queue leak on controller reset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23360.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23360.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23360
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23360
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451198
reference_id 2451198
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451198
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23360
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6tp-a2zd-2bc1
238
url VCID-kcmk-1zxh-2yhv
vulnerability_id VCID-kcmk-1zxh-2yhv
summary kernel: net: sched: avoid qdisc_reset_all_tx_gt() vs dequeue race for lockless qdiscs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23340.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23340
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02375
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-21T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23340
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23340
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23340
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451180
reference_id 2451180
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451180
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23340
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kcmk-1zxh-2yhv
239
url VCID-kd3n-3han-k7dm
vulnerability_id VCID-kd3n-3han-k7dm
summary kernel: media: nxp: imx8-isi: Fix streaming cleanup on release
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68175.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68175
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09349
published_at 2026-04-24T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09144
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09299
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68175
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422666
reference_id 2422666
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422666
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68175
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kd3n-3han-k7dm
240
url VCID-kdmz-w6db-7ue2
vulnerability_id VCID-kdmz-w6db-7ue2
summary In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check cdc_ncm_rx_verify_ndp16() validates that the NDP header and its DPE entries fit within the skb. The first check correctly accounts for ndpoffset: if ((ndpoffset + sizeof(struct usb_cdc_ncm_ndp16)) > skb_in->len) but the second check omits it: if ((sizeof(struct usb_cdc_ncm_ndp16) + ret * (sizeof(struct usb_cdc_ncm_dpe16))) > skb_in->len) This validates the DPE array size against the total skb length as if the NDP were at offset 0, rather than at ndpoffset. When the NDP is placed near the end of the NTB (large wNdpIndex), the DPE entries can extend past the skb data buffer even though the check passes. cdc_ncm_rx_fixup() then reads out-of-bounds memory when iterating the DPE array. Add ndpoffset to the nframes bounds check and use struct_size_t() to express the NDP-plus-DPE-array size more clearly.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23448.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23448.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23448
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23448
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23448
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23448
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454858
reference_id 2454858
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454858
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23448
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdmz-w6db-7ue2
241
url VCID-kgsv-ke1m-xkg5
vulnerability_id VCID-kgsv-ke1m-xkg5
summary kernel: LoongArch: Set hugetlb mmap base address aligned with pmd size
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21949.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21949.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-21949
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-21949
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2356622
reference_id 2356622
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2356622
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-21949
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgsv-ke1m-xkg5
242
url VCID-kgv3-f25s-ckd5
vulnerability_id VCID-kgv3-f25s-ckd5
summary kernel: Linux kernel KVM: Denial of Service due to uninitialized vCPU event handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40102.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40102.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40102
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.1588
published_at 2026-04-04T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.15672
published_at 2026-04-07T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15757
published_at 2026-04-08T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.1582
published_at 2026-04-02T12:55:00Z
4
value 0.0006
scoring_system epss
scoring_elements 0.18769
published_at 2026-04-16T12:55:00Z
5
value 0.0006
scoring_system epss
scoring_elements 0.18781
published_at 2026-04-18T12:55:00Z
6
value 0.0006
scoring_system epss
scoring_elements 0.188
published_at 2026-04-21T12:55:00Z
7
value 0.0006
scoring_system epss
scoring_elements 0.18687
published_at 2026-04-24T12:55:00Z
8
value 0.0006
scoring_system epss
scoring_elements 0.18912
published_at 2026-04-09T12:55:00Z
9
value 0.0006
scoring_system epss
scoring_elements 0.18917
published_at 2026-04-11T12:55:00Z
10
value 0.0006
scoring_system epss
scoring_elements 0.1887
published_at 2026-04-12T12:55:00Z
11
value 0.0006
scoring_system epss
scoring_elements 0.18819
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40102
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40102
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40102
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2407325
reference_id 2407325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2407325
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40102
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgv3-f25s-ckd5
243
url VCID-kk4c-najx-kyhq
vulnerability_id VCID-kk4c-najx-kyhq
summary In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() After this commit (e2b76ab8b5c9 "ksmbd: add support for read compound"), response buffer management was changed to use dynamic iov array. In the new design, smb2_calc_max_out_buf_len() expects the second argument (hdr2_len) to be the offset of ->Buffer field in the response structure, not a hardcoded magic number. Fix the remaining call sites to use the correct offsetof() value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31478.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31478.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31478
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.08669
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31478
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460713
reference_id 2460713
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460713
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31478
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kk4c-najx-kyhq
244
url VCID-kn32-aqhq-k7c5
vulnerability_id VCID-kn32-aqhq-k7c5
summary In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nand_lock() and nand_unlock() call into chip->ops.lock_area/unlock_area without holding the NAND device lock. On controllers that implement SET_FEATURES via multiple low-level PIO commands, these can race with concurrent UBI/UBIFS background erase/write operations that hold the device lock, resulting in cmd_pending conflicts on the NAND controller. Add nand_get_device()/nand_release_device() around the lock/unlock operations to serialize them against all other NAND controller access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23434.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23434
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23434
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23434
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23434
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454813
reference_id 2454813
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454813
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23434
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kn32-aqhq-k7c5
245
url VCID-kns4-65da-v3bc
vulnerability_id VCID-kns4-65da-v3bc
summary In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cache_request leak in cache_release When a reader's file descriptor is closed while in the middle of reading a cache_request (rp->offset != 0), cache_release() decrements the request's readers count but never checks whether it should free the request. In cache_read(), when readers drops to 0 and CACHE_PENDING is clear, the cache_request is removed from the queue and freed along with its buffer and cache_head reference. cache_release() lacks this cleanup. The only other path that frees requests with readers == 0 is cache_dequeue(), but it runs only when CACHE_PENDING transitions from set to clear. If that transition already happened while readers was still non-zero, cache_dequeue() will have skipped the request, and no subsequent call will clean it up. Add the same cleanup logic from cache_read() to cache_release(): after decrementing readers, check if it reached 0 with CACHE_PENDING clear, and if so, dequeue and free the cache_request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31400.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31400.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31400
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31400
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31400
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454875
reference_id 2454875
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454875
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31400
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kns4-65da-v3bc
246
url VCID-kp79-ejb3-u3ew
vulnerability_id VCID-kp79-ejb3-u3ew
summary kernel: block: zero non-PI portion of auto integrity buffer
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23007.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23007
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05101
published_at 2026-04-07T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05134
published_at 2026-04-08T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.0515
published_at 2026-04-09T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05125
published_at 2026-04-11T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05108
published_at 2026-04-12T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05093
published_at 2026-04-13T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05041
published_at 2026-04-16T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.05046
published_at 2026-04-18T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05194
published_at 2026-04-21T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05225
published_at 2026-04-24T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.0508
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23007
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432674
reference_id 2432674
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432674
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23007
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kp79-ejb3-u3ew
247
url VCID-kpkx-qwue-bff4
vulnerability_id VCID-kpkx-qwue-bff4
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlink_dump_exp_ct() ctnetlink_dump_exp_ct() stores a conntrack pointer in cb->data for the netlink dump callback ctnetlink_exp_ct_dump_table(), but drops the conntrack reference immediately after netlink_dump_start(). When the dump spans multiple rounds, the second recvmsg() triggers the dump callback which dereferences the now-freed conntrack via nfct_help(ct), leading to a use-after-free on ct->ext. The bug is that the netlink_dump_control has no .start or .done callbacks to manage the conntrack reference across dump rounds. Other dump functions in the same file (e.g. ctnetlink_get_conntrack) properly use .start/.done callbacks for this purpose. Fix this by adding .start and .done callbacks that hold and release the conntrack reference for the duration of the dump, and move the nfct_help() call after the cb->args[0] early-return check in the dump callback to avoid dereferencing ct->ext unnecessarily. BUG: KASAN: slab-use-after-free in ctnetlink_exp_ct_dump_table+0x4f/0x2e0 Read of size 8 at addr ffff88810597ebf0 by task ctnetlink_poc/133 CPU: 1 UID: 0 PID: 133 Comm: ctnetlink_poc Not tainted 7.0.0-rc2+ #3 PREEMPTLAZY Call Trace: <TASK> ctnetlink_exp_ct_dump_table+0x4f/0x2e0 netlink_dump+0x333/0x880 netlink_recvmsg+0x3e2/0x4b0 ? aa_sk_perm+0x184/0x450 sock_recvmsg+0xde/0xf0 Allocated by task 133: kmem_cache_alloc_noprof+0x134/0x440 __nf_conntrack_alloc+0xa8/0x2b0 ctnetlink_create_conntrack+0xa1/0x900 ctnetlink_new_conntrack+0x3cf/0x7d0 nfnetlink_rcv_msg+0x48e/0x510 netlink_rcv_skb+0xc9/0x1f0 nfnetlink_rcv+0xdb/0x220 netlink_unicast+0x3ec/0x590 netlink_sendmsg+0x397/0x690 __sys_sendmsg+0xf4/0x180 Freed by task 0: slab_free_after_rcu_debug+0xad/0x1e0 rcu_core+0x5c3/0x9c0
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23458.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23458
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23458
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23458
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454816
reference_id 2454816
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454816
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23458
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kpkx-qwue-bff4
248
url VCID-kus3-1ds4-8qfb
vulnerability_id VCID-kus3-1ds4-8qfb
summary kernel: riscv: trace: fix snapshot deadlock with sbi ecall
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23217.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23217.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23217
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.0314
published_at 2026-04-24T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03059
published_at 2026-04-02T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03072
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03077
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03102
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03064
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.0304
published_at 2026-04-12T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.0303
published_at 2026-04-13T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03007
published_at 2026-04-16T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03016
published_at 2026-04-18T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03135
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23217
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440634
reference_id 2440634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440634
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23217
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kus3-1ds4-8qfb
249
url VCID-kvbv-df49-gyaj
vulnerability_id VCID-kvbv-df49-gyaj
summary In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated based on OPEN responses and does not account for LOCK denied responses, which include the conflicting lock owner as a variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT). When a LOCK operation is denied due to a conflict with an existing lock that has a large owner, nfsd4_encode_operation() copies the full encoded response into the undersized replay buffer via read_bytes_from_xdr_buf() with no bounds check. This results in a slab-out-of-bounds write of up to 944 bytes past the end of the buffer, corrupting adjacent heap memory. This can be triggered remotely by an unauthenticated attacker with two cooperating NFSv4.0 clients: one sets a lock with a large owner string, then the other requests a conflicting lock to provoke the denial. We could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full opaque, but that would increase the size of every stateowner, when most lockowners are not that large. Instead, fix this by checking the encoded response length against NFSD4_REPLAY_ISIZE before copying into the replay buffer. If the response is too large, set rp_buflen to 0 to skip caching the replay payload. The status is still cached, and the client already received the correct response on the original request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31402.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31402
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10653
published_at 2026-04-07T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10729
published_at 2026-04-08T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10803
published_at 2026-04-04T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.14562
published_at 2026-04-16T12:55:00Z
4
value 0.00048
scoring_system epss
scoring_elements 0.14567
published_at 2026-04-18T12:55:00Z
5
value 0.00048
scoring_system epss
scoring_elements 0.14631
published_at 2026-04-21T12:55:00Z
6
value 0.00048
scoring_system epss
scoring_elements 0.14664
published_at 2026-04-24T12:55:00Z
7
value 0.00048
scoring_system epss
scoring_elements 0.14802
published_at 2026-04-09T12:55:00Z
8
value 0.00048
scoring_system epss
scoring_elements 0.1476
published_at 2026-04-11T12:55:00Z
9
value 0.00048
scoring_system epss
scoring_elements 0.14722
published_at 2026-04-12T12:55:00Z
10
value 0.00048
scoring_system epss
scoring_elements 0.14668
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31402
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31402
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454844
reference_id 2454844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454844
5
reference_url https://access.redhat.com/errata/RHSA-2026:10108
reference_id RHSA-2026:10108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10108
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31402
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kvbv-df49-gyaj
250
url VCID-kx5p-87fs-9kgw
vulnerability_id VCID-kx5p-87fs-9kgw
summary kernel: drm/amdgpu: Add basic validation for RAS header
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38426.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38426
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06497
published_at 2026-04-09T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06386
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06416
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06454
published_at 2026-04-08T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08273
published_at 2026-04-16T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08416
published_at 2026-04-11T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08397
published_at 2026-04-12T12:55:00Z
8
value 0.00029
scoring_system epss
scoring_elements 0.08381
published_at 2026-04-13T12:55:00Z
9
value 0.00029
scoring_system epss
scoring_elements 0.08256
published_at 2026-04-18T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.0954
published_at 2026-04-24T12:55:00Z
11
value 0.00033
scoring_system epss
scoring_elements 0.09488
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38426
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38426
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38426
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2383455
reference_id 2383455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2383455
5
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
6
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
7
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
8
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
9
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
10
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38426
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kx5p-87fs-9kgw
251
url VCID-m21d-1mj4-3bbn
vulnerability_id VCID-m21d-1mj4-3bbn
summary kernel: drm/msm: Fix pgtable prealloc error path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40247.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40247.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40247
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
4
value 0.00035
scoring_system epss
scoring_elements 0.10572
published_at 2026-04-11T12:55:00Z
5
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-12T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10517
published_at 2026-04-13T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10384
published_at 2026-04-16T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40247
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40247
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40247
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2418873
reference_id 2418873
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2418873
5
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
6
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
7
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
8
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
9
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
10
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40247
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m21d-1mj4-3bbn
252
url VCID-m35k-ahnu-abh1
vulnerability_id VCID-m35k-ahnu-abh1
summary kernel: net/smc: fix NULL dereference and UAF in smc_tcp_syn_recv_sock()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23450.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23450.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23450
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23450
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454799
reference_id 2454799
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454799
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23450
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m35k-ahnu-abh1
253
url VCID-m3ch-q8dr-xkay
vulnerability_id VCID-m3ch-q8dr-xkay
summary In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asus_report_fixup() The asus_report_fixup() function was returning a newly allocated kmemdup()-allocated buffer, but never freeing it. Switch to devm_kzalloc() to ensure the memory is managed and freed automatically when the device is removed. The caller of report_fixup() does not take ownership of the returned pointer, but it is permitted to return a pointer whose lifetime is at least that of the input buffer. Also fix a harmless out-of-bounds read by copying only the original descriptor size.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31524.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31524.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31524
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31524
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31524
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31524
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460631
reference_id 2460631
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460631
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31524
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3ch-q8dr-xkay
254
url VCID-m6h1-8erq-dqb8
vulnerability_id VCID-m6h1-8erq-dqb8
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop l2cap_config_req() processes CONFIG_REQ for channels in BT_CONNECTED state to support L2CAP reconfiguration (e.g. MTU changes). However, since both CONF_INPUT_DONE and CONF_OUTPUT_DONE are already set from the initial configuration, the reconfiguration path falls through to l2cap_ertm_init(), which re-initializes tx_q, srej_q, srej_list, and retrans_list without freeing the previous allocations and sets chan->sdu to NULL without freeing the existing skb. This leaks all previously allocated ERTM resources. Additionally, l2cap_parse_conf_req() does not validate the minimum value of remote_mps derived from the RFC max_pdu_size option. A zero value propagates to l2cap_segment_sdu() where pdu_len becomes zero, causing the while loop to never terminate since len is never decremented, exhausting all available memory. Fix the double-init by skipping l2cap_ertm_init() and l2cap_chan_ready() when the channel is already in BT_CONNECTED state, while still allowing the reconfiguration parameters to be updated through l2cap_parse_conf_req(). Also add a pdu_len zero check in l2cap_segment_sdu() as a safeguard.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31498.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31498.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31498
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31498
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31498
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31498
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460629
reference_id 2460629
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460629
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31498
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m6h1-8erq-dqb8
255
url VCID-m995-b8rn-tkgk
vulnerability_id VCID-m995-b8rn-tkgk
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to DecodeH323_UserInformation(). If the encoded length is 0, the decrement wraps to -1, which is then passed as a large value to the decoder, leading to an out-of-bounds read. Add a check to ensure len is positive after the decrement.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23455.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23455.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23455
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23455
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23455
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23455
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454810
reference_id 2454810
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454810
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23455
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m995-b8rn-tkgk
256
url VCID-m9u8-d7gp-37bk
vulnerability_id VCID-m9u8-d7gp-37bk
summary kernel: i40e: Fix preempt count leak in napi poll tracepoint
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23313.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23313.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23313
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23313
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451223
reference_id 2451223
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451223
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23313
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m9u8-d7gp-37bk
257
url VCID-madz-x835-s7cy
vulnerability_id VCID-madz-x835-s7cy
summary In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmouse_report_fixup() The magicmouse_report_fixup() function was returning a newly kmemdup()-allocated buffer, but never freeing it. The caller of report_fixup() does not take ownership of the returned pointer, but it *is* permitted to return a sub-portion of the input rdesc, whose lifetime is managed by the caller.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31522.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31522.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31522
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31522
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460655
reference_id 2460655
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460655
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31522
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-madz-x835-s7cy
258
url VCID-meqx-5s5k-j3f7
vulnerability_id VCID-meqx-5s5k-j3f7
summary kernel: xattr: switch to CLASS(fd)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-14027.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-14027.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-14027
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01723
published_at 2026-04-09T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02234
published_at 2026-04-24T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02181
published_at 2026-04-12T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02177
published_at 2026-04-13T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02155
published_at 2026-04-16T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02167
published_at 2026-04-18T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02252
published_at 2026-04-21T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02197
published_at 2026-04-11T12:55:00Z
8
value 9e-05
scoring_system epss
scoring_elements 0.00933
published_at 2026-04-04T12:55:00Z
9
value 9e-05
scoring_system epss
scoring_elements 0.00936
published_at 2026-04-07T12:55:00Z
10
value 9e-05
scoring_system epss
scoring_elements 0.0094
published_at 2026-04-08T12:55:00Z
11
value 9e-05
scoring_system epss
scoring_elements 0.00932
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-14027
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2445789
reference_id 2445789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2445789
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-14027
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-meqx-5s5k-j3f7
259
url VCID-mgjc-55mm-kffq
vulnerability_id VCID-mgjc-55mm-kffq
summary kernel: mISDN: hfcpci: Fix warning when deleting uninitialized timer
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39833.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39833.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39833
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04779
published_at 2026-04-07T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-11T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04825
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39833
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39833
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39833
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2395802
reference_id 2395802
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2395802
5
reference_url https://git.kernel.org/stable/c/43fc5da8133badf17f5df250ba03b9d882254845
reference_id 43fc5da8133badf17f5df250ba03b9d882254845
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:18:25Z/
url https://git.kernel.org/stable/c/43fc5da8133badf17f5df250ba03b9d882254845
6
reference_url https://git.kernel.org/stable/c/97766512a9951b9fd6fc97f1b93211642bb0b220
reference_id 97766512a9951b9fd6fc97f1b93211642bb0b220
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T18:18:25Z/
url https://git.kernel.org/stable/c/97766512a9951b9fd6fc97f1b93211642bb0b220
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39833
risk_score 2.2
exploitability 0.5
weighted_severity 4.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgjc-55mm-kffq
260
url VCID-mjbb-q1nx-8fgj
vulnerability_id VCID-mjbb-q1nx-8fgj
summary kernel: Linux kernel (iavf): Denial of Service due to a locking issue
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38311.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38311.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38311
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.04925
published_at 2026-04-02T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.04951
published_at 2026-04-04T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05684
published_at 2026-04-09T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05656
published_at 2026-04-11T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05648
published_at 2026-04-12T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05641
published_at 2026-04-13T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05596
published_at 2026-04-16T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05608
published_at 2026-04-18T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05764
published_at 2026-04-21T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05796
published_at 2026-04-24T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05619
published_at 2026-04-07T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05658
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38311
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379216
reference_id 2379216
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379216
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38311
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mjbb-q1nx-8fgj
261
url VCID-mkjm-756w-5ygt
vulnerability_id VCID-mkjm-756w-5ygt
summary kernel: Linux kernel: Use-after-free in traffic control (act_ct) may lead to denial of service or privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23270.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23270.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23270
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23270
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448745
reference_id 2448745
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448745
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23270
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkjm-756w-5ygt
262
url VCID-mkw6-9tye-x3fb
vulnerability_id VCID-mkw6-9tye-x3fb
summary kernel: nf_tables: nft_dynset: fix possible stateful expression memleak in error path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23399.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23399.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23399
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04389
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23399
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2452569
reference_id 2452569
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2452569
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23399
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkw6-9tye-x3fb
263
url VCID-mmj7-dk1d-yuga
vulnerability_id VCID-mmj7-dk1d-yuga
summary kernel: wifi: rtw89: pci: configure manual DAC mode via PCI config API only
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38284.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38284.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38284
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0665
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06694
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07756
published_at 2026-04-09T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07755
published_at 2026-04-11T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07741
published_at 2026-04-12T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07725
published_at 2026-04-13T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-16T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07636
published_at 2026-04-18T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07785
published_at 2026-04-21T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07744
published_at 2026-04-24T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07678
published_at 2026-04-07T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07738
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38284
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379221
reference_id 2379221
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379221
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38284
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmj7-dk1d-yuga
264
url VCID-mmsk-j6bt-wuh1
vulnerability_id VCID-mmsk-j6bt-wuh1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23419.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23419
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23419
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454774
reference_id 2454774
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454774
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23419
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mmsk-j6bt-wuh1
265
url VCID-mrj8-hhte-77a4
vulnerability_id VCID-mrj8-hhte-77a4
summary kernel: ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39859.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39859.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39859
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04846
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04774
published_at 2026-04-02T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04801
published_at 2026-04-13T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04821
published_at 2026-04-12T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04844
published_at 2026-04-11T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04857
published_at 2026-04-09T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04797
published_at 2026-04-04T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-07T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05749
published_at 2026-04-24T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05544
published_at 2026-04-16T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05558
published_at 2026-04-18T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05716
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39859
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2396921
reference_id 2396921
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2396921
4
reference_url https://git.kernel.org/stable/c/8bf935cf789872350b04c1a6468b0a509f67afb2
reference_id 8bf935cf789872350b04c1a6468b0a509f67afb2
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T19:22:59Z/
url https://git.kernel.org/stable/c/8bf935cf789872350b04c1a6468b0a509f67afb2
5
reference_url https://git.kernel.org/stable/c/f10d3c7267ac7387a5129d5506c3c5f2460cfd9b
reference_id f10d3c7267ac7387a5129d5506c3c5f2460cfd9b
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T19:22:59Z/
url https://git.kernel.org/stable/c/f10d3c7267ac7387a5129d5506c3c5f2460cfd9b
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39859
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mrj8-hhte-77a4
266
url VCID-mzg4-exh3-pugu
vulnerability_id VCID-mzg4-exh3-pugu
summary In the Linux kernel, the following vulnerability has been resolved: btrfs: fix leak of kobject name for sub-group space_info When create_space_info_sub_group() allocates elements of space_info->sub_group[], kobject_init_and_add() is called for each element via btrfs_sysfs_add_space_info_type(). However, when check_removing_space_info() frees these elements, it does not call btrfs_sysfs_remove_space_info() on them. As a result, kobject_put() is not called and the associated kobj->name objects are leaked. This memory leak is reproduced by running the blktests test case zbd/009 on kernels built with CONFIG_DEBUG_KMEMLEAK. The kmemleak feature reports the following error: unreferenced object 0xffff888112877d40 (size 16): comm "mount", pid 1244, jiffies 4294996972 hex dump (first 16 bytes): 64 61 74 61 2d 72 65 6c 6f 63 00 c4 c6 a7 cb 7f data-reloc...... backtrace (crc 53ffde4d): __kmalloc_node_track_caller_noprof+0x619/0x870 kstrdup+0x42/0xc0 kobject_set_name_vargs+0x44/0x110 kobject_init_and_add+0xcf/0x150 btrfs_sysfs_add_space_info_type+0xfc/0x210 [btrfs] create_space_info_sub_group.constprop.0+0xfb/0x1b0 [btrfs] create_space_info+0x211/0x320 [btrfs] btrfs_init_space_info+0x15a/0x1b0 [btrfs] open_ctree+0x33c7/0x4a50 [btrfs] btrfs_get_tree.cold+0x9f/0x1ee [btrfs] vfs_get_tree+0x87/0x2f0 vfs_cmd_create+0xbd/0x280 __do_sys_fsconfig+0x3df/0x990 do_syscall_64+0x136/0x1540 entry_SYSCALL_64_after_hwframe+0x76/0x7e To avoid the leak, call btrfs_sysfs_remove_space_info() instead of kfree() for the elements.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31434.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31434.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31434
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31434
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460728
reference_id 2460728
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460728
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31434
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzg4-exh3-pugu
267
url VCID-n1tb-u9us-57bv
vulnerability_id VCID-n1tb-u9us-57bv
summary kernel: Kernel: Race condition in espintcp can lead to denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23239.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23239.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23239
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02287
published_at 2026-04-08T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02309
published_at 2026-04-09T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02285
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03377
published_at 2026-04-24T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.0326
published_at 2026-04-16T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03269
published_at 2026-04-18T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03388
published_at 2026-04-21T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03334
published_at 2026-04-11T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03305
published_at 2026-04-12T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03283
published_at 2026-04-13T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23239
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23239
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23239
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446109
reference_id 2446109
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446109
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23239
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n1tb-u9us-57bv
268
url VCID-n2ac-dtm2-sqa9
vulnerability_id VCID-n2ac-dtm2-sqa9
summary kernel: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23271.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23271.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23271
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23271
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23271
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23271
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449565
reference_id 2449565
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449565
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23271
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n2ac-dtm2-sqa9
269
url VCID-n59e-jkf6-13bf
vulnerability_id VCID-n59e-jkf6-13bf
summary kernel: ntfs3 local privledge escalation if NTFS character set and remount and umount called simultaneously
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3238.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3238.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3238
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.23708
published_at 2026-04-02T12:55:00Z
1
value 0.0008
scoring_system epss
scoring_elements 0.23364
published_at 2026-04-24T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.23577
published_at 2026-04-16T12:55:00Z
3
value 0.0008
scoring_system epss
scoring_elements 0.23567
published_at 2026-04-18T12:55:00Z
4
value 0.0008
scoring_system epss
scoring_elements 0.23547
published_at 2026-04-21T12:55:00Z
5
value 0.0008
scoring_system epss
scoring_elements 0.23751
published_at 2026-04-04T12:55:00Z
6
value 0.0008
scoring_system epss
scoring_elements 0.23531
published_at 2026-04-07T12:55:00Z
7
value 0.0008
scoring_system epss
scoring_elements 0.23602
published_at 2026-04-08T12:55:00Z
8
value 0.0008
scoring_system epss
scoring_elements 0.23648
published_at 2026-04-09T12:55:00Z
9
value 0.0008
scoring_system epss
scoring_elements 0.23664
published_at 2026-04-11T12:55:00Z
10
value 0.0008
scoring_system epss
scoring_elements 0.23622
published_at 2026-04-12T12:55:00Z
11
value 0.0008
scoring_system epss
scoring_elements 0.23565
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3238
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2127927
reference_id 2127927
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-01T13:32:12Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2127927
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
3
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
4
url pkg:deb/debian/linux@6.19.13-1
purl pkg:deb/debian/linux@6.19.13-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.13-1
5
url pkg:deb/debian/linux@7.0-1~exp1
purl pkg:deb/debian/linux@7.0-1~exp1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@7.0-1~exp1
aliases CVE-2022-3238
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n59e-jkf6-13bf
270
url VCID-n791-nrre-9qfv
vulnerability_id VCID-n791-nrre-9qfv
summary kernel: btrfs: don't use btrfs_set_item_key_safe on RAID stripe-extents
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21752.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-21752
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14572
published_at 2026-04-04T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14502
published_at 2026-04-02T12:55:00Z
2
value 0.00062
scoring_system epss
scoring_elements 0.19371
published_at 2026-04-08T12:55:00Z
3
value 0.00062
scoring_system epss
scoring_elements 0.19423
published_at 2026-04-09T12:55:00Z
4
value 0.00062
scoring_system epss
scoring_elements 0.19428
published_at 2026-04-11T12:55:00Z
5
value 0.00062
scoring_system epss
scoring_elements 0.19379
published_at 2026-04-12T12:55:00Z
6
value 0.00062
scoring_system epss
scoring_elements 0.19322
published_at 2026-04-13T12:55:00Z
7
value 0.00062
scoring_system epss
scoring_elements 0.19285
published_at 2026-04-16T12:55:00Z
8
value 0.00062
scoring_system epss
scoring_elements 0.19292
published_at 2026-04-18T12:55:00Z
9
value 0.00062
scoring_system epss
scoring_elements 0.19304
published_at 2026-04-21T12:55:00Z
10
value 0.00062
scoring_system epss
scoring_elements 0.19202
published_at 2026-04-24T12:55:00Z
11
value 0.00062
scoring_system epss
scoring_elements 0.19294
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-21752
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2348631
reference_id 2348631
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2348631
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-21752
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n791-nrre-9qfv
271
url VCID-n88t-yc67-r3f5
vulnerability_id VCID-n88t-yc67-r3f5
summary In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packet_release() via NETDEV_UP race `packet_release()` has a race window where `NETDEV_UP` can re-register a socket into a fanout group's `arr[]` array. The re-registration is not cleaned up by `fanout_release()`, leaving a dangling pointer in the fanout array. `packet_release()` does NOT zero `po->num` in its `bind_lock` section. After releasing `bind_lock`, `po->num` is still non-zero and `po->ifindex` still matches the bound device. A concurrent `packet_notifier(NETDEV_UP)` that already found the socket in `sklist` can re-register the hook. For fanout sockets, this re-registration calls `__fanout_link(sk, po)` which adds the socket back into `f->arr[]` and increments `f->num_members`, but does NOT increment `f->sk_ref`. The fix sets `po->num` to zero in `packet_release` while `bind_lock` is held to prevent NETDEV_UP from linking, preventing the race window. This bug was found following an additional audit with Claude Code based on CVE-2025-38617.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31504.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31504.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31504
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31504
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31504
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31504
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460643
reference_id 2460643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460643
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31504
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n88t-yc67-r3f5
272
url VCID-n8y5-74xq-f7ft
vulnerability_id VCID-n8y5-74xq-f7ft
summary kernel: can: usb: etas_es58x: correctly anchor the urb in the read bulk callback
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23324.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23324.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23324
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23324
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451214
reference_id 2451214
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451214
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23324
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n8y5-74xq-f7ft
273
url VCID-nb89-27n1-73e5
vulnerability_id VCID-nb89-27n1-73e5
summary kernel: Linux kernel: Denial of Service due to null pointer dereference in GT MMIO initialization for VFs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38036.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38036
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09964
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10077
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09976
published_at 2026-04-07T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10053
published_at 2026-04-08T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10113
published_at 2026-04-09T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10152
published_at 2026-04-11T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10112
published_at 2026-04-12T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.1009
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38036
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373359
reference_id 2373359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373359
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38036
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nb89-27n1-73e5
274
url VCID-nc6z-qvqq-pbc8
vulnerability_id VCID-nc6z-qvqq-pbc8
summary kernel: nfsd: Fix cred ref leak in nfsd_nl_threads_set_doit()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23297.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23297.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23297
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23297
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451226
reference_id 2451226
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451226
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23297
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nc6z-qvqq-pbc8
275
url VCID-ncy9-6whk-ckep
vulnerability_id VCID-ncy9-6whk-ckep
summary kernel: ALSA: usb-audio: Prevent excessive number of frames
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23208.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23208.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23208
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03352
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03364
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03379
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03383
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03404
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03362
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03297
published_at 2026-04-18T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03333
published_at 2026-04-12T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.0331
published_at 2026-04-13T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03286
published_at 2026-04-16T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04665
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23208
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23208
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23208
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439906
reference_id 2439906
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439906
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23208
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncy9-6whk-ckep
276
url VCID-nm9q-qfj8-4bb4
vulnerability_id VCID-nm9q-qfj8-4bb4
summary kernel: Octeontx2-af: Add proper checks for fwdata
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23070.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23070.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23070
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03066
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03079
published_at 2026-04-07T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03084
published_at 2026-04-08T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03109
published_at 2026-04-09T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03071
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03047
published_at 2026-04-12T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23070
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436763
reference_id 2436763
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436763
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23070
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nm9q-qfj8-4bb4
277
url VCID-nnwa-29v5-jub3
vulnerability_id VCID-nnwa-29v5-jub3
summary kernel: idpf: Fix RSS LUT NULL ptr issue after soft reset
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22993.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22993.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22993
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04239
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04259
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.0427
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.04301
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04317
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04309
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04295
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22993
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432376
reference_id 2432376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432376
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-22993
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nnwa-29v5-jub3
278
url VCID-nsbf-fkcw-cbed
vulnerability_id VCID-nsbf-fkcw-cbed
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31407.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31407.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31407
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01102
published_at 2026-04-24T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01118
published_at 2026-04-13T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01109
published_at 2026-04-16T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01122
published_at 2026-04-18T12:55:00Z
4
value 0.0001
scoring_system epss
scoring_elements 0.01191
published_at 2026-04-21T12:55:00Z
5
value 0.0001
scoring_system epss
scoring_elements 0.01116
published_at 2026-04-12T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.0071
published_at 2026-04-07T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00709
published_at 2026-04-08T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00699
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31407
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31407
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455331
reference_id 2455331
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455331
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31407
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nsbf-fkcw-cbed
279
url VCID-nuhs-4sjq-dkcb
vulnerability_id VCID-nuhs-4sjq-dkcb
summary kernel: inet: frags: flush pending skbs in fqdir_pre_exit()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68768.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68768.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68768
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-24T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07684
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07837
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68768
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68768
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68768
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2429092
reference_id 2429092
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2429092
5
reference_url https://usn.ubuntu.com/8177-1/
reference_id USN-8177-1
reference_type
scores
url https://usn.ubuntu.com/8177-1/
6
reference_url https://usn.ubuntu.com/8177-2/
reference_id USN-8177-2
reference_type
scores
url https://usn.ubuntu.com/8177-2/
7
reference_url https://usn.ubuntu.com/8183-1/
reference_id USN-8183-1
reference_type
scores
url https://usn.ubuntu.com/8183-1/
8
reference_url https://usn.ubuntu.com/8183-2/
reference_id USN-8183-2
reference_type
scores
url https://usn.ubuntu.com/8183-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68768
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nuhs-4sjq-dkcb
280
url VCID-p1cj-v8rw-rqf4
vulnerability_id VCID-p1cj-v8rw-rqf4
summary In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smc_spd_priv when tee() duplicates splice pipe buffer smc_rx_splice() allocates one smc_spd_priv per pipe_buffer and stores the pointer in pipe_buffer.private. The pipe_buf_operations for these buffers used .get = generic_pipe_buf_get, which only increments the page reference count when tee(2) duplicates a pipe buffer. The smc_spd_priv pointer itself was not handled, so after tee() both the original and the cloned pipe_buffer share the same smc_spd_priv *. When both pipes are subsequently released, smc_rx_pipe_buf_release() is called twice against the same object: 1st call: kfree(priv) sock_put(sk) smc_rx_update_cons() [correct] 2nd call: kfree(priv) sock_put(sk) smc_rx_update_cons() [UAF] KASAN reports a slab-use-after-free in smc_rx_pipe_buf_release(), which then escalates to a NULL-pointer dereference and kernel panic via smc_rx_update_consumer() when it chases the freed priv->smc pointer: BUG: KASAN: slab-use-after-free in smc_rx_pipe_buf_release+0x78/0x2a0 Read of size 8 at addr ffff888004a45740 by task smc_splice_tee_/74 Call Trace: <TASK> dump_stack_lvl+0x53/0x70 print_report+0xce/0x650 kasan_report+0xc6/0x100 smc_rx_pipe_buf_release+0x78/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> BUG: kernel NULL pointer dereference, address: 0000000000000020 RIP: 0010:smc_rx_update_consumer+0x8d/0x350 Call Trace: <TASK> smc_rx_pipe_buf_release+0x121/0x2a0 free_pipe_info+0xd4/0x130 pipe_release+0x142/0x160 __fput+0x1c6/0x490 __x64_sys_close+0x4f/0x90 do_syscall_64+0xa6/0x1a0 entry_SYSCALL_64_after_hwframe+0x77/0x7f </TASK> Kernel panic - not syncing: Fatal exception Beyond the memory-safety problem, duplicating an SMC splice buffer is semantically questionable: smc_rx_update_cons() would advance the consumer cursor twice for the same data, corrupting receive-window accounting. A refcount on smc_spd_priv could fix the double-free, but the cursor-accounting issue would still need to be addressed separately. The .get callback is invoked by both tee(2) and splice_pipe_to_pipe() for partial transfers; both will now return -EFAULT. Users who need to duplicate SMC socket data must use a copy-based read path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31507.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31507.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31507
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31507
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31507
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31507
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460706
reference_id 2460706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460706
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31507
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1cj-v8rw-rqf4
281
url VCID-p1cz-e94f-57c2
vulnerability_id VCID-p1cz-e94f-57c2
summary kernel: crypto: x86/aegis - Add missing error checks
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39789.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39789.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39789
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06425
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06461
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07166
published_at 2026-04-08T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07197
published_at 2026-04-09T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07195
published_at 2026-04-11T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07184
published_at 2026-04-24T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07175
published_at 2026-04-13T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07112
published_at 2026-04-16T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07088
published_at 2026-04-18T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07213
published_at 2026-04-21T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07113
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39789
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-39789
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394636
reference_id 2394636
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394636
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39789
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1cz-e94f-57c2
282
url VCID-p2ng-3bek-d3b6
vulnerability_id VCID-p2ng-3bek-d3b6
summary kernel: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71267.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71267.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71267
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10266
published_at 2026-04-24T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10286
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71267
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448599
reference_id 2448599
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448599
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71267
risk_score 1.1
exploitability 0.5
weighted_severity 2.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2ng-3bek-d3b6
283
url VCID-p3s4-ha6m-bber
vulnerability_id VCID-p3s4-ha6m-bber
summary kernel: drm/imagination: Fix deadlock in soft reset sequence
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23470.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23470.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23470
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23470
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454836
reference_id 2454836
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454836
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23470
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3s4-ha6m-bber
284
url VCID-p3vt-v7gj-gqbc
vulnerability_id VCID-p3vt-v7gj-gqbc
summary kernel: io_uring: check if iowq is killed before queuing
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56709.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56709.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-56709
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09479
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09275
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09424
published_at 2026-04-21T12:55:00Z
3
value 0.00037
scoring_system epss
scoring_elements 0.11039
published_at 2026-04-04T12:55:00Z
4
value 0.00037
scoring_system epss
scoring_elements 0.10939
published_at 2026-04-13T12:55:00Z
5
value 0.00037
scoring_system epss
scoring_elements 0.10993
published_at 2026-04-09T12:55:00Z
6
value 0.00037
scoring_system epss
scoring_elements 0.10994
published_at 2026-04-11T12:55:00Z
7
value 0.00037
scoring_system epss
scoring_elements 0.10962
published_at 2026-04-12T12:55:00Z
8
value 0.00037
scoring_system epss
scoring_elements 0.10803
published_at 2026-04-16T12:55:00Z
9
value 0.00037
scoring_system epss
scoring_elements 0.10863
published_at 2026-04-07T12:55:00Z
10
value 0.00037
scoring_system epss
scoring_elements 0.10977
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-56709
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56709
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56709
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2334795
reference_id 2334795
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2334795
5
reference_url https://access.redhat.com/errata/RHSA-2025:20518
reference_id RHSA-2025:20518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20518
6
reference_url https://usn.ubuntu.com/7379-1/
reference_id USN-7379-1
reference_type
scores
url https://usn.ubuntu.com/7379-1/
7
reference_url https://usn.ubuntu.com/7379-2/
reference_id USN-7379-2
reference_type
scores
url https://usn.ubuntu.com/7379-2/
8
reference_url https://usn.ubuntu.com/7380-1/
reference_id USN-7380-1
reference_type
scores
url https://usn.ubuntu.com/7380-1/
9
reference_url https://usn.ubuntu.com/7381-1/
reference_id USN-7381-1
reference_type
scores
url https://usn.ubuntu.com/7381-1/
10
reference_url https://usn.ubuntu.com/7382-1/
reference_id USN-7382-1
reference_type
scores
url https://usn.ubuntu.com/7382-1/
11
reference_url https://usn.ubuntu.com/7513-1/
reference_id USN-7513-1
reference_type
scores
url https://usn.ubuntu.com/7513-1/
12
reference_url https://usn.ubuntu.com/7513-2/
reference_id USN-7513-2
reference_type
scores
url https://usn.ubuntu.com/7513-2/
13
reference_url https://usn.ubuntu.com/7513-3/
reference_id USN-7513-3
reference_type
scores
url https://usn.ubuntu.com/7513-3/
14
reference_url https://usn.ubuntu.com/7513-4/
reference_id USN-7513-4
reference_type
scores
url https://usn.ubuntu.com/7513-4/
15
reference_url https://usn.ubuntu.com/7513-5/
reference_id USN-7513-5
reference_type
scores
url https://usn.ubuntu.com/7513-5/
16
reference_url https://usn.ubuntu.com/7514-1/
reference_id USN-7514-1
reference_type
scores
url https://usn.ubuntu.com/7514-1/
17
reference_url https://usn.ubuntu.com/7515-1/
reference_id USN-7515-1
reference_type
scores
url https://usn.ubuntu.com/7515-1/
18
reference_url https://usn.ubuntu.com/7515-2/
reference_id USN-7515-2
reference_type
scores
url https://usn.ubuntu.com/7515-2/
19
reference_url https://usn.ubuntu.com/7522-1/
reference_id USN-7522-1
reference_type
scores
url https://usn.ubuntu.com/7522-1/
20
reference_url https://usn.ubuntu.com/7523-1/
reference_id USN-7523-1
reference_type
scores
url https://usn.ubuntu.com/7523-1/
21
reference_url https://usn.ubuntu.com/7524-1/
reference_id USN-7524-1
reference_type
scores
url https://usn.ubuntu.com/7524-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
3
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
4
url pkg:deb/debian/linux@6.19.13-1
purl pkg:deb/debian/linux@6.19.13-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.13-1
5
url pkg:deb/debian/linux@7.0-1~exp1
purl pkg:deb/debian/linux@7.0-1~exp1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@7.0-1~exp1
aliases CVE-2024-56709
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p3vt-v7gj-gqbc
285
url VCID-p4by-fm53-yybk
vulnerability_id VCID-p4by-fm53-yybk
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31425.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31425.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31425
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31425
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31425
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31425
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457836
reference_id 2457836
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457836
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31425
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p4by-fm53-yybk
286
url VCID-p595-1qtr-tuae
vulnerability_id VCID-p595-1qtr-tuae
summary kernel: net: bridge: fix nd_tbl NULL dereference when IPv6 is disabled
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23381.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23381
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23381
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23381
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451220
reference_id 2451220
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451220
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23381
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p595-1qtr-tuae
287
url VCID-p9x5-syxd-fufc
vulnerability_id VCID-p9x5-syxd-fufc
summary kernel: io_uring/poll: fix multishot recv missing EOF on wakeup race
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23473.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23473
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-08T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03962
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03975
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23473
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454821
reference_id 2454821
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454821
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23473
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p9x5-syxd-fufc
288
url VCID-pbtm-mu23-9qat
vulnerability_id VCID-pbtm-mu23-9qat
summary kernel: igc: fix page fault in XDP TX timestamps handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23445.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23445.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23445
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02112
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23445
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454804
reference_id 2454804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454804
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23445
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pbtm-mu23-9qat
289
url VCID-pepq-cqcb-dkdm
vulnerability_id VCID-pepq-cqcb-dkdm
summary kernel: net: add xmit recursion limit to tunnel xmit functions
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23276.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23276.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23276
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00038
scoring_system epss
scoring_elements 0.11316
published_at 2026-04-21T12:55:00Z
11
value 0.00038
scoring_system epss
scoring_elements 0.11256
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23276
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23276
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23276
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449561
reference_id 2449561
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449561
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23276
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pepq-cqcb-dkdm
290
url VCID-pmn9-t8by-myhb
vulnerability_id VCID-pmn9-t8by-myhb
summary In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31431.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31431.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31431
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00597
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31431
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31431
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31431
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460538
reference_id 2460538
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460538
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31431
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmn9-t8by-myhb
291
url VCID-pnfa-xm28-w3bk
vulnerability_id VCID-pnfa-xm28-w3bk
summary kernel: ipv6: fix NULL pointer deref in ip6_rt_get_dev_rcu()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23304.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23304
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23304
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23304
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451192
reference_id 2451192
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451192
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23304
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pnfa-xm28-w3bk
292
url VCID-pr3c-sy9g-t3f5
vulnerability_id VCID-pr3c-sy9g-t3f5
summary kernel: drm/tilcdc: Fix removal actions in case of failed probe
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71141.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71141.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71141
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04239
published_at 2026-04-02T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.04259
published_at 2026-04-04T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.0427
published_at 2026-04-07T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04301
published_at 2026-04-08T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.04317
published_at 2026-04-09T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.04309
published_at 2026-04-11T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04295
published_at 2026-04-12T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-13T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.04245
published_at 2026-04-16T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.04254
published_at 2026-04-18T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.0438
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71141
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2429618
reference_id 2429618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2429618
4
reference_url https://usn.ubuntu.com/8179-1/
reference_id USN-8179-1
reference_type
scores
url https://usn.ubuntu.com/8179-1/
5
reference_url https://usn.ubuntu.com/8179-2/
reference_id USN-8179-2
reference_type
scores
url https://usn.ubuntu.com/8179-2/
6
reference_url https://usn.ubuntu.com/8179-3/
reference_id USN-8179-3
reference_type
scores
url https://usn.ubuntu.com/8179-3/
7
reference_url https://usn.ubuntu.com/8184-1/
reference_id USN-8184-1
reference_type
scores
url https://usn.ubuntu.com/8184-1/
8
reference_url https://usn.ubuntu.com/8185-1/
reference_id USN-8185-1
reference_type
scores
url https://usn.ubuntu.com/8185-1/
9
reference_url https://usn.ubuntu.com/8203-1/
reference_id USN-8203-1
reference_type
scores
url https://usn.ubuntu.com/8203-1/
10
reference_url https://usn.ubuntu.com/8204-1/
reference_id USN-8204-1
reference_type
scores
url https://usn.ubuntu.com/8204-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71141
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pr3c-sy9g-t3f5
293
url VCID-psbr-e3ym-tyfv
vulnerability_id VCID-psbr-e3ym-tyfv
summary kernel: Linux kernel: ublk race condition causes kernel crash
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37906.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37906
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16887
published_at 2026-04-02T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16943
published_at 2026-04-04T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16727
published_at 2026-04-07T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.16815
published_at 2026-04-08T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.16872
published_at 2026-04-09T12:55:00Z
5
value 0.00053
scoring_system epss
scoring_elements 0.16847
published_at 2026-04-11T12:55:00Z
6
value 0.00053
scoring_system epss
scoring_elements 0.16802
published_at 2026-04-12T12:55:00Z
7
value 0.00053
scoring_system epss
scoring_elements 0.16743
published_at 2026-04-13T12:55:00Z
8
value 0.00053
scoring_system epss
scoring_elements 0.16678
published_at 2026-04-16T12:55:00Z
9
value 0.00053
scoring_system epss
scoring_elements 0.16685
published_at 2026-04-18T12:55:00Z
10
value 0.00053
scoring_system epss
scoring_elements 0.16722
published_at 2026-04-21T12:55:00Z
11
value 0.00053
scoring_system epss
scoring_elements 0.16627
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37906
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2367530
reference_id 2367530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2367530
4
reference_url https://usn.ubuntu.com/7649-1/
reference_id USN-7649-1
reference_type
scores
url https://usn.ubuntu.com/7649-1/
5
reference_url https://usn.ubuntu.com/7649-2/
reference_id USN-7649-2
reference_type
scores
url https://usn.ubuntu.com/7649-2/
6
reference_url https://usn.ubuntu.com/7650-1/
reference_id USN-7650-1
reference_type
scores
url https://usn.ubuntu.com/7650-1/
7
reference_url https://usn.ubuntu.com/7665-1/
reference_id USN-7665-1
reference_type
scores
url https://usn.ubuntu.com/7665-1/
8
reference_url https://usn.ubuntu.com/7665-2/
reference_id USN-7665-2
reference_type
scores
url https://usn.ubuntu.com/7665-2/
9
reference_url https://usn.ubuntu.com/7721-1/
reference_id USN-7721-1
reference_type
scores
url https://usn.ubuntu.com/7721-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-37906
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-psbr-e3ym-tyfv
294
url VCID-ptyj-1y6d-dud1
vulnerability_id VCID-ptyj-1y6d-dud1
summary kernel: Linux kernel: Denial of Service via unsafe requeue in rxrpc_recvmsg
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23066.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23066.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23066
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02978
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.0334
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03348
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03353
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03373
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03334
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03305
published_at 2026-04-12T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.0463
published_at 2026-04-24T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04475
published_at 2026-04-13T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04444
published_at 2026-04-16T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04453
published_at 2026-04-18T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04591
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23066
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23066
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23066
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2436805
reference_id 2436805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2436805
5
reference_url https://access.redhat.com/errata/RHSA-2026:10108
reference_id RHSA-2026:10108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10108
6
reference_url https://access.redhat.com/errata/RHSA-2026:9095
reference_id RHSA-2026:9095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9095
7
reference_url https://access.redhat.com/errata/RHSA-2026:9112
reference_id RHSA-2026:9112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9112
8
reference_url https://access.redhat.com/errata/RHSA-2026:9512
reference_id RHSA-2026:9512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9512
9
reference_url https://access.redhat.com/errata/RHSA-2026:9644
reference_id RHSA-2026:9644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9644
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23066
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptyj-1y6d-dud1
295
url VCID-pva7-b7rk-ykam
vulnerability_id VCID-pva7-b7rk-ykam
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31410.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31410.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31410
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01102
published_at 2026-04-24T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.01037
published_at 2026-04-13T12:55:00Z
2
value 0.0001
scoring_system epss
scoring_elements 0.01032
published_at 2026-04-16T12:55:00Z
3
value 0.0001
scoring_system epss
scoring_elements 0.01041
published_at 2026-04-18T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00669
published_at 2026-04-07T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00668
published_at 2026-04-08T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.0066
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31410
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31410
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455339
reference_id 2455339
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455339
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31410
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pva7-b7rk-ykam
296
url VCID-pwd1-juze-77bx
vulnerability_id VCID-pwd1-juze-77bx
summary kernel: arm64: io: Extract user memory type in ioremap_prot()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23346.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23346.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23346
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23346
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451236
reference_id 2451236
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451236
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23346
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pwd1-juze-77bx
297
url VCID-pytf-9ehq-ykc5
vulnerability_id VCID-pytf-9ehq-ykc5
summary In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with s_first_data_block != 0 bigalloc with s_first_data_block != 0 is not supported, reject mounting it.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31447.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31447
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31447
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460661
reference_id 2460661
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460661
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31447
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pytf-9ehq-ykc5
298
url VCID-q1cz-abcx-myc2
vulnerability_id VCID-q1cz-abcx-myc2
summary kernel: btrfs: fix double free of qgroup record after failure to add delayed ref head
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68359.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68359.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68359
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68359
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424863
reference_id 2424863
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424863
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68359
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q1cz-abcx-myc2
299
url VCID-q567-ceh3-4bdq
vulnerability_id VCID-q567-ceh3-4bdq
summary kernel: pinctrl: equilibrium: fix warning trace on load
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23308.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23308
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23308
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451193
reference_id 2451193
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451193
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23308
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q567-ceh3-4bdq
300
url VCID-q7a3-cm2m-ayga
vulnerability_id VCID-q7a3-cm2m-ayga
summary kernel: smc: Fix use-after-free in __pnet_find_base_ndev()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40064.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40064
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05587
published_at 2026-04-24T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.0548
published_at 2026-04-09T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07272
published_at 2026-04-07T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07327
published_at 2026-04-08T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40064
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40064
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406747
reference_id 2406747
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406747
5
reference_url https://access.redhat.com/errata/RHSA-2026:2721
reference_id RHSA-2026:2721
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2721
6
reference_url https://access.redhat.com/errata/RHSA-2026:2722
reference_id RHSA-2026:2722
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2722
7
reference_url https://access.redhat.com/errata/RHSA-2026:3083
reference_id RHSA-2026:3083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3083
8
reference_url https://access.redhat.com/errata/RHSA-2026:3110
reference_id RHSA-2026:3110
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3110
9
reference_url https://access.redhat.com/errata/RHSA-2026:4111
reference_id RHSA-2026:4111
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4111
10
reference_url https://access.redhat.com/errata/RHSA-2026:6954
reference_id RHSA-2026:6954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6954
11
reference_url https://access.redhat.com/errata/RHSA-2026:9513
reference_id RHSA-2026:9513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9513
12
reference_url https://access.redhat.com/errata/RHSA-2026:9514
reference_id RHSA-2026:9514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9514
13
reference_url https://access.redhat.com/errata/RHSA-2026:9643
reference_id RHSA-2026:9643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9643
14
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
15
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
16
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
17
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
18
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40064
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q7a3-cm2m-ayga
301
url VCID-q8fu-8mce-7ue6
vulnerability_id VCID-q8fu-8mce-7ue6
summary kernel: platform/x86/amd: pmf: Use device managed allocations
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38421.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38421.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38421
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05753
published_at 2026-04-09T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05654
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05694
published_at 2026-04-04T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05687
published_at 2026-04-07T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05726
published_at 2026-04-08T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07163
published_at 2026-04-16T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07255
published_at 2026-04-11T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07241
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07231
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07158
published_at 2026-04-18T12:55:00Z
10
value 0.00029
scoring_system epss
scoring_elements 0.08249
published_at 2026-04-24T12:55:00Z
11
value 0.00029
scoring_system epss
scoring_elements 0.08272
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38421
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2383457
reference_id 2383457
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2383457
4
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
5
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
6
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
7
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
8
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
9
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38421
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q8fu-8mce-7ue6
302
url VCID-qa1s-pr21-cycs
vulnerability_id VCID-qa1s-pr21-cycs
summary kernel: Kernel: Denial of Service via DVB DVR ringbuffer reinitialization flaw
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23253.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23253.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23253
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.034
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03414
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23253
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23253
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448685
reference_id 2448685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448685
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23253
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qa1s-pr21-cycs
303
url VCID-qefy-64um-sqh7
vulnerability_id VCID-qefy-64um-sqh7
summary kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23210.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23210.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23210
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03066
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03079
published_at 2026-04-07T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03084
published_at 2026-04-08T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03109
published_at 2026-04-09T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03071
published_at 2026-04-11T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03021
published_at 2026-04-18T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.03141
published_at 2026-04-21T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03047
published_at 2026-04-12T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.03035
published_at 2026-04-13T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03012
published_at 2026-04-16T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.04399
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23210
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439895
reference_id 2439895
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439895
4
reference_url https://access.redhat.com/errata/RHSA-2026:6570
reference_id RHSA-2026:6570
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6570
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23210
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qefy-64um-sqh7
304
url VCID-qffu-7n92-bbhy
vulnerability_id VCID-qffu-7n92-bbhy
summary In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG_FORTIFY_SOURCE=y and a recent compiler, commit 439a1bcac648 ("fortify: Use __builtin_dynamic_object_size() when available") produces the warning below and an oops. Searching for RedBoot partition table in 50000000.flash at offset 0x7e0000 ------------[ cut here ]------------ WARNING: lib/string_helpers.c:1035 at 0xc029e04c, CPU#0: swapper/0/1 memcmp: detected buffer overflow: 15 byte read of buffer size 14 Modules linked in: CPU: 0 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.19.0 #1 NONE As Kees said, "'names' is pointing to the final 'namelen' many bytes of the allocation ... 'namelen' could be basically any length at all. This fortify warning looks legit to me -- this code used to be reading beyond the end of the allocation." Since the size of the dynamic allocation is calculated with strlen() we can use strcmp() instead of memcmp() and remain within bounds.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23474.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23474.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23474
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.08568
published_at 2026-04-07T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.08641
published_at 2026-04-08T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.0865
published_at 2026-04-04T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12087
published_at 2026-04-12T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12057
published_at 2026-04-13T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.11929
published_at 2026-04-16T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.11926
published_at 2026-04-18T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12045
published_at 2026-04-21T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12022
published_at 2026-04-24T12:55:00Z
9
value 0.0004
scoring_system epss
scoring_elements 0.12116
published_at 2026-04-09T12:55:00Z
10
value 0.0004
scoring_system epss
scoring_elements 0.12124
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23474
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23474
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23474
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454806
reference_id 2454806
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454806
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23474
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qffu-7n92-bbhy
305
url VCID-qmuk-1txu-z3da
vulnerability_id VCID-qmuk-1txu-z3da
summary kernel: Squashfs: check metadata block offset is within range
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23388.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23388
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23388
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451212
reference_id 2451212
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451212
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23388
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qmuk-1txu-z3da
306
url VCID-qsdm-cyzs-aufy
vulnerability_id VCID-qsdm-cyzs-aufy
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31414.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31414
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31414
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31414
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457830
reference_id 2457830
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457830
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31414
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsdm-cyzs-aufy
307
url VCID-qx21-w7wn-tqap
vulnerability_id VCID-qx21-w7wn-tqap
summary kernel: f2fs: fix to do sanity check on node footer in {read,write}_end_io
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23265.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23265.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23265
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06562
published_at 2026-04-24T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06546
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23265
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23265
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23265
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448709
reference_id 2448709
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448709
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23265
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qx21-w7wn-tqap
308
url VCID-qxd4-7ack-dkaf
vulnerability_id VCID-qxd4-7ack-dkaf
summary kernel: mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39910.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39910.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39910
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02677
published_at 2026-04-02T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02771
published_at 2026-04-24T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02682
published_at 2026-04-12T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02678
published_at 2026-04-13T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.0266
published_at 2026-04-16T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02668
published_at 2026-04-18T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02781
published_at 2026-04-21T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02692
published_at 2026-04-04T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.027
published_at 2026-04-07T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02703
published_at 2026-04-08T12:55:00Z
10
value 0.00014
scoring_system epss
scoring_elements 0.02723
published_at 2026-04-09T12:55:00Z
11
value 0.00014
scoring_system epss
scoring_elements 0.02696
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39910
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2400592
reference_id 2400592
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2400592
4
reference_url https://git.kernel.org/stable/c/33b95d90427cb4babf32059e323a6d0c027610fe
reference_id 33b95d90427cb4babf32059e323a6d0c027610fe
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:42:43Z/
url https://git.kernel.org/stable/c/33b95d90427cb4babf32059e323a6d0c027610fe
5
reference_url https://git.kernel.org/stable/c/79357cd06d41d0f5a11b17d7c86176e395d10ef2
reference_id 79357cd06d41d0f5a11b17d7c86176e395d10ef2
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T17:42:43Z/
url https://git.kernel.org/stable/c/79357cd06d41d0f5a11b17d7c86176e395d10ef2
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39910
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxd4-7ack-dkaf
309
url VCID-qyxy-uh9d-fqhr
vulnerability_id VCID-qyxy-uh9d-fqhr
summary kernel: RDMA/irdma: Fix kernel stack leak in irdma_create_user_ah()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23335.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23335.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23335
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23335
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451242
reference_id 2451242
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451242
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23335
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qyxy-uh9d-fqhr
310
url VCID-qz4v-xapc-nqh9
vulnerability_id VCID-qz4v-xapc-nqh9
summary kernel: wifi: mt76: mt7915: fix list corruption after hardware restart
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39862.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39862.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39862
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04774
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04846
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04797
published_at 2026-04-04T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04812
published_at 2026-04-07T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04857
published_at 2026-04-09T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04844
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04821
published_at 2026-04-12T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04801
published_at 2026-04-13T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05716
published_at 2026-04-21T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05544
published_at 2026-04-16T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05558
published_at 2026-04-18T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05749
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39862
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://git.kernel.org/stable/c/065c79df595af21d6d1b27d642860faa1d938774
reference_id 065c79df595af21d6d1b27d642860faa1d938774
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T19:23:35Z/
url https://git.kernel.org/stable/c/065c79df595af21d6d1b27d642860faa1d938774
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2396925
reference_id 2396925
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2396925
5
reference_url https://git.kernel.org/stable/c/8fa8eb52bc2eb08d93202863b5fc478e0bebc00c
reference_id 8fa8eb52bc2eb08d93202863b5fc478e0bebc00c
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-14T19:23:35Z/
url https://git.kernel.org/stable/c/8fa8eb52bc2eb08d93202863b5fc478e0bebc00c
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39862
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qz4v-xapc-nqh9
311
url VCID-r1fj-r1mn-83fr
vulnerability_id VCID-r1fj-r1mn-83fr
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23412.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23412.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23412
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04588
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23412
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454319
reference_id 2454319
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454319
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23412
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r1fj-r1mn-83fr
312
url VCID-r76g-d7px-hqff
vulnerability_id VCID-r76g-d7px-hqff
summary kernel: net/sched: ets: fix divide by zero in the offload path
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23379.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23379.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23379
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23379
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23379
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451247
reference_id 2451247
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451247
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23379
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r76g-d7px-hqff
313
url VCID-r7fp-rb7m-b7gs
vulnerability_id VCID-r7fp-rb7m-b7gs
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31427.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31427.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31427
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31427
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31427
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31427
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457842
reference_id 2457842
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457842
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31427
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7fp-rb7m-b7gs
314
url VCID-r89h-js19-77dr
vulnerability_id VCID-r89h-js19-77dr
summary In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in update_super_work when racing with umount Commit b98535d09179 ("ext4: fix bug_on in start_this_handle during umount filesystem") moved ext4_unregister_sysfs() before flushing s_sb_upd_work to prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups reads during unmount. However, this introduced a use-after-free because update_super_work calls ext4_notify_error_sysfs() -> sysfs_notify() which accesses the kobject's kernfs_node after it has been freed by kobject_del() in ext4_unregister_sysfs(): update_super_work ext4_put_super ----------------- -------------- ext4_unregister_sysfs(sb) kobject_del(&sbi->s_kobj) __kobject_del() sysfs_remove_dir() kobj->sd = NULL sysfs_put(sd) kernfs_put() // RCU free ext4_notify_error_sysfs(sbi) sysfs_notify(&sbi->s_kobj) kn = kobj->sd // stale pointer kernfs_get(kn) // UAF on freed kernfs_node ext4_journal_destroy() flush_work(&sbi->s_sb_upd_work) Instead of reordering the teardown sequence, fix this by making ext4_notify_error_sysfs() detect that sysfs has already been torn down by checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call in that case. A dedicated mutex (s_error_notify_mutex) serializes ext4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs() to prevent TOCTOU races where the kobject could be deleted between the state_in_sysfs check and the sysfs_notify() call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31446.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31446.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31446
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31446
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31446
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31446
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460704
reference_id 2460704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460704
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31446
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r89h-js19-77dr
315
url VCID-rfzp-v6r1-aqae
vulnerability_id VCID-rfzp-v6r1-aqae
summary kernel: wifi: ath12k: Fix memory leak due to multiple rx_stats allocation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38199.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38199.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38199
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.0768
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07712
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07678
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07738
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07756
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07755
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07741
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07725
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-16T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07636
published_at 2026-04-18T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07802
published_at 2026-04-21T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07759
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38199
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376370
reference_id 2376370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376370
4
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
5
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
6
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
7
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
8
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
9
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38199
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rfzp-v6r1-aqae
316
url VCID-rh4e-sbew-nkbm
vulnerability_id VCID-rh4e-sbew-nkbm
summary kernel: virtio: break and reset virtio devices on device_shutdown()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38064.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38064
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08299
published_at 2026-04-02T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08399
published_at 2026-04-04T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.0832
published_at 2026-04-07T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08384
published_at 2026-04-08T12:55:00Z
4
value 0.00029
scoring_system epss
scoring_elements 0.08401
published_at 2026-04-09T12:55:00Z
5
value 0.00029
scoring_system epss
scoring_elements 0.08392
published_at 2026-04-11T12:55:00Z
6
value 0.00029
scoring_system epss
scoring_elements 0.08373
published_at 2026-04-12T12:55:00Z
7
value 0.00029
scoring_system epss
scoring_elements 0.08357
published_at 2026-04-13T12:55:00Z
8
value 0.00079
scoring_system epss
scoring_elements 0.2314
published_at 2026-04-24T12:55:00Z
9
value 0.00079
scoring_system epss
scoring_elements 0.23357
published_at 2026-04-16T12:55:00Z
10
value 0.00079
scoring_system epss
scoring_elements 0.23351
published_at 2026-04-18T12:55:00Z
11
value 0.00079
scoring_system epss
scoring_elements 0.23331
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38064
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38064
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38064
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2373319
reference_id 2373319
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2373319
5
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
6
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
7
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
8
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
9
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
10
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
11
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38064
risk_score 3.0
exploitability 0.5
weighted_severity 6.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rh4e-sbew-nkbm
317
url VCID-rkqz-erqh-dfh4
vulnerability_id VCID-rkqz-erqh-dfh4
summary In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a conflicting inode If we log the parent directory of a conflicting inode, we are not logging the new dentries of the directory, so when we finish we have the parent directory's inode marked as logged but we did not log its new dentries. As a consequence if the parent directory is explicitly fsynced later and it does not have any new changes since we logged it, the fsync is a no-op and after a power failure the new dentries are missing. Example scenario: $ mkdir foo $ sync $rmdir foo $ mkdir dir1 $ mkdir dir2 # A file with the same name and parent as the directory we just deleted # and was persisted in a past transaction. So the deleted directory's # inode is a conflicting inode of this new file's inode. $ touch foo $ ln foo dir2/link # The fsync on dir2 will log the parent directory (".") because the # conflicting inode (deleted directory) does not exists anymore, but it # it does not log its new dentries (dir1). $ xfs_io -c "fsync" dir2 # This fsync on the parent directory is no-op, since the previous fsync # logged it (but without logging its new dentries). $ xfs_io -c "fsync" . <power failure> # After log replay dir1 is missing. Fix this by ensuring we log new dir dentries whenever we log the parent directory of a no longer existing conflicting inode. A test case for fstests will follow soon.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23465.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23465
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23465
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454846
reference_id 2454846
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454846
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23465
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rkqz-erqh-dfh4
318
url VCID-rmuw-t9j1-sygw
vulnerability_id VCID-rmuw-t9j1-sygw
summary kernel: blk-mq: fix potential deadlock while nr_requests grown
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40146.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40146.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40146
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05995
published_at 2026-04-12T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05961
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06113
published_at 2026-04-21T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40146
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40146
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40146
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414500
reference_id 2414500
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414500
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40146
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rmuw-t9j1-sygw
319
url VCID-rrxa-r3j8-ubh3
vulnerability_id VCID-rrxa-r3j8-ubh3
summary In the Linux kernel, the following vulnerability has been resolved: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex MEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0) queue teardown paths. This can race request object cleanup against vb2 queue cancellation and lead to use-after-free reports. We already serialize request queueing against STREAMON/OFF with req_queue_mutex. Extend that serialization to REQBUFS, and also take the same mutex in media_request_ioctl_reinit() so REINIT is in the same exclusion domain. This keeps request cleanup and queue cancellation from running in parallel for request-capable devices.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31473
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31473
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31473
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31473
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrxa-r3j8-ubh3
320
url VCID-rsz5-e5fc-syh2
vulnerability_id VCID-rsz5-e5fc-syh2
summary kernel: ax25: Remove broken autobind
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22109.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22109
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.2314
published_at 2026-04-24T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23467
published_at 2026-04-02T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.23504
published_at 2026-04-04T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23288
published_at 2026-04-07T12:55:00Z
4
value 0.00079
scoring_system epss
scoring_elements 0.23361
published_at 2026-04-08T12:55:00Z
5
value 0.00079
scoring_system epss
scoring_elements 0.23411
published_at 2026-04-09T12:55:00Z
6
value 0.00079
scoring_system epss
scoring_elements 0.23431
published_at 2026-04-11T12:55:00Z
7
value 0.00079
scoring_system epss
scoring_elements 0.23393
published_at 2026-04-12T12:55:00Z
8
value 0.00079
scoring_system epss
scoring_elements 0.2334
published_at 2026-04-13T12:55:00Z
9
value 0.00079
scoring_system epss
scoring_elements 0.23357
published_at 2026-04-16T12:55:00Z
10
value 0.00079
scoring_system epss
scoring_elements 0.23351
published_at 2026-04-18T12:55:00Z
11
value 0.00079
scoring_system epss
scoring_elements 0.23331
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22109
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22109
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360302
reference_id 2360302
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360302
5
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
6
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
7
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22109
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rsz5-e5fc-syh2
321
url VCID-rtdx-733f-4qcq
vulnerability_id VCID-rtdx-733f-4qcq
summary kernel: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38205.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38205.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38205
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07759
published_at 2026-04-24T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.0768
published_at 2026-04-02T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07712
published_at 2026-04-04T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07678
published_at 2026-04-07T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07738
published_at 2026-04-08T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07756
published_at 2026-04-09T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07755
published_at 2026-04-11T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07741
published_at 2026-04-12T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07725
published_at 2026-04-13T12:55:00Z
9
value 0.00027
scoring_system epss
scoring_elements 0.07649
published_at 2026-04-16T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.07636
published_at 2026-04-18T12:55:00Z
11
value 0.00027
scoring_system epss
scoring_elements 0.07802
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38205
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376366
reference_id 2376366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376366
4
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
5
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
6
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
7
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
8
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
9
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38205
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rtdx-733f-4qcq
322
url VCID-rv7g-3bjt-qkgc
vulnerability_id VCID-rv7g-3bjt-qkgc
summary In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix memory leak when a wq is reset idxd_wq_disable_cleanup() which is called from the reset path for a workqueue, sets the wq type to NONE, which for other parts of the driver mean that the wq is empty (all its resources were released). Only set the wq type to NONE after its resources are released.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31441.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31441
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31441
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31441
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31441
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460709
reference_id 2460709
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460709
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31441
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rv7g-3bjt-qkgc
323
url VCID-s81d-vavh-fudh
vulnerability_id VCID-s81d-vavh-fudh
summary kernel: drm/xe: Don't allow evicting of BOs in same VM in array of VM binds
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40086.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40086.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40086
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05939
published_at 2026-04-07T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05977
published_at 2026-04-08T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40086
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2407335
reference_id 2407335
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2407335
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40086
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s81d-vavh-fudh
324
url VCID-se4d-mkta-c3dg
vulnerability_id VCID-se4d-mkta-c3dg
summary kernel: netfilter: nf_tables: clone set on flush only
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23385.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23385
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0587
published_at 2026-04-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05864
published_at 2026-04-07T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23385
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451183
reference_id 2451183
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451183
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23385
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-se4d-mkta-c3dg
325
url VCID-sjam-bp41-27f4
vulnerability_id VCID-sjam-bp41-27f4
summary kernel: net: usb: kalmia: validate USB endpoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23365.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23365.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23365
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23365
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23365
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451238
reference_id 2451238
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451238
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23365
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjam-bp41-27f4
326
url VCID-sm3v-84rs-nyem
vulnerability_id VCID-sm3v-84rs-nyem
summary In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rose_transmit_link on reconnect syzkaller reported a bug [1], and the reproducer is available at [2]. ROSE sockets use four sk->sk_state values: TCP_CLOSE, TCP_LISTEN, TCP_SYN_SENT, and TCP_ESTABLISHED. rose_connect() already rejects calls for TCP_ESTABLISHED (-EISCONN) and TCP_CLOSE with SS_CONNECTING (-ECONNREFUSED), but lacks a check for TCP_SYN_SENT. When rose_connect() is called a second time while the first connection attempt is still in progress (TCP_SYN_SENT), it overwrites rose->neighbour via rose_get_neigh(). If that returns NULL, the socket is left with rose->state == ROSE_STATE_1 but rose->neighbour == NULL. When the socket is subsequently closed, rose_release() sees ROSE_STATE_1 and calls rose_write_internal() -> rose_transmit_link(skb, NULL), causing a NULL pointer dereference. Per connect(2), a second connect() while a connection is already in progress should return -EALREADY. Add this missing check for TCP_SYN_SENT to complete the state validation in rose_connect(). [1] https://syzkaller.appspot.com/bug?extid=d00f90e0af54102fb271 [2] https://gist.github.com/mrpre/9e6779e0d13e2c66779b1653fef80516
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23460.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23460.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23460
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23460
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23460
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23460
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454827
reference_id 2454827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454827
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23460
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sm3v-84rs-nyem
327
url VCID-sne8-13hq-mqan
vulnerability_id VCID-sne8-13hq-mqan
summary kernel: netfilter: nf_tables: unconditionally bump set->nelems before insertion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23272.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23272.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23272
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02162
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02147
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02143
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02118
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.0213
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02168
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.02163
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02164
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02182
published_at 2026-04-09T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.03198
published_at 2026-04-24T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.03192
published_at 2026-04-21T12:55:00Z
11
value 0.00022
scoring_system epss
scoring_elements 0.05836
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23272
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23272
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23272
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449571
reference_id 2449571
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449571
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23272
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sne8-13hq-mqan
328
url VCID-spab-qnhh-vqap
vulnerability_id VCID-spab-qnhh-vqap
summary kernel: irqchip/sifive-plic: Fix frozen interrupt due to affinity setting
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23287.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23287.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23287
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23287
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23287
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23287
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451277
reference_id 2451277
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451277
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23287
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-spab-qnhh-vqap
329
url VCID-sqf7-4e8r-7ken
vulnerability_id VCID-sqf7-4e8r-7ken
summary kernel: wifi: mac80211: fix NULL deref in mesh_matches_local()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23396.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23396
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17368
published_at 2026-04-24T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17455
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23396
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451661
reference_id 2451661
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451661
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23396
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqf7-4e8r-7ken
330
url VCID-sr9e-6z4k-nqf9
vulnerability_id VCID-sr9e-6z4k-nqf9
summary In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix leaking event log memory During the device remove process, the device is reset, causing the configuration registers to go back to their default state, which is zero. As the driver is checking if the event log support was enabled before deallocating, it will fail if a reset happened before. Do not check if the support was enabled, the check for 'idxd->evl' being valid (only allocated if the HW capability is available) is enough.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31440.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31440.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31440
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31440
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460622
reference_id 2460622
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460622
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31440
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sr9e-6z4k-nqf9
331
url VCID-sv2x-sud7-9fcv
vulnerability_id VCID-sv2x-sud7-9fcv
summary In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bo_number field. Although the previous multiplication overflow check prevents out-of-bounds allocation, a large number of entries could still cause excessive memory allocation (up to potentially gigabytes) and unnecessarily long list processing times. Introduce a hard limit of 128k entries per BO list, which is more than sufficient for any realistic use case (e.g., a single list containing all buffers in a large scene). This prevents memory exhaustion attacks and ensures predictable performance. Return -EINVAL if the requested entry count exceeds the limit (cherry picked from commit 688b87d39e0aa8135105b40dc167d74b5ada5332)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23468.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23468.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23468
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03975
published_at 2026-04-07T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03981
published_at 2026-04-08T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03962
published_at 2026-04-04T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.05909
published_at 2026-04-12T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05902
published_at 2026-04-13T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.05866
published_at 2026-04-16T12:55:00Z
6
value 0.00022
scoring_system epss
scoring_elements 0.05878
published_at 2026-04-18T12:55:00Z
7
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
8
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.0594
published_at 2026-04-09T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.05919
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23468
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23468
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23468
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454848
reference_id 2454848
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454848
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23468
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sv2x-sud7-9fcv
332
url VCID-svm7-nyr5-kfa3
vulnerability_id VCID-svm7-nyr5-kfa3
summary kernel: atm: lec: fix null-ptr-deref in lec_arp_clear_vccs
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23286.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23286.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23286
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23286
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23286
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23286
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451172
reference_id 2451172
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451172
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23286
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-svm7-nyr5-kfa3
333
url VCID-sy3c-f5q7-qygm
vulnerability_id VCID-sy3c-f5q7-qygm
summary kernel: icmp: fix NULL pointer dereference in icmp_tag_validation()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23398.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23398.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23398
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17455
published_at 2026-04-21T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17368
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23398
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23398
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23398
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451662
reference_id 2451662
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451662
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23398
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sy3c-f5q7-qygm
334
url VCID-szdg-jd74-r7g1
vulnerability_id VCID-szdg-jd74-r7g1
summary kernel: wifi: mac80211: don't WARN for connections on invalid channels
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71227.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71227.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71227
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03908
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03922
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03951
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03919
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03902
published_at 2026-04-12T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.03875
published_at 2026-04-13T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03854
published_at 2026-04-16T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03864
published_at 2026-04-18T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03984
published_at 2026-04-21T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.03996
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71227
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71227
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440641
reference_id 2440641
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440641
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71227
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-szdg-jd74-r7g1
335
url VCID-t2sv-vqq2-q7av
vulnerability_id VCID-t2sv-vqq2-q7av
summary kernel: netfilter: nf_tables: always walk all pending catchall elements
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23278.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23278.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23278
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03494
published_at 2026-04-02T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03508
published_at 2026-04-04T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03518
published_at 2026-04-07T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.0352
published_at 2026-04-08T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03543
published_at 2026-04-09T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03498
published_at 2026-04-11T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03445
published_at 2026-04-13T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03418
published_at 2026-04-16T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03429
published_at 2026-04-18T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.0347
published_at 2026-04-12T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04781
published_at 2026-04-21T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.04816
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23278
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23278
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23278
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449570
reference_id 2449570
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449570
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23278
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t2sv-vqq2-q7av
336
url VCID-t4n5-xvuu-uba1
vulnerability_id VCID-t4n5-xvuu-uba1
summary kernel: idpf: fix error handling in the init_task on load
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23017.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23017.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23017
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03908
published_at 2026-04-04T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03922
published_at 2026-04-07T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-08T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-02T12:55:00Z
4
value 0.00019
scoring_system epss
scoring_elements 0.05041
published_at 2026-04-16T12:55:00Z
5
value 0.00019
scoring_system epss
scoring_elements 0.05046
published_at 2026-04-18T12:55:00Z
6
value 0.00019
scoring_system epss
scoring_elements 0.05194
published_at 2026-04-21T12:55:00Z
7
value 0.00019
scoring_system epss
scoring_elements 0.05225
published_at 2026-04-24T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.0515
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05125
published_at 2026-04-11T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05108
published_at 2026-04-12T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05093
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23017
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2435657
reference_id 2435657
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2435657
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23017
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4n5-xvuu-uba1
337
url VCID-td5e-4c6y-cyc9
vulnerability_id VCID-td5e-4c6y-cyc9
summary kernel: net: usb: kaweth: validate USB endpoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23312.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23312.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23312
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23312
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23312
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451228
reference_id 2451228
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451228
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23312
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-td5e-4c6y-cyc9
338
url VCID-texr-5weq-v3dw
vulnerability_id VCID-texr-5weq-v3dw
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31424.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31424.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31424
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31424
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31424
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31424
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457826
reference_id 2457826
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457826
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31424
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-texr-5weq-v3dw
339
url VCID-tpyv-xst5-vyd6
vulnerability_id VCID-tpyv-xst5-vyd6
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: skip expectations in other netns via proc Skip expectations that do not reside in this netns. Similar to e77e6ff502ea ("netfilter: conntrack: do not dump other netns's conntrack entries via proc").
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31496.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31496.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31496
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31496
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31496
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31496
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460701
reference_id 2460701
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460701
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31496
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tpyv-xst5-vyd6
340
url VCID-tqmr-q8w3-cyg2
vulnerability_id VCID-tqmr-q8w3-cyg2
summary kernel: idpf: check error for register_netdev() on init
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22116.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22116
reference_id
reference_type
scores
0
value 0.00082
scoring_system epss
scoring_elements 0.2412
published_at 2026-04-02T12:55:00Z
1
value 0.00082
scoring_system epss
scoring_elements 0.24158
published_at 2026-04-04T12:55:00Z
2
value 0.00099
scoring_system epss
scoring_elements 0.27659
published_at 2026-04-09T12:55:00Z
3
value 0.00099
scoring_system epss
scoring_elements 0.27665
published_at 2026-04-11T12:55:00Z
4
value 0.00099
scoring_system epss
scoring_elements 0.2762
published_at 2026-04-12T12:55:00Z
5
value 0.00099
scoring_system epss
scoring_elements 0.27563
published_at 2026-04-13T12:55:00Z
6
value 0.00099
scoring_system epss
scoring_elements 0.2757
published_at 2026-04-16T12:55:00Z
7
value 0.00099
scoring_system epss
scoring_elements 0.27544
published_at 2026-04-18T12:55:00Z
8
value 0.00099
scoring_system epss
scoring_elements 0.27504
published_at 2026-04-21T12:55:00Z
9
value 0.00099
scoring_system epss
scoring_elements 0.2746
published_at 2026-04-24T12:55:00Z
10
value 0.00099
scoring_system epss
scoring_elements 0.27549
published_at 2026-04-07T12:55:00Z
11
value 0.00099
scoring_system epss
scoring_elements 0.27616
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22116
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360243
reference_id 2360243
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360243
4
reference_url https://access.redhat.com/errata/RHSA-2025:20095
reference_id RHSA-2025:20095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20095
5
reference_url https://access.redhat.com/errata/RHSA-2025:20518
reference_id RHSA-2025:20518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20518
6
reference_url https://access.redhat.com/errata/RHSA-2025:9580
reference_id RHSA-2025:9580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9580
7
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
8
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
9
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22116
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tqmr-q8w3-cyg2
341
url VCID-tt18-fh9r-57c9
vulnerability_id VCID-tt18-fh9r-57c9
summary kernel: nfc: nci: free skb on nci_transceive early error paths
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23339.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23339.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23339
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23339
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23339
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23339
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451268
reference_id 2451268
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451268
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23339
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tt18-fh9r-57c9
342
url VCID-tu5g-jnzs-33d4
vulnerability_id VCID-tu5g-jnzs-33d4
summary In the Linux kernel, the following vulnerability has been resolved: spi: use generic driver_override infrastructure When a driver is probed through __driver_attach(), the bus' match() callback is called without the device lock held, thus accessing the driver_override field without a lock, which can cause a UAF. Fix this by using the driver-core driver_override infrastructure taking care of proper locking internally. Note that calling match() from __driver_attach() without the device lock held is intentional. [1] Also note that we do not enable the driver_override feature of struct bus_type, as SPI - in contrast to most other buses - passes "" to sysfs_emit() when the driver_override pointer is NULL. Thus, printing "\n" instead of "(null)\n".
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31487.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31487.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31487
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31487
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31487
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31487
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460640
reference_id 2460640
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460640
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31487
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tu5g-jnzs-33d4
343
url VCID-twwm-48md-yybs
vulnerability_id VCID-twwm-48md-yybs
summary kernel: xfs: check return value of xchk_scrub_create_subord
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23250.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23250.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23250
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.07078
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.07063
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23250
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448712
reference_id 2448712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448712
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23250
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-twwm-48md-yybs
344
url VCID-tzdq-wy6d-xbbx
vulnerability_id VCID-tzdq-wy6d-xbbx
summary kernel: PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23361.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23361.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23361
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23361
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23361
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451210
reference_id 2451210
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451210
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23361
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-wy6d-xbbx
345
url VCID-u6nn-wr8u-qqdj
vulnerability_id VCID-u6nn-wr8u-qqdj
summary kernel: Linux kernel: Use-after-free in bonding module can cause system crash or arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23171.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23171.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23171
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03927
published_at 2026-04-02T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03936
published_at 2026-04-04T12:55:00Z
2
value 0.00017
scoring_system epss
scoring_elements 0.03947
published_at 2026-04-07T12:55:00Z
3
value 0.00017
scoring_system epss
scoring_elements 0.03953
published_at 2026-04-08T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.03978
published_at 2026-04-09T12:55:00Z
5
value 0.00017
scoring_system epss
scoring_elements 0.03945
published_at 2026-04-11T12:55:00Z
6
value 0.00017
scoring_system epss
scoring_elements 0.03889
published_at 2026-04-18T12:55:00Z
7
value 0.00017
scoring_system epss
scoring_elements 0.04009
published_at 2026-04-21T12:55:00Z
8
value 0.00017
scoring_system epss
scoring_elements 0.03928
published_at 2026-04-12T12:55:00Z
9
value 0.00017
scoring_system epss
scoring_elements 0.03899
published_at 2026-04-13T12:55:00Z
10
value 0.00017
scoring_system epss
scoring_elements 0.03878
published_at 2026-04-16T12:55:00Z
11
value 0.00019
scoring_system epss
scoring_elements 0.05252
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23171
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439886
reference_id 2439886
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439886
4
reference_url https://access.redhat.com/errata/RHSA-2026:10108
reference_id RHSA-2026:10108
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10108
5
reference_url https://access.redhat.com/errata/RHSA-2026:6153
reference_id RHSA-2026:6153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6153
6
reference_url https://access.redhat.com/errata/RHSA-2026:6632
reference_id RHSA-2026:6632
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6632
7
reference_url https://access.redhat.com/errata/RHSA-2026:8342
reference_id RHSA-2026:8342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:8342
8
reference_url https://access.redhat.com/errata/RHSA-2026:9112
reference_id RHSA-2026:9112
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9112
9
reference_url https://access.redhat.com/errata/RHSA-2026:9512
reference_id RHSA-2026:9512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9512
10
reference_url https://access.redhat.com/errata/RHSA-2026:9644
reference_id RHSA-2026:9644
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9644
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23171
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u6nn-wr8u-qqdj
346
url VCID-u892-96zg-9ke6
vulnerability_id VCID-u892-96zg-9ke6
summary In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udp_sock to a local address and port, UDP uses two hashes (udptable->hash and udptable->hash2) for collision detection. The current code switches to "hash2" when hslot->count > 10. "hash2" is keyed by local address and local port. "hash" is keyed by local port only. The issue can be shown in the following bind sequence (pseudo code): bind(fd1, "[fd00::1]:8888") bind(fd2, "[fd00::2]:8888") bind(fd3, "[fd00::3]:8888") bind(fd4, "[fd00::4]:8888") bind(fd5, "[fd00::5]:8888") bind(fd6, "[fd00::6]:8888") bind(fd7, "[fd00::7]:8888") bind(fd8, "[fd00::8]:8888") bind(fd9, "[fd00::9]:8888") bind(fd10, "[fd00::10]:8888") /* Correctly return -EADDRINUSE because "hash" is used * instead of "hash2". udp_lib_lport_inuse() detects the * conflict. */ bind(fail_fd, "[::]:8888") /* After one more socket is bound to "[fd00::11]:8888", * hslot->count exceeds 10 and "hash2" is used instead. */ bind(fd11, "[fd00::11]:8888") bind(fail_fd, "[::]:8888") /* succeeds unexpectedly */ The same issue applies to the IPv4 wildcard address "0.0.0.0" and the IPv4-mapped wildcard address "::ffff:0.0.0.0". For example, if there are existing sockets bound to "192.168.1.[1-11]:8888", then binding "0.0.0.0:8888" or "[::ffff:0.0.0.0]:8888" can also miss the conflict when hslot->count > 10. TCP inet_csk_get_port() already has the correct check in inet_use_bhash2_on_bind(). Rename it to inet_use_hash2_on_bind() and move it to inet_hashtables.h so udp.c can reuse it in this fix.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31503.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31503.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31503
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31503
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31503
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31503
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460736
reference_id 2460736
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460736
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31503
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u892-96zg-9ke6
347
url VCID-ub6v-vb3r-83eh
vulnerability_id VCID-ub6v-vb3r-83eh
summary kernel: x86/efi: defer freeing of boot services memory
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23352.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23352.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23352
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13218
published_at 2026-04-24T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13116
published_at 2026-04-18T12:55:00Z
11
value 0.00043
scoring_system epss
scoring_elements 0.13209
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23352
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23352
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451178
reference_id 2451178
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451178
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23352
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ub6v-vb3r-83eh
348
url VCID-ucab-wj54-hyey
vulnerability_id VCID-ucab-wj54-hyey
summary kernel: Linux kernel: Local denial of service in device mapper
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38140.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38140.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38140
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09964
published_at 2026-04-02T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10011
published_at 2026-04-04T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09908
published_at 2026-04-07T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.09984
published_at 2026-04-08T12:55:00Z
4
value 0.00034
scoring_system epss
scoring_elements 0.10033
published_at 2026-04-09T12:55:00Z
5
value 0.00034
scoring_system epss
scoring_elements 0.10049
published_at 2026-04-11T12:55:00Z
6
value 0.00034
scoring_system epss
scoring_elements 0.10009
published_at 2026-04-12T12:55:00Z
7
value 0.00034
scoring_system epss
scoring_elements 0.09988
published_at 2026-04-13T12:55:00Z
8
value 0.00034
scoring_system epss
scoring_elements 0.09861
published_at 2026-04-16T12:55:00Z
9
value 0.00034
scoring_system epss
scoring_elements 0.09833
published_at 2026-04-18T12:55:00Z
10
value 0.00034
scoring_system epss
scoring_elements 0.10073
published_at 2026-04-21T12:55:00Z
11
value 0.00034
scoring_system epss
scoring_elements 0.10051
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38140
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376081
reference_id 2376081
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376081
4
reference_url https://usn.ubuntu.com/7769-1/
reference_id USN-7769-1
reference_type
scores
url https://usn.ubuntu.com/7769-1/
5
reference_url https://usn.ubuntu.com/7769-2/
reference_id USN-7769-2
reference_type
scores
url https://usn.ubuntu.com/7769-2/
6
reference_url https://usn.ubuntu.com/7769-3/
reference_id USN-7769-3
reference_type
scores
url https://usn.ubuntu.com/7769-3/
7
reference_url https://usn.ubuntu.com/7770-1/
reference_id USN-7770-1
reference_type
scores
url https://usn.ubuntu.com/7770-1/
8
reference_url https://usn.ubuntu.com/7771-1/
reference_id USN-7771-1
reference_type
scores
url https://usn.ubuntu.com/7771-1/
9
reference_url https://usn.ubuntu.com/7789-1/
reference_id USN-7789-1
reference_type
scores
url https://usn.ubuntu.com/7789-1/
10
reference_url https://usn.ubuntu.com/7789-2/
reference_id USN-7789-2
reference_type
scores
url https://usn.ubuntu.com/7789-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38140
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ucab-wj54-hyey
349
url VCID-udny-3t6r-fyhn
vulnerability_id VCID-udny-3t6r-fyhn
summary In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: prevent immediate PASID reuse case PASID resue could cause interrupt issue when process immediately runs into hw state left by previous process exited with the same PASID, it's possible that page faults are still pending in the IH ring buffer when the process exits and frees up its PASID. To prevent the case, it uses idr cyclic allocator same as kernel pid's. (cherry picked from commit 8f1de51f49be692de137c8525106e0fce2d1912d)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31462.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31462
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31462
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31462
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460647
reference_id 2460647
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460647
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31462
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-udny-3t6r-fyhn
350
url VCID-uhng-dru9-7yht
vulnerability_id VCID-uhng-dru9-7yht
summary In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpm_resume" This is caused by aqc111_suspend calling the PM variant of its write_cmd routine. The simplified call trace looks like this: rpm_suspend() usb_suspend_both() - here udev->dev.power.runtime_status == RPM_SUSPENDING aqc111_suspend() - called for the usb device interface aqc111_write32_cmd() usb_autopm_get_interface() pm_runtime_resume_and_get() rpm_resume() - here we call rpm_resume() on our parent rpm_resume() - Here we wait for a status change that will never happen. At this point we block another task which holds rtnl_lock and locks up the whole networking stack. Fix this by replacing the write_cmd calls with their _nopm variants
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23446.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23446.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23446
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23446
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23446
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23446
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454870
reference_id 2454870
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454870
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23446
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uhng-dru9-7yht
351
url VCID-ukr2-rp6y-rkf1
vulnerability_id VCID-ukr2-rp6y-rkf1
summary kernel: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23274.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23274.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23274
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.0354
published_at 2026-04-11T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03562
published_at 2026-04-08T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03584
published_at 2026-04-09T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03511
published_at 2026-04-12T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03486
published_at 2026-04-13T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.0346
published_at 2026-04-16T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03552
published_at 2026-04-04T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03561
published_at 2026-04-07T12:55:00Z
8
value 0.00019
scoring_system epss
scoring_elements 0.0514
published_at 2026-04-18T12:55:00Z
9
value 0.00022
scoring_system epss
scoring_elements 0.06162
published_at 2026-04-21T12:55:00Z
10
value 0.00022
scoring_system epss
scoring_elements 0.06176
published_at 2026-04-24T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23274
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23274
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23274
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449572
reference_id 2449572
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449572
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23274
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukr2-rp6y-rkf1
352
url VCID-unjj-qvdj-zkev
vulnerability_id VCID-unjj-qvdj-zkev
summary In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotp_sendmsg() isotp_sendmsg() uses only cmpxchg() on so->tx.state to serialize access to so->tx.buf. isotp_release() waits for ISOTP_IDLE via wait_event_interruptible() and then calls kfree(so->tx.buf). If a signal interrupts the wait_event_interruptible() inside close() while tx.state is ISOTP_SENDING, the loop exits early and release proceeds to force ISOTP_SHUTDOWN and continues to kfree(so->tx.buf) while sendmsg may still be reading so->tx.buf for the final CAN frame in isotp_fill_dataframe(). The so->tx.buf can be allocated once when the standard tx.buf length needs to be extended. Move the kfree() of this potentially extended tx.buf to sk_destruct time when either isotp_sendmsg() and isotp_release() are done.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31474.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31474.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31474
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31474
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460646
reference_id 2460646
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460646
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31474
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-unjj-qvdj-zkev
353
url VCID-up76-yp3d-5kaj
vulnerability_id VCID-up76-yp3d-5kaj
summary kernel: nvme: fix memory allocation in nvme_pr_read_keys()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23244.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23244.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23244
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.0721
published_at 2026-04-21T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07181
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23244
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2448601
reference_id 2448601
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2448601
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23244
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-up76-yp3d-5kaj
354
url VCID-upcd-ngpy-ekeu
vulnerability_id VCID-upcd-ngpy-ekeu
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31411.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31411.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31411
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06685
published_at 2026-04-13T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06702
published_at 2026-04-09T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06701
published_at 2026-04-11T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06694
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31411
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31411
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31411
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456521
reference_id 2456521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456521
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31411
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-upcd-ngpy-ekeu
355
url VCID-uvyu-va81-wbgj
vulnerability_id VCID-uvyu-va81-wbgj
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use netlink policy range checks Replace manual range and mask validations with netlink policy annotations in ctnetlink code paths, so that the netlink core rejects invalid values early and can generate extack errors. - CTA_PROTOINFO_TCP_STATE: reject values > TCP_CONNTRACK_SYN_SENT2 at policy level, removing the manual >= TCP_CONNTRACK_MAX check. - CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values > TCP_MAX_WSCALE (14). The normal TCP option parsing path already clamps to this value, but the ctnetlink path accepted 0-255, causing undefined behavior when used as a u32 shift count. - CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with CTA_FILTER_F_ALL, removing the manual mask checks. - CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding a new mask define grouping all valid expect flags. Extracted from a broader nf-next patch by Florian Westphal, scoped to ctnetlink for the fixes tree.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31495.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31495.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31495
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.07942
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31495
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31495
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31495
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460664
reference_id 2460664
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460664
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31495
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvyu-va81-wbgj
356
url VCID-uwe8-jkbr-3kdk
vulnerability_id VCID-uwe8-jkbr-3kdk
summary In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devm_regmap_init_mmio returns an ERR_PTR() upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERR_PTR() instead of the wrong value in ret.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31439.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31439.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31439
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31439
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460726
reference_id 2460726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460726
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31439
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uwe8-jkbr-3kdk
357
url VCID-uywc-57rt-7ue6
vulnerability_id VCID-uywc-57rt-7ue6
summary kernel: Linux kernel: mremap local denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39775.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-39775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-39775
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04741
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04764
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05342
published_at 2026-04-09T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.0531
published_at 2026-04-11T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05284
published_at 2026-04-07T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.0532
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-39775
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2394617
reference_id 2394617
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2394617
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-39775
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uywc-57rt-7ue6
358
url VCID-uzfu-ke47-1qaq
vulnerability_id VCID-uzfu-ke47-1qaq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23426.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23426.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23426
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02265
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23426
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454777
reference_id 2454777
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454777
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23426
risk_score 1.2
exploitability 0.5
weighted_severity 2.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uzfu-ke47-1qaq
359
url VCID-v13n-b9vm-3yej
vulnerability_id VCID-v13n-b9vm-3yej
summary kernel: x86/fred: Correct speculative safety in fred_extint()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23354.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23354.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23354
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00023
scoring_system epss
scoring_elements 0.06219
published_at 2026-04-04T12:55:00Z
2
value 0.00023
scoring_system epss
scoring_elements 0.062
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06243
published_at 2026-04-08T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23354
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451232
reference_id 2451232
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451232
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23354
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v13n-b9vm-3yej
360
url VCID-v2rb-s1g7-1ub4
vulnerability_id VCID-v2rb-s1g7-1ub4
summary In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exports_proc_open() captures the caller's current network namespace and stores its svc_export_cache in seq->private, but takes no reference on the namespace. If the namespace is subsequently torn down (e.g. container destruction after the opener does setns() to a different namespace), nfsd_net_exit() calls nfsd_export_shutdown() which frees the cache. Subsequent reads on the still-open fd dereference the freed cache_detail, walking a freed hash table. Hold a reference on the struct net for the lifetime of the open file descriptor. This prevents nfsd_net_exit() from running -- and thus prevents nfsd_export_shutdown() from freeing the cache -- while any exports fd is open. cache_detail already stores its net pointer (cd->net, set by cache_create_net()), so exports_release() can retrieve it without additional per-file storage.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31403.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31403.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31403
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31403
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31403
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454874
reference_id 2454874
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454874
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31403
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2rb-s1g7-1ub4
361
url VCID-v3ba-uvsy-ybfv
vulnerability_id VCID-v3ba-uvsy-ybfv
summary kernel: dmaengine: mmp_pdma: Fix race condition in mmp_pdma_residue()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71221.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71221.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71221
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02563
published_at 2026-04-24T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02506
published_at 2026-04-02T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02519
published_at 2026-04-04T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02521
published_at 2026-04-07T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02525
published_at 2026-04-08T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02546
published_at 2026-04-09T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02526
published_at 2026-04-11T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02516
published_at 2026-04-12T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02514
published_at 2026-04-13T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.025
published_at 2026-04-16T12:55:00Z
10
value 0.00014
scoring_system epss
scoring_elements 0.02505
published_at 2026-04-18T12:55:00Z
11
value 0.00014
scoring_system epss
scoring_elements 0.02612
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71221
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71221
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439909
reference_id 2439909
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439909
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71221
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3ba-uvsy-ybfv
362
url VCID-v3m5-xj2s-5yef
vulnerability_id VCID-v3m5-xj2s-5yef
summary kernel: s390/mm: Fix in_atomic() handling in do_secure_storage_access()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38359.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38359.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38359
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-09T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02294
published_at 2026-04-02T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02299
published_at 2026-04-04T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02298
published_at 2026-04-08T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03846
published_at 2026-04-11T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03801
published_at 2026-04-13T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.0378
published_at 2026-04-16T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.0379
published_at 2026-04-18T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03827
published_at 2026-04-12T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04817
published_at 2026-04-21T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.0485
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38359
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38359
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38359
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2383387
reference_id 2383387
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2383387
5
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
6
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
7
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
8
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
9
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
10
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38359
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3m5-xj2s-5yef
363
url VCID-v4eq-5uts-e7es
vulnerability_id VCID-v4eq-5uts-e7es
summary kernel: can: usb: f81604: handle short interrupt urb messages properly
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23334.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23334.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23334
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02209
published_at 2026-04-24T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06304
published_at 2026-04-02T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06337
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
11
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23334
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451219
reference_id 2451219
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451219
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23334
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v4eq-5uts-e7es
364
url VCID-v813-y477-vkhn
vulnerability_id VCID-v813-y477-vkhn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31429.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31429.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31429
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04548
published_at 2026-04-21T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31429
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2459692
reference_id 2459692
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2459692
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31429
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v813-y477-vkhn
365
url VCID-v9bm-48ec-9fc2
vulnerability_id VCID-v9bm-48ec-9fc2
summary kernel: net: mana: fix use-after-free in mana_hwc_destroy_channel() by reordering teardown
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23454.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23454.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23454
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23454
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454805
reference_id 2454805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454805
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23454
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9bm-48ec-9fc2
366
url VCID-v9p4-t339-t3g4
vulnerability_id VCID-v9p4-t339-t3g4
summary kernel: net: dsa: properly keep track of conduit reference
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71152.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71152.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71152
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04429
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04455
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04467
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04501
published_at 2026-04-08T12:55:00Z
4
value 0.00018
scoring_system epss
scoring_elements 0.04517
published_at 2026-04-09T12:55:00Z
5
value 0.00018
scoring_system epss
scoring_elements 0.04507
published_at 2026-04-11T12:55:00Z
6
value 0.00018
scoring_system epss
scoring_elements 0.04492
published_at 2026-04-12T12:55:00Z
7
value 0.00018
scoring_system epss
scoring_elements 0.04475
published_at 2026-04-13T12:55:00Z
8
value 0.00018
scoring_system epss
scoring_elements 0.04444
published_at 2026-04-16T12:55:00Z
9
value 0.00018
scoring_system epss
scoring_elements 0.04453
published_at 2026-04-18T12:55:00Z
10
value 0.00018
scoring_system epss
scoring_elements 0.04591
published_at 2026-04-21T12:55:00Z
11
value 0.00018
scoring_system epss
scoring_elements 0.0463
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71152
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71152
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71152
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432359
reference_id 2432359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432359
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71152
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9p4-t339-t3g4
367
url VCID-vccj-gtv8-kug3
vulnerability_id VCID-vccj-gtv8-kug3
summary kernel: bpf: Fix stack-out-of-bounds write in devmap
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23359.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23359.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23359
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23359
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451202
reference_id 2451202
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451202
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23359
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vccj-gtv8-kug3
368
url VCID-vdnv-8h83-7kfs
vulnerability_id VCID-vdnv-8h83-7kfs
summary kernel: ipv6: use RCU in ip6_xmit()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40135.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40135.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40135
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03164
published_at 2026-04-11T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03138
published_at 2026-04-12T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03124
published_at 2026-04-13T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03228
published_at 2026-04-21T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.0521
published_at 2026-04-18T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.05208
published_at 2026-04-16T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07506
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10137
published_at 2026-04-07T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10275
published_at 2026-04-09T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10212
published_at 2026-04-08T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10174
published_at 2026-04-02T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.1024
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40135
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40135
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40135
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414521
reference_id 2414521
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414521
5
reference_url https://access.redhat.com/errata/RHSA-2026:1690
reference_id RHSA-2026:1690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1690
6
reference_url https://access.redhat.com/errata/RHSA-2026:2212
reference_id RHSA-2026:2212
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2212
7
reference_url https://access.redhat.com/errata/RHSA-2026:2264
reference_id RHSA-2026:2264
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2264
8
reference_url https://access.redhat.com/errata/RHSA-2026:2378
reference_id RHSA-2026:2378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2378
9
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
10
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
11
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
12
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
13
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40135
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdnv-8h83-7kfs
369
url VCID-vgze-rbc5-bbc6
vulnerability_id VCID-vgze-rbc5-bbc6
summary kernel: netfilter: xt_CT: drop pending enqueued packets on template removal
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23391.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23391.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23391
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02327
published_at 2026-04-11T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02313
published_at 2026-04-12T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-04-13T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02295
published_at 2026-04-16T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02301
published_at 2026-04-18T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02324
published_at 2026-04-04T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0232
published_at 2026-04-07T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02323
published_at 2026-04-08T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02344
published_at 2026-04-09T12:55:00Z
9
value 0.00019
scoring_system epss
scoring_elements 0.05331
published_at 2026-04-24T12:55:00Z
10
value 0.00019
scoring_system epss
scoring_elements 0.05292
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23391
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23391
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23391
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451269
reference_id 2451269
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451269
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23391
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgze-rbc5-bbc6
370
url VCID-vr91-8n9z-dfh2
vulnerability_id VCID-vr91-8n9z-dfh2
summary kernel: accel/ivpu: Fix page fault in ivpu_bo_unbind_all_bos_from_context()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68730.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68730.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68730
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68730
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2424894
reference_id 2424894
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2424894
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68730
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vr91-8n9z-dfh2
371
url VCID-vtwb-e5mq-6bgq
vulnerability_id VCID-vtwb-e5mq-6bgq
summary kernel: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23277.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23277.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23277
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.18939
published_at 2026-04-21T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.18831
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23277
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23277
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2449560
reference_id 2449560
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2449560
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23277
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwb-e5mq-6bgq
372
url VCID-vw6j-sby6-dbh3
vulnerability_id VCID-vw6j-sby6-dbh3
summary In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teql_master_xmit Whenever a TEQL devices has a lockless Qdisc as root, qdisc_reset should be called using the seq_lock to avoid racing with the datapath. Failure to do so may cause crashes like the following: [ 238.028993][ T318] BUG: KASAN: double-free in skb_release_data (net/core/skbuff.c:1139) [ 238.029328][ T318] Free of addr ffff88810c67ec00 by task poc_teql_uaf_ke/318 [ 238.029749][ T318] [ 238.029900][ T318] CPU: 3 UID: 0 PID: 318 Comm: poc_teql_ke Not tainted 7.0.0-rc3-00149-ge5b31d988a41 #704 PREEMPT(full) [ 238.029906][ T318] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011 [ 238.029910][ T318] Call Trace: [ 238.029913][ T318] <TASK> [ 238.029916][ T318] dump_stack_lvl (lib/dump_stack.c:122) [ 238.029928][ T318] print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) [ 238.029940][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029944][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.029957][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029969][ T318] kasan_report_invalid_free (mm/kasan/report.c:221 mm/kasan/report.c:563) [ 238.029979][ T318] ? skb_release_data (net/core/skbuff.c:1139) [ 238.029989][ T318] check_slab_allocation (mm/kasan/common.c:231) [ 238.029995][ T318] kmem_cache_free (mm/slub.c:2637 (discriminator 1) mm/slub.c:6168 (discriminator 1) mm/slub.c:6298 (discriminator 1)) [ 238.030004][ T318] skb_release_data (net/core/skbuff.c:1139) ... [ 238.030025][ T318] sk_skb_reason_drop (net/core/skbuff.c:1256) [ 238.030032][ T318] pfifo_fast_reset (./include/linux/ptr_ring.h:171 ./include/linux/ptr_ring.h:309 ./include/linux/skb_array.h:98 net/sched/sch_generic.c:827) [ 238.030039][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) ... [ 238.030054][ T318] qdisc_reset (net/sched/sch_generic.c:1034) [ 238.030062][ T318] teql_destroy (./include/linux/spinlock.h:395 net/sched/sch_teql.c:157) [ 238.030071][ T318] __qdisc_destroy (./include/net/pkt_sched.h:328 net/sched/sch_generic.c:1077) [ 238.030077][ T318] qdisc_graft (net/sched/sch_api.c:1062 net/sched/sch_api.c:1053 net/sched/sch_api.c:1159) [ 238.030089][ T318] ? __pfx_qdisc_graft (net/sched/sch_api.c:1091) [ 238.030095][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030102][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030106][ T318] ? srso_alias_return_thunk (arch/x86/lib/retpoline.S:221) [ 238.030114][ T318] tc_get_qdisc (net/sched/sch_api.c:1529 net/sched/sch_api.c:1556) ... [ 238.072958][ T318] Allocated by task 303 on cpu 5 at 238.026275s: [ 238.073392][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.073884][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.074230][ T318] __kasan_slab_alloc (mm/kasan/common.c:369) [ 238.074578][ T318] kmem_cache_alloc_node_noprof (./include/linux/kasan.h:253 mm/slub.c:4542 mm/slub.c:4869 mm/slub.c:4921) [ 238.076091][ T318] kmalloc_reserve (net/core/skbuff.c:616 (discriminator 107)) [ 238.076450][ T318] __alloc_skb (net/core/skbuff.c:713) [ 238.076834][ T318] alloc_skb_with_frags (./include/linux/skbuff.h:1383 net/core/skbuff.c:6763) [ 238.077178][ T318] sock_alloc_send_pskb (net/core/sock.c:2997) [ 238.077520][ T318] packet_sendmsg (net/packet/af_packet.c:2926 net/packet/af_packet.c:3019 net/packet/af_packet.c:3108) [ 238.081469][ T318] [ 238.081870][ T318] Freed by task 299 on cpu 1 at 238.028496s: [ 238.082761][ T318] kasan_save_stack (mm/kasan/common.c:58) [ 238.083481][ T318] kasan_save_track (mm/kasan/common.c:64 (discriminator 5) mm/kasan/common.c:79 (discriminator 5)) [ 238.085348][ T318] kasan_save_free_info (mm/kasan/generic.c:587 (discriminator 1)) [ 238.085900][ T318] __kasan_slab_free (mm/ ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23449.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23449.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23449
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23449
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23449
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23449
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454868
reference_id 2454868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454868
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23449
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vw6j-sby6-dbh3
373
url VCID-vz73-y2va-5kbw
vulnerability_id VCID-vz73-y2va-5kbw
summary In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc_ncm: add ndpoffset to NDP32 nframes bounds check The same bounds-check bug fixed for NDP16 in the previous patch also exists in cdc_ncm_rx_verify_ndp32(). The DPE array size is validated against the total skb length without accounting for ndpoffset, allowing out-of-bounds reads when the NDP32 is placed near the end of the NTB. Add ndpoffset to the nframes bounds check and use struct_size_t() to express the NDP-plus-DPE-array size more clearly. Compile-tested only.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23447.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23447.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23447
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02338
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23447
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23447
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23447
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454838
reference_id 2454838
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454838
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23447
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vz73-y2va-5kbw
374
url VCID-vzkt-5648-ukh7
vulnerability_id VCID-vzkt-5648-ukh7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31415.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31415.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31415
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.08491
published_at 2026-04-16T12:55:00Z
1
value 0.0003
scoring_system epss
scoring_elements 0.08477
published_at 2026-04-18T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11993
published_at 2026-04-21T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11971
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31415
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31415
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457840
reference_id 2457840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457840
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31415
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vzkt-5648-ukh7
375
url VCID-w53c-hafw-6kbb
vulnerability_id VCID-w53c-hafw-6kbb
summary In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: fix OOB read in decode_int() CONS case In decode_int(), the CONS case calls get_bits(bs, 2) to read a length value, then calls get_uint(bs, len) without checking that len bytes remain in the buffer. The existing boundary check only validates the 2 bits for get_bits(), not the subsequent 1-4 bytes that get_uint() reads. This allows a malformed H.323/RAS packet to cause a 1-4 byte slab-out-of-bounds read. Add a boundary check for len bytes after get_bits() and before get_uint().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23456.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23456
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23456
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23456
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23456
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454851
reference_id 2454851
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454851
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23456
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w53c-hafw-6kbb
376
url VCID-w93w-cj1t-cqcj
vulnerability_id VCID-w93w-cj1t-cqcj
summary kernel: remoteproc: qcom: pas: Shutdown lite ADSP DTB on X1E
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40113.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40113.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40113
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05995
published_at 2026-04-12T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05961
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06113
published_at 2026-04-21T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40113
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414503
reference_id 2414503
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414503
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40113
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w93w-cj1t-cqcj
377
url VCID-wanj-gu4w-2qaz
vulnerability_id VCID-wanj-gu4w-2qaz
summary kernel: padata: Fix pd UAF once and for all
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38584.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38584.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38584
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02503
published_at 2026-04-02T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02515
published_at 2026-04-04T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02516
published_at 2026-04-07T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.0252
published_at 2026-04-08T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02541
published_at 2026-04-09T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02521
published_at 2026-04-11T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.0251
published_at 2026-04-12T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02509
published_at 2026-04-13T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02494
published_at 2026-04-16T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02499
published_at 2026-04-18T12:55:00Z
10
value 0.00014
scoring_system epss
scoring_elements 0.02606
published_at 2026-04-21T12:55:00Z
11
value 0.00014
scoring_system epss
scoring_elements 0.02737
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38584
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38584
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38584
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2389501
reference_id 2389501
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2389501
5
reference_url https://usn.ubuntu.com/7879-1/
reference_id USN-7879-1
reference_type
scores
url https://usn.ubuntu.com/7879-1/
6
reference_url https://usn.ubuntu.com/7879-2/
reference_id USN-7879-2
reference_type
scores
url https://usn.ubuntu.com/7879-2/
7
reference_url https://usn.ubuntu.com/7879-3/
reference_id USN-7879-3
reference_type
scores
url https://usn.ubuntu.com/7879-3/
8
reference_url https://usn.ubuntu.com/7879-4/
reference_id USN-7879-4
reference_type
scores
url https://usn.ubuntu.com/7879-4/
9
reference_url https://usn.ubuntu.com/7880-1/
reference_id USN-7880-1
reference_type
scores
url https://usn.ubuntu.com/7880-1/
10
reference_url https://usn.ubuntu.com/7934-1/
reference_id USN-7934-1
reference_type
scores
url https://usn.ubuntu.com/7934-1/
11
reference_url https://usn.ubuntu.com/8028-1/
reference_id USN-8028-1
reference_type
scores
url https://usn.ubuntu.com/8028-1/
12
reference_url https://usn.ubuntu.com/8028-2/
reference_id USN-8028-2
reference_type
scores
url https://usn.ubuntu.com/8028-2/
13
reference_url https://usn.ubuntu.com/8028-3/
reference_id USN-8028-3
reference_type
scores
url https://usn.ubuntu.com/8028-3/
14
reference_url https://usn.ubuntu.com/8028-4/
reference_id USN-8028-4
reference_type
scores
url https://usn.ubuntu.com/8028-4/
15
reference_url https://usn.ubuntu.com/8028-5/
reference_id USN-8028-5
reference_type
scores
url https://usn.ubuntu.com/8028-5/
16
reference_url https://usn.ubuntu.com/8028-6/
reference_id USN-8028-6
reference_type
scores
url https://usn.ubuntu.com/8028-6/
17
reference_url https://usn.ubuntu.com/8028-7/
reference_id USN-8028-7
reference_type
scores
url https://usn.ubuntu.com/8028-7/
18
reference_url https://usn.ubuntu.com/8028-8/
reference_id USN-8028-8
reference_type
scores
url https://usn.ubuntu.com/8028-8/
19
reference_url https://usn.ubuntu.com/8031-1/
reference_id USN-8031-1
reference_type
scores
url https://usn.ubuntu.com/8031-1/
20
reference_url https://usn.ubuntu.com/8031-2/
reference_id USN-8031-2
reference_type
scores
url https://usn.ubuntu.com/8031-2/
21
reference_url https://usn.ubuntu.com/8031-3/
reference_id USN-8031-3
reference_type
scores
url https://usn.ubuntu.com/8031-3/
22
reference_url https://usn.ubuntu.com/8033-1/
reference_id USN-8033-1
reference_type
scores
url https://usn.ubuntu.com/8033-1/
23
reference_url https://usn.ubuntu.com/8033-2/
reference_id USN-8033-2
reference_type
scores
url https://usn.ubuntu.com/8033-2/
24
reference_url https://usn.ubuntu.com/8033-3/
reference_id USN-8033-3
reference_type
scores
url https://usn.ubuntu.com/8033-3/
25
reference_url https://usn.ubuntu.com/8033-4/
reference_id USN-8033-4
reference_type
scores
url https://usn.ubuntu.com/8033-4/
26
reference_url https://usn.ubuntu.com/8033-5/
reference_id USN-8033-5
reference_type
scores
url https://usn.ubuntu.com/8033-5/
27
reference_url https://usn.ubuntu.com/8033-6/
reference_id USN-8033-6
reference_type
scores
url https://usn.ubuntu.com/8033-6/
28
reference_url https://usn.ubuntu.com/8033-7/
reference_id USN-8033-7
reference_type
scores
url https://usn.ubuntu.com/8033-7/
29
reference_url https://usn.ubuntu.com/8033-8/
reference_id USN-8033-8
reference_type
scores
url https://usn.ubuntu.com/8033-8/
30
reference_url https://usn.ubuntu.com/8034-1/
reference_id USN-8034-1
reference_type
scores
url https://usn.ubuntu.com/8034-1/
31
reference_url https://usn.ubuntu.com/8034-2/
reference_id USN-8034-2
reference_type
scores
url https://usn.ubuntu.com/8034-2/
32
reference_url https://usn.ubuntu.com/8052-1/
reference_id USN-8052-1
reference_type
scores
url https://usn.ubuntu.com/8052-1/
33
reference_url https://usn.ubuntu.com/8052-2/
reference_id USN-8052-2
reference_type
scores
url https://usn.ubuntu.com/8052-2/
34
reference_url https://usn.ubuntu.com/8074-1/
reference_id USN-8074-1
reference_type
scores
url https://usn.ubuntu.com/8074-1/
35
reference_url https://usn.ubuntu.com/8074-2/
reference_id USN-8074-2
reference_type
scores
url https://usn.ubuntu.com/8074-2/
36
reference_url https://usn.ubuntu.com/8126-1/
reference_id USN-8126-1
reference_type
scores
url https://usn.ubuntu.com/8126-1/
37
reference_url https://usn.ubuntu.com/8141-1/
reference_id USN-8141-1
reference_type
scores
url https://usn.ubuntu.com/8141-1/
38
reference_url https://usn.ubuntu.com/8163-1/
reference_id USN-8163-1
reference_type
scores
url https://usn.ubuntu.com/8163-1/
39
reference_url https://usn.ubuntu.com/8163-2/
reference_id USN-8163-2
reference_type
scores
url https://usn.ubuntu.com/8163-2/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38584
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wanj-gu4w-2qaz
378
url VCID-wbcp-4jjd-e3cg
vulnerability_id VCID-wbcp-4jjd-e3cg
summary In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel BUG in netfs_limit_iter() for ITER_KVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, __kernel_write() creates an ITER_KVEC iterator. This iterator reaches netfs_limit_iter() via netfs_unbuffered_write(), which only handles ITER_FOLIOQ, ITER_BVEC and ITER_XARRAY iterator types, hitting the BUG() for any other type. Fix this by adding netfs_limit_kvec() following the same pattern as netfs_limit_bvec(), since both kvec and bvec are simple segment arrays with pointer and length fields. Dispatch it from netfs_limit_iter() when the iterator type is ITER_KVEC.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31438.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31438.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31438
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31438
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460733
reference_id 2460733
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460733
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31438
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbcp-4jjd-e3cg
379
url VCID-wcu7-me4d-bugc
vulnerability_id VCID-wcu7-me4d-bugc
summary kernel: ksmbd: add chann_lock to protect ksmbd_chann_list xarray
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23226.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23226.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23226
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04822
published_at 2026-04-21T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04856
published_at 2026-04-24T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.0468
published_at 2026-04-18T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.0575
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05776
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05746
published_at 2026-04-12T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05741
published_at 2026-04-13T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05696
published_at 2026-04-16T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05753
published_at 2026-04-11T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05716
published_at 2026-04-04T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.0571
published_at 2026-04-07T12:55:00Z
11
value 9e-05
scoring_system epss
scoring_elements 0.00886
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23226
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440675
reference_id 2440675
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440675
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23226
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wcu7-me4d-bugc
380
url VCID-wdmm-5qwk-w7dv
vulnerability_id VCID-wdmm-5qwk-w7dv
summary kernel: scsi: ufs: core: Fix data race in CPU latency PM QoS request handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40130.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40130.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40130
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06003
published_at 2026-04-11T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.05995
published_at 2026-04-12T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.05985
published_at 2026-04-13T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.0595
published_at 2026-04-16T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.05961
published_at 2026-04-18T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06113
published_at 2026-04-21T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10471
published_at 2026-04-02T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10539
published_at 2026-04-04T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10544
published_at 2026-04-09T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10403
published_at 2026-04-07T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10476
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40130
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2414515
reference_id 2414515
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2414515
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40130
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wdmm-5qwk-w7dv
381
url VCID-wk3t-3jvn-quf1
vulnerability_id VCID-wk3t-3jvn-quf1
summary kernel: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38237.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38237.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38237
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06213
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07203
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07183
published_at 2026-04-07T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07237
published_at 2026-04-13T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07263
published_at 2026-04-24T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.0726
published_at 2026-04-11T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07246
published_at 2026-04-12T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07168
published_at 2026-04-16T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07163
published_at 2026-04-18T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07288
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38237
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38237
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38237
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2377073
reference_id 2377073
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2377073
5
reference_url https://usn.ubuntu.com/7774-1/
reference_id USN-7774-1
reference_type
scores
url https://usn.ubuntu.com/7774-1/
6
reference_url https://usn.ubuntu.com/7774-2/
reference_id USN-7774-2
reference_type
scores
url https://usn.ubuntu.com/7774-2/
7
reference_url https://usn.ubuntu.com/7774-3/
reference_id USN-7774-3
reference_type
scores
url https://usn.ubuntu.com/7774-3/
8
reference_url https://usn.ubuntu.com/7774-4/
reference_id USN-7774-4
reference_type
scores
url https://usn.ubuntu.com/7774-4/
9
reference_url https://usn.ubuntu.com/7774-5/
reference_id USN-7774-5
reference_type
scores
url https://usn.ubuntu.com/7774-5/
10
reference_url https://usn.ubuntu.com/7775-1/
reference_id USN-7775-1
reference_type
scores
url https://usn.ubuntu.com/7775-1/
11
reference_url https://usn.ubuntu.com/7775-2/
reference_id USN-7775-2
reference_type
scores
url https://usn.ubuntu.com/7775-2/
12
reference_url https://usn.ubuntu.com/7775-3/
reference_id USN-7775-3
reference_type
scores
url https://usn.ubuntu.com/7775-3/
13
reference_url https://usn.ubuntu.com/7776-1/
reference_id USN-7776-1
reference_type
scores
url https://usn.ubuntu.com/7776-1/
14
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
15
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
16
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
17
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
18
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
19
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38237
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wk3t-3jvn-quf1
382
url VCID-wp6e-yac6-t7fj
vulnerability_id VCID-wp6e-yac6-t7fj
summary kernel: drm/xe/guc: Add devm release action to safely tear down CT
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68193.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68193.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68193
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07747
published_at 2026-04-02T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07792
published_at 2026-04-04T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07749
published_at 2026-04-07T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07809
published_at 2026-04-08T12:55:00Z
4
value 0.00027
scoring_system epss
scoring_elements 0.07826
published_at 2026-04-09T12:55:00Z
5
value 0.00027
scoring_system epss
scoring_elements 0.07821
published_at 2026-04-11T12:55:00Z
6
value 0.00027
scoring_system epss
scoring_elements 0.07808
published_at 2026-04-12T12:55:00Z
7
value 0.00027
scoring_system epss
scoring_elements 0.07794
published_at 2026-04-13T12:55:00Z
8
value 0.00027
scoring_system epss
scoring_elements 0.07708
published_at 2026-04-16T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10481
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10368
published_at 2026-04-18T12:55:00Z
11
value 0.00035
scoring_system epss
scoring_elements 0.10496
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68193
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2422730
reference_id 2422730
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2422730
4
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
5
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
6
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
7
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
8
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68193
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp6e-yac6-t7fj
383
url VCID-wpd8-35bc-dka3
vulnerability_id VCID-wpd8-35bc-dka3
summary kernel: wifi: ath12k: Fix for out-of bound access error
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58015.json
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58015.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-58015
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01452
published_at 2026-04-24T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01351
published_at 2026-04-16T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01365
published_at 2026-04-18T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01444
published_at 2026-04-21T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01371
published_at 2026-04-07T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.01375
published_at 2026-04-09T12:55:00Z
6
value 0.00011
scoring_system epss
scoring_elements 0.01364
published_at 2026-04-11T12:55:00Z
7
value 0.00011
scoring_system epss
scoring_elements 0.01358
published_at 2026-04-12T12:55:00Z
8
value 0.00011
scoring_system epss
scoring_elements 0.0136
published_at 2026-04-13T12:55:00Z
9
value 0.00039
scoring_system epss
scoring_elements 0.11864
published_at 2026-04-02T12:55:00Z
10
value 0.00039
scoring_system epss
scoring_elements 0.11909
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-58015
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2348577
reference_id 2348577
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2348577
4
reference_url https://access.redhat.com/errata/RHSA-2025:20095
reference_id RHSA-2025:20095
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20095
5
reference_url https://access.redhat.com/errata/RHSA-2025:20518
reference_id RHSA-2025:20518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20518
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-58015
risk_score 2.7
exploitability 0.5
weighted_severity 5.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wpd8-35bc-dka3
384
url VCID-wq4h-q7vt-23ex
vulnerability_id VCID-wq4h-q7vt-23ex
summary In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if device_add() fails in nd_async_device_register(). Commit b6eae0f61db2 ("libnvdimm: Hold reference on parent while scheduling async init") correctly added a reference on the parent device to be held until asynchronous initialization was complete. However, if device_add() results in an allocation failure the ref count of the device drops to 0 prior to the parent pointer being accessed. Thus resulting in use after free. The bug bot AI correctly identified the fix. Save a reference to the parent pointer to be used to drop the parent reference regardless of the outcome of device_add().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31399.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31399.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31399
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31399
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454871
reference_id 2454871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454871
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31399
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wq4h-q7vt-23ex
385
url VCID-wtcb-jzbu-fkcn
vulnerability_id VCID-wtcb-jzbu-fkcn
summary In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an array_index_nospec() boundary to prevent access past the syscall function pointer tables.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31483.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31483
reference_id
reference_type
scores
0
value 0.0003
scoring_system epss
scoring_elements 0.08637
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31483
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460693
reference_id 2460693
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460693
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31483
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wtcb-jzbu-fkcn
386
url VCID-wv35-ucjn-3bb5
vulnerability_id VCID-wv35-ucjn-3bb5
summary In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if inserting a new extent into the extent tree fails (in this example, because the file system disabled the huge file feature when marking the inode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to reclaim the physical block without deleting the corresponding data in the extent tree. This causes subsequent mkdir operations to reference the previously reclaimed physical block number again, even though this physical block is already being used by the xattr block. Therefore, a situation arises where both the directory and xattr are using the same buffer head block in memory simultaneously. The above causes ext4_xattr_block_set() to enter an infinite loop about "inserted" and cannot release the inode lock, ultimately leading to the 143s blocking problem mentioned in [1]. If the metadata is corrupted, then trying to remove some extent space can do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE was passed, remove space wrongly update quota information. Jan Kara suggests distinguishing between two cases: 1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully consistent and we must maintain its consistency including all the accounting. However these errors can happen only early before we've inserted the extent into the extent tree. So current code works correctly for this case. 2) Some other error - this means metadata is corrupted. We should strive to do as few modifications as possible to limit damage. So I'd just skip freeing of allocated blocks. [1] INFO: task syz.0.17:5995 blocked for more than 143 seconds. Call Trace: inode_lock_nested include/linux/fs.h:1073 [inline] __start_dirop fs/namei.c:2923 [inline] start_dirop fs/namei.c:2934 [inline]
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31448.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31448.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31448
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31448
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31448
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31448
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460639
reference_id 2460639
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460639
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31448
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wv35-ucjn-3bb5
387
url VCID-wwax-w4gg-cuhy
vulnerability_id VCID-wwax-w4gg-cuhy
summary kernel: functionfs: fix the open/removal races
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71074.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71074.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71074
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00475
published_at 2026-04-24T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.0046
published_at 2026-04-02T12:55:00Z
2
value 7e-05
scoring_system epss
scoring_elements 0.00457
published_at 2026-04-04T12:55:00Z
3
value 7e-05
scoring_system epss
scoring_elements 0.00448
published_at 2026-04-07T12:55:00Z
4
value 7e-05
scoring_system epss
scoring_elements 0.00445
published_at 2026-04-08T12:55:00Z
5
value 7e-05
scoring_system epss
scoring_elements 0.00447
published_at 2026-04-11T12:55:00Z
6
value 7e-05
scoring_system epss
scoring_elements 0.00443
published_at 2026-04-12T12:55:00Z
7
value 7e-05
scoring_system epss
scoring_elements 0.00442
published_at 2026-04-13T12:55:00Z
8
value 7e-05
scoring_system epss
scoring_elements 0.00441
published_at 2026-04-16T12:55:00Z
9
value 7e-05
scoring_system epss
scoring_elements 0.00446
published_at 2026-04-18T12:55:00Z
10
value 7e-05
scoring_system epss
scoring_elements 0.00476
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71074
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71074
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71074
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2429062
reference_id 2429062
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2429062
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71074
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wwax-w4gg-cuhy
388
url VCID-wxx7-3a43-h7gh
vulnerability_id VCID-wxx7-3a43-h7gh
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31408.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31408
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02339
published_at 2026-04-24T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02263
published_at 2026-04-16T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02268
published_at 2026-04-18T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.0236
published_at 2026-04-21T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02283
published_at 2026-04-12T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.0228
published_at 2026-04-13T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00688
published_at 2026-04-08T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.0068
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31408
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31408
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2455334
reference_id 2455334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2455334
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
aliases CVE-2026-31408
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxx7-3a43-h7gh
389
url VCID-wzwn-qk64-h3e9
vulnerability_id VCID-wzwn-qk64-h3e9
summary kernel: net/mlx5e: Prevent concurrent access to IPSec ASO context
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23441.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23441.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23441
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01721
published_at 2026-04-24T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23441
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454840
reference_id 2454840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454840
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23441
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wzwn-qk64-h3e9
390
url VCID-x1m4-hf24-27hq
vulnerability_id VCID-x1m4-hf24-27hq
summary kernel: scsi: target: Fix recursive locking in __configfs_open_file()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23292.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23292.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23292
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23292
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23292
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23292
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451185
reference_id 2451185
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451185
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23292
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1m4-hf24-27hq
391
url VCID-x5jd-ruv2-1qac
vulnerability_id VCID-x5jd-ruv2-1qac
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31428.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31428.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31428
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06618
published_at 2026-04-16T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0661
published_at 2026-04-18T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31428
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31428
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31428
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457841
reference_id 2457841
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457841
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31428
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5jd-ruv2-1qac
392
url VCID-x5y6-u3c8-3qbe
vulnerability_id VCID-x5y6-u3c8-3qbe
summary In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: check contexts->nr before accessing contexts_arr[0] Multiple sysfs command paths dereference contexts_arr[0] without first verifying that kdamond->contexts->nr == 1. A user can set nr_contexts to 0 via sysfs while DAMON is running, causing NULL pointer dereferences. In more detail, the issue can be triggered by privileged users like below. First, start DAMON and make contexts directory empty (kdamond->contexts->nr == 0). # damo start # cd /sys/kernel/mm/damon/admin/kdamonds/0 # echo 0 > contexts/nr_contexts Then, each of below commands will cause the NULL pointer dereference. # echo update_schemes_stats > state # echo update_schemes_tried_regions > state # echo update_schemes_tried_bytes > state # echo update_schemes_effective_quotas > state # echo update_tuned_intervals > state Guard all commands (except OFF) at the entry point of damon_sysfs_handle_cmd().
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31458.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31458.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31458
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31458
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460725
reference_id 2460725
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460725
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31458
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5y6-u3c8-3qbe
393
url VCID-x9a9-thjn-yya5
vulnerability_id VCID-x9a9-thjn-yya5
summary In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the log item may be freed by background reclaim or the dquot shrinker. The subsequent spin_lock() call dereferences lip->li_ailp, which is a use-after-free. Fix this by saving the ailp pointer in a local variable while the AIL lock is held and the log item is guaranteed to be valid.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31454.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31454.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31454
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31454
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31454
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31454
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460710
reference_id 2460710
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460710
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31454
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x9a9-thjn-yya5
394
url VCID-xafq-y8ca-hkhe
vulnerability_id VCID-xafq-y8ca-hkhe
summary kernel: rv: Use strings in da monitors tracepoints
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38636.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38636
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02274
published_at 2026-04-02T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02279
published_at 2026-04-04T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02276
published_at 2026-04-07T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02278
published_at 2026-04-08T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.023
published_at 2026-04-09T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02282
published_at 2026-04-11T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0227
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02267
published_at 2026-04-13T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.02249
published_at 2026-04-16T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.0226
published_at 2026-04-18T12:55:00Z
10
value 0.00013
scoring_system epss
scoring_elements 0.02353
published_at 2026-04-21T12:55:00Z
11
value 0.00013
scoring_system epss
scoring_elements 0.0233
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38636
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2390417
reference_id 2390417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2390417
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38636
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xafq-y8ca-hkhe
395
url VCID-xdde-euh1-dqfv
vulnerability_id VCID-xdde-euh1-dqfv
summary kernel: spi: cadence-quadspi: Implement refcount to handle unbind during busy
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40005.json
reference_id
reference_type
scores
0
value 5.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40005.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40005
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-02T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05592
published_at 2026-04-04T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0559
published_at 2026-04-07T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05628
published_at 2026-04-08T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05653
published_at 2026-04-09T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05626
published_at 2026-04-11T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05618
published_at 2026-04-12T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05612
published_at 2026-04-13T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.05563
published_at 2026-04-16T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05576
published_at 2026-04-18T12:55:00Z
10
value 0.00021
scoring_system epss
scoring_elements 0.05734
published_at 2026-04-21T12:55:00Z
11
value 0.00021
scoring_system epss
scoring_elements 0.05765
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40005
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40005
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40005
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2405134
reference_id 2405134
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2405134
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40005
risk_score 2.4
exploitability 0.5
weighted_severity 4.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdde-euh1-dqfv
396
url VCID-xfxw-wbk5-8ugr
vulnerability_id VCID-xfxw-wbk5-8ugr
summary In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: fix possible wrong descriptor completion in llist_abort_desc() At the end of this function, d is the traversal cursor of flist, but the code completes found instead. This can lead to issues such as NULL pointer dereferences, double completion, or descriptor leaks. Fix this by completing d instead of found in the final list_for_each_entry_safe() loop.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31436.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31436.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31436
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04584
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31436
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460678
reference_id 2460678
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460678
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31436
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xfxw-wbk5-8ugr
397
url VCID-xh1w-u484-dbet
vulnerability_id VCID-xh1w-u484-dbet
summary In the Linux kernel, the following vulnerability has been resolved: erofs: add GFP_NOIO in the bio completion if needed The bio completion path in the process context (e.g. dm-verity) will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies, which can then call vm_map_ram() with GFP_KERNEL. Due to insufficient memory, vm_map_ram() may generate memory swapping I/O, which can cause submit_bio_wait to deadlock in some scenarios. Trimmed down the call stack, as follows: f2fs_submit_read_io submit_bio //bio_list is initialized. mmc_blk_mq_recovery z_erofs_endio vm_map_ram __pte_alloc_kernel __alloc_pages_direct_reclaim shrink_folio_list __swap_writepage submit_bio_wait //bio_list is non-NULL, hang!!! Use memalloc_noio_{save,restore}() to wrap up this path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31467.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31467.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31467
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31467
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460616
reference_id 2460616
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460616
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31467
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xh1w-u484-dbet
398
url VCID-xhfy-gkwq-afbr
vulnerability_id VCID-xhfy-gkwq-afbr
summary kernel: wifi: libertas: fix use-after-free in lbs_free_adapter()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23281.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23281.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23281
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23281
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23281
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23281
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451239
reference_id 2451239
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451239
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23281
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhfy-gkwq-afbr
399
url VCID-xjyz-ptu2-jyc5
vulnerability_id VCID-xjyz-ptu2-jyc5
summary kernel: Bluetooth: L2CAP: Fix use-after-free in l2cap_unregister_user
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23461.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23461.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23461
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04614
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04649
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06321
published_at 2026-04-16T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06332
published_at 2026-04-18T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.0648
published_at 2026-04-21T12:55:00Z
6
value 0.00024
scoring_system epss
scoring_elements 0.06492
published_at 2026-04-24T12:55:00Z
7
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
8
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
9
value 0.00024
scoring_system epss
scoring_elements 0.06392
published_at 2026-04-12T12:55:00Z
10
value 0.00024
scoring_system epss
scoring_elements 0.06382
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23461
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454828
reference_id 2454828
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454828
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23461
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xjyz-ptu2-jyc5
400
url VCID-xqpe-25bd-vygx
vulnerability_id VCID-xqpe-25bd-vygx
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23401.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23401
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04588
published_at 2026-04-02T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04609
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06405
published_at 2026-04-09T12:55:00Z
3
value 0.00024
scoring_system epss
scoring_elements 0.06398
published_at 2026-04-11T12:55:00Z
4
value 0.00024
scoring_system epss
scoring_elements 0.06315
published_at 2026-04-07T12:55:00Z
5
value 0.00024
scoring_system epss
scoring_elements 0.06363
published_at 2026-04-08T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
10
value 0.00056
scoring_system epss
scoring_elements 0.17368
published_at 2026-04-24T12:55:00Z
11
value 0.00056
scoring_system epss
scoring_elements 0.17455
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23401
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2453803
reference_id 2453803
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2453803
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
purl pkg:deb/debian/linux@6.19.11-1~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1~bpo13%252B1
2
url pkg:deb/debian/linux@6.19.11-1
purl pkg:deb/debian/linux@6.19.11-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1g77-qwuy-nkg8
1
vulnerability VCID-1s77-djzb-xffp
2
vulnerability VCID-4jvb-unxd-3qg3
3
vulnerability VCID-5ahq-saw1-suf1
4
vulnerability VCID-94k1-ja9w-2fd2
5
vulnerability VCID-brte-gqy3-r3ax
6
vulnerability VCID-c7xf-x7d5-87gn
7
vulnerability VCID-dq8r-defv-hbg6
8
vulnerability VCID-fvvb-p7r7-zkbk
9
vulnerability VCID-gbkk-anun-a3ce
10
vulnerability VCID-n59e-jkf6-13bf
11
vulnerability VCID-p3vt-v7gj-gqbc
12
vulnerability VCID-p4by-fm53-yybk
13
vulnerability VCID-pmn9-t8by-myhb
14
vulnerability VCID-qsdm-cyzs-aufy
15
vulnerability VCID-texr-5weq-v3dw
16
vulnerability VCID-v813-y477-vkhn
17
vulnerability VCID-vzkt-5648-ukh7
18
vulnerability VCID-yqcj-27j2-tqb8
19
vulnerability VCID-zh73-s87g-vfff
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.11-1
aliases CVE-2026-23401
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xqpe-25bd-vygx
401
url VCID-xs4a-ha3z-2bej
vulnerability_id VCID-xs4a-ha3z-2bej
summary kernel: tracing: Add recursion protection in kernel stack trace recording
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23138.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23138.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23138
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.02978
published_at 2026-04-02T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.02993
published_at 2026-04-04T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.02998
published_at 2026-04-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.02999
published_at 2026-04-08T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03023
published_at 2026-04-09T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.02985
published_at 2026-04-11T12:55:00Z
6
value 0.00015
scoring_system epss
scoring_elements 0.02938
published_at 2026-04-18T12:55:00Z
7
value 0.00015
scoring_system epss
scoring_elements 0.03059
published_at 2026-04-21T12:55:00Z
8
value 0.00015
scoring_system epss
scoring_elements 0.02962
published_at 2026-04-12T12:55:00Z
9
value 0.00015
scoring_system epss
scoring_elements 0.02952
published_at 2026-04-13T12:55:00Z
10
value 0.00015
scoring_system epss
scoring_elements 0.02928
published_at 2026-04-16T12:55:00Z
11
value 0.00017
scoring_system epss
scoring_elements 0.04309
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23138
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23138
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23138
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2439868
reference_id 2439868
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2439868
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23138
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xs4a-ha3z-2bej
402
url VCID-xsc7-awsw-33fq
vulnerability_id VCID-xsc7-awsw-33fq
summary kernel: drm/i915: Grab intel_display from the encoder to avoid potential oopsies
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58074.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-58074.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-58074
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10039
published_at 2026-04-24T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09954
published_at 2026-04-16T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.09929
published_at 2026-04-18T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.10061
published_at 2026-04-21T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.1438
published_at 2026-04-07T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14519
published_at 2026-04-09T12:55:00Z
6
value 0.00047
scoring_system epss
scoring_elements 0.14467
published_at 2026-04-11T12:55:00Z
7
value 0.00047
scoring_system epss
scoring_elements 0.1443
published_at 2026-04-12T12:55:00Z
8
value 0.00047
scoring_system epss
scoring_elements 0.14372
published_at 2026-04-13T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14464
published_at 2026-04-08T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14502
published_at 2026-04-02T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14572
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-58074
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2350387
reference_id 2350387
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2350387
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2024-58074
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsc7-awsw-33fq
403
url VCID-xyz6-bu7n-a7ha
vulnerability_id VCID-xyz6-bu7n-a7ha
summary kernel: drm/xe: Open-code GGTT MMIO access protection
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23466.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23466
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23466
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454867
reference_id 2454867
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454867
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23466
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xyz6-bu7n-a7ha
404
url VCID-xzc2-9tmc-7qey
vulnerability_id VCID-xzc2-9tmc-7qey
summary In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock btintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET and Intel exception-info retrieval) without holding hci_req_sync_lock(). This lets it race against hci_dev_do_close() -> btintel_shutdown_combined(), which also runs __hci_cmd_sync() under the same lock. When both paths manipulate hdev->req_status/req_rsp concurrently, the close path may free the response skb first, and the still-running hw_error path hits a slab-use-after-free in kfree_skb(). Wrap the whole recovery sequence in hci_req_sync_lock/unlock so it is serialized with every other synchronous HCI command issuer. Below is the data race report and the kasan report: BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined read of hdev->req_rsp at net/bluetooth/hci_sync.c:199 by task kworker/u17:1/83: __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200 __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223 btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254 hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030 write/free by task ioctl/22580: btintel_shutdown_combined+0xd0/0x360 drivers/bluetooth/btintel.c:3648 hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246 hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526 BUG: KASAN: slab-use-after-free in sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202 Read of size 4 at addr ffff888144a738dc by task kworker/u17:1/83: __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200 __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223 btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31500.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31500.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31500
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31500
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31500
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31500
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460662
reference_id 2460662
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460662
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31500
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xzc2-9tmc-7qey
405
url VCID-y439-52f2-rfck
vulnerability_id VCID-y439-52f2-rfck
summary kernel: net: ipv6: fix panic when IPv4 route references loopback IPv6 nexthop
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23300.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23300.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23300
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09178
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09223
published_at 2026-04-04T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09227
published_at 2026-04-08T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
11
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23300
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451250
reference_id 2451250
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451250
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23300
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y439-52f2-rfck
406
url VCID-y4w2-qru6-p3g4
vulnerability_id VCID-y4w2-qru6-p3g4
summary In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 mounts were failing against a single server as the client was trying to mount the shares with wrong credentials. It turned out the client was reusing SMB session from first mount to try mounting the other shares, even though a different username= option had been specified to the other mounts. By using username mount option along with sec=krb5 to search for principals from keytab is supported by cifs.upcall(8) since cifs-utils-4.8. So fix this by matching username mount option in match_session() even with Kerberos. For example, the second mount below should fail with -ENOKEY as there is no 'foobar' principal in keytab (/etc/krb5.keytab). The client ends up reusing SMB session from first mount to perform the second one, which is wrong. ``` $ ktutil ktutil: add_entry -password -p testuser -k 1 -e aes256-cts Password for testuser@ZELDA.TEST: ktutil: write_kt /etc/krb5.keytab ktutil: quit $ klist -ke Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- ---------------------------------------------------------------- 1 testuser@ZELDA.TEST (aes256-cts-hmac-sha1-96) $ mount.cifs //w22-root2/scratch /mnt/1 -o sec=krb5,username=testuser $ mount.cifs //w22-root2/scratch /mnt/2 -o sec=krb5,username=foobar $ mount -t cifs | grep -Po 'username=\K\w+' testuser testuser ```
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31392.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31392.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31392
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31392
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31392
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31392
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454853
reference_id 2454853
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454853
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31392
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4w2-qru6-p3g4
407
url VCID-ya2f-awge-mfae
vulnerability_id VCID-ya2f-awge-mfae
summary kernel: drm/panthor: Prevent potential UAF in group creation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68735.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68735.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68735
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68735
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2425067
reference_id 2425067
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2425067
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68735
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya2f-awge-mfae
408
url VCID-yaz4-szyc-afg8
vulnerability_id VCID-yaz4-szyc-afg8
summary kernel: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23227.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23227.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23227
reference_id
reference_type
scores
0
value 9e-05
scoring_system epss
scoring_elements 0.0094
published_at 2026-04-24T12:55:00Z
1
value 9e-05
scoring_system epss
scoring_elements 0.00891
published_at 2026-04-02T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00893
published_at 2026-04-04T12:55:00Z
3
value 9e-05
scoring_system epss
scoring_elements 0.00895
published_at 2026-04-07T12:55:00Z
4
value 9e-05
scoring_system epss
scoring_elements 0.00899
published_at 2026-04-08T12:55:00Z
5
value 9e-05
scoring_system epss
scoring_elements 0.00896
published_at 2026-04-09T12:55:00Z
6
value 9e-05
scoring_system epss
scoring_elements 0.00884
published_at 2026-04-11T12:55:00Z
7
value 9e-05
scoring_system epss
scoring_elements 0.00879
published_at 2026-04-12T12:55:00Z
8
value 9e-05
scoring_system epss
scoring_elements 0.0088
published_at 2026-04-13T12:55:00Z
9
value 9e-05
scoring_system epss
scoring_elements 0.00878
published_at 2026-04-16T12:55:00Z
10
value 9e-05
scoring_system epss
scoring_elements 0.00885
published_at 2026-04-18T12:55:00Z
11
value 9e-05
scoring_system epss
scoring_elements 0.00935
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23227
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23227
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2440672
reference_id 2440672
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2440672
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23227
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yaz4-szyc-afg8
409
url VCID-ycev-sqxs-13da
vulnerability_id VCID-ycev-sqxs-13da
summary kernel: Kernel: Double free vulnerability in exFAT filesystem can lead to denial of service
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38206.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38206.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38206
reference_id
reference_type
scores
0
value 0.00026
scoring_system epss
scoring_elements 0.07265
published_at 2026-04-02T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07309
published_at 2026-04-04T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07292
published_at 2026-04-07T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07348
published_at 2026-04-08T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.0737
published_at 2026-04-24T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07271
published_at 2026-04-18T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07409
published_at 2026-04-21T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07358
published_at 2026-04-12T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07346
published_at 2026-04-13T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.07276
published_at 2026-04-16T12:55:00Z
10
value 0.00027
scoring_system epss
scoring_elements 0.0778
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38206
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-38206
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2376377
reference_id 2376377
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2376377
5
reference_url https://access.redhat.com/errata/RHSA-2026:3066
reference_id RHSA-2026:3066
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3066
6
reference_url https://access.redhat.com/errata/RHSA-2026:3275
reference_id RHSA-2026:3275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3275
7
reference_url https://access.redhat.com/errata/RHSA-2026:4246
reference_id RHSA-2026:4246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4246
8
reference_url https://access.redhat.com/errata/RHSA-2026:4745
reference_id RHSA-2026:4745
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4745
9
reference_url https://access.redhat.com/errata/RHSA-2026:6948
reference_id RHSA-2026:6948
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6948
10
reference_url https://access.redhat.com/errata/RHSA-2026:6986
reference_id RHSA-2026:6986
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6986
11
reference_url https://access.redhat.com/errata/RHSA-2026:7013
reference_id RHSA-2026:7013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7013
12
reference_url https://access.redhat.com/errata/RHSA-2026:7100
reference_id RHSA-2026:7100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7100
13
reference_url https://usn.ubuntu.com/7774-1/
reference_id USN-7774-1
reference_type
scores
url https://usn.ubuntu.com/7774-1/
14
reference_url https://usn.ubuntu.com/7774-2/
reference_id USN-7774-2
reference_type
scores
url https://usn.ubuntu.com/7774-2/
15
reference_url https://usn.ubuntu.com/7774-3/
reference_id USN-7774-3
reference_type
scores
url https://usn.ubuntu.com/7774-3/
16
reference_url https://usn.ubuntu.com/7774-4/
reference_id USN-7774-4
reference_type
scores
url https://usn.ubuntu.com/7774-4/
17
reference_url https://usn.ubuntu.com/7774-5/
reference_id USN-7774-5
reference_type
scores
url https://usn.ubuntu.com/7774-5/
18
reference_url https://usn.ubuntu.com/7775-1/
reference_id USN-7775-1
reference_type
scores
url https://usn.ubuntu.com/7775-1/
19
reference_url https://usn.ubuntu.com/7775-2/
reference_id USN-7775-2
reference_type
scores
url https://usn.ubuntu.com/7775-2/
20
reference_url https://usn.ubuntu.com/7775-3/
reference_id USN-7775-3
reference_type
scores
url https://usn.ubuntu.com/7775-3/
21
reference_url https://usn.ubuntu.com/7776-1/
reference_id USN-7776-1
reference_type
scores
url https://usn.ubuntu.com/7776-1/
22
reference_url https://usn.ubuntu.com/7833-1/
reference_id USN-7833-1
reference_type
scores
url https://usn.ubuntu.com/7833-1/
23
reference_url https://usn.ubuntu.com/7833-2/
reference_id USN-7833-2
reference_type
scores
url https://usn.ubuntu.com/7833-2/
24
reference_url https://usn.ubuntu.com/7833-3/
reference_id USN-7833-3
reference_type
scores
url https://usn.ubuntu.com/7833-3/
25
reference_url https://usn.ubuntu.com/7833-4/
reference_id USN-7833-4
reference_type
scores
url https://usn.ubuntu.com/7833-4/
26
reference_url https://usn.ubuntu.com/7834-1/
reference_id USN-7834-1
reference_type
scores
url https://usn.ubuntu.com/7834-1/
27
reference_url https://usn.ubuntu.com/7856-1/
reference_id USN-7856-1
reference_type
scores
url https://usn.ubuntu.com/7856-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38206
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ycev-sqxs-13da
410
url VCID-yehk-tjrt-rbbe
vulnerability_id VCID-yehk-tjrt-rbbe
summary kernel: dm-verity: disable recursive forward error correction
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71161.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-71161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-71161
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01262
published_at 2026-04-24T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01257
published_at 2026-04-21T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00731
published_at 2026-04-02T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00733
published_at 2026-04-07T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.00732
published_at 2026-04-08T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00723
published_at 2026-04-09T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.0072
published_at 2026-04-11T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00714
published_at 2026-04-13T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00713
published_at 2026-04-16T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00718
published_at 2026-04-18T12:55:00Z
10
value 8e-05
scoring_system epss
scoring_elements 0.00728
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-71161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-71161
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2432401
reference_id 2432401
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2432401
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-71161
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yehk-tjrt-rbbe
411
url VCID-ygbb-8ebm-pydv
vulnerability_id VCID-ygbb-8ebm-pydv
summary kernel: HID: bpf: prevent buffer overflow in hid_hw_request
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31401.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31401
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04427
published_at 2026-04-07T12:55:00Z
1
value 0.00018
scoring_system epss
scoring_elements 0.0446
published_at 2026-04-08T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04416
published_at 2026-04-04T12:55:00Z
3
value 0.00023
scoring_system epss
scoring_elements 0.06218
published_at 2026-04-16T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.0623
published_at 2026-04-18T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06379
published_at 2026-04-21T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06394
published_at 2026-04-24T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06283
published_at 2026-04-09T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06274
published_at 2026-04-11T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0627
published_at 2026-04-12T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06259
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31401
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454818
reference_id 2454818
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454818
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31401
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ygbb-8ebm-pydv
412
url VCID-yj3z-hvs9-47hj
vulnerability_id VCID-yj3z-hvs9-47hj
summary In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pm_runtime_work() may dereference the dev->parent pointer after the parent device has been freed: /* Maybe the parent is now able to suspend. */ if (parent && !parent->power.ignore_children) { spin_unlock(&dev->power.lock); spin_lock(&parent->power.lock); rpm_idle(parent, RPM_ASYNC); spin_unlock(&parent->power.lock); spin_lock(&dev->power.lock); } Fix this by inserting a flush_work() call in pm_runtime_remove(). Without this patch blktest block/001 triggers the following complaint sporadically: BUG: KASAN: slab-use-after-free in lock_acquire+0x70/0x160 Read of size 1 at addr ffff88812bef7198 by task kworker/u553:1/3081 Workqueue: pm pm_runtime_work Call Trace: <TASK> dump_stack_lvl+0x61/0x80 print_address_description.constprop.0+0x8b/0x310 print_report+0xfd/0x1d7 kasan_report+0xd8/0x1d0 __kasan_check_byte+0x42/0x60 lock_acquire.part.0+0x38/0x230 lock_acquire+0x70/0x160 _raw_spin_lock+0x36/0x50 rpm_suspend+0xc6a/0xfe0 rpm_idle+0x578/0x770 pm_runtime_work+0xee/0x120 process_one_work+0xde3/0x1410 worker_thread+0x5eb/0xfe0 kthread+0x37b/0x480 ret_from_fork+0x6cb/0x920 ret_from_fork_asm+0x11/0x20 </TASK> Allocated by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_alloc_info+0x3d/0x50 __kasan_kmalloc+0xa0/0xb0 __kmalloc_noprof+0x311/0x990 scsi_alloc_target+0x122/0xb60 [scsi_mod] __scsi_scan_target+0x101/0x460 [scsi_mod] scsi_scan_channel+0x179/0x1c0 [scsi_mod] scsi_scan_host_selected+0x259/0x2d0 [scsi_mod] store_scan+0x2d2/0x390 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810 do_syscall_64+0xee/0xfc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 Freed by task 4314: kasan_save_stack+0x2a/0x50 kasan_save_track+0x18/0x40 kasan_save_free_info+0x3f/0x50 __kasan_slab_free+0x67/0x80 kfree+0x225/0x6c0 scsi_target_dev_release+0x3d/0x60 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_dev_release+0xacf/0x12c0 [scsi_mod] device_release+0xa3/0x220 kobject_cleanup+0x105/0x3a0 kobject_put+0x72/0xd0 put_device+0x17/0x20 scsi_device_put+0x7f/0xc0 [scsi_mod] sdev_store_delete+0xa5/0x120 [scsi_mod] dev_attr_store+0x43/0x80 sysfs_kf_write+0xde/0x140 kernfs_fop_write_iter+0x3ef/0x670 vfs_write+0x506/0x1470 ksys_write+0xfd/0x230 __x64_sys_write+0x76/0xc0 x64_sys_call+0x213/0x1810
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23452.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23452.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23452
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23452
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23452
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23452
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454820
reference_id 2454820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454820
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23452
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yj3z-hvs9-47hj
413
url VCID-yjuh-uacz-xfhm
vulnerability_id VCID-yjuh-uacz-xfhm
summary kernel: md: make rdev_addable usable for rcu mode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38621.json
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-38621.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-38621
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05227
published_at 2026-04-02T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05259
published_at 2026-04-04T12:55:00Z
2
value 0.0002
scoring_system epss
scoring_elements 0.05284
published_at 2026-04-07T12:55:00Z
3
value 0.0002
scoring_system epss
scoring_elements 0.0532
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05342
published_at 2026-04-09T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.0531
published_at 2026-04-11T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05299
published_at 2026-04-12T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05288
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05235
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05236
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05388
published_at 2026-04-21T12:55:00Z
11
value 0.0002
scoring_system epss
scoring_elements 0.05427
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-38621
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2390383
reference_id 2390383
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2390383
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-38621
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjuh-uacz-xfhm
414
url VCID-yp8m-zttt-ffdt
vulnerability_id VCID-yp8m-zttt-ffdt
summary kernel: Linux kernel: Denial of service due to a race condition in the TLS subsystem
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23240.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23240.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23240
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.1806
published_at 2026-04-09T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18212
published_at 2026-04-04T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.17913
published_at 2026-04-07T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.18
published_at 2026-04-08T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19449
published_at 2026-04-21T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19437
published_at 2026-04-18T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19341
published_at 2026-04-24T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19573
published_at 2026-04-11T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19525
published_at 2026-04-12T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19467
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19428
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23240
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23240
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2446139
reference_id 2446139
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2446139
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23240
risk_score 2.6
exploitability 0.5
weighted_severity 5.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yp8m-zttt-ffdt
415
url VCID-yqcj-27j2-tqb8
vulnerability_id VCID-yqcj-27j2-tqb8
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31419.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31419.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31419
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.03904
published_at 2026-04-16T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.03916
published_at 2026-04-18T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06055
published_at 2026-04-24T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.06029
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31419
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31419
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457829
reference_id 2457829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457829
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31419
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqcj-27j2-tqb8
416
url VCID-yr2z-pe4g-8yhu
vulnerability_id VCID-yr2z-pe4g-8yhu
summary kernel: nfc: rawsock: cancel tx_work before socket teardown
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23372.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23372.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23372
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02487
published_at 2026-04-24T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02402
published_at 2026-04-18T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02501
published_at 2026-04-21T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02418
published_at 2026-04-04T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02416
published_at 2026-04-07T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02421
published_at 2026-04-11T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02441
published_at 2026-04-09T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02412
published_at 2026-04-12T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02411
published_at 2026-04-13T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02395
published_at 2026-04-16T12:55:00Z
10
value 0.00031
scoring_system epss
scoring_elements 0.08853
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23372
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451262
reference_id 2451262
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451262
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23372
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yr2z-pe4g-8yhu
417
url VCID-ytfc-yqtw-4yhb
vulnerability_id VCID-ytfc-yqtw-4yhb
summary kernel: bridge: cfm: Fix race condition in peer_mep deletion
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23393.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23393.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-23393
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.0226
published_at 2026-04-16T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02267
published_at 2026-04-18T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.02287
published_at 2026-04-08T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02285
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.02309
published_at 2026-04-09T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02292
published_at 2026-04-11T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.0228
published_at 2026-04-12T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.02277
published_at 2026-04-13T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03556
published_at 2026-04-24T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03548
published_at 2026-04-21T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06188
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-23393
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2451260
reference_id 2451260
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2451260
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-23393
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ytfc-yqtw-4yhb
418
url VCID-yumk-yrcg-7qet
vulnerability_id VCID-yumk-yrcg-7qet
summary kernel: wifi: ath12k: Avoid memory leak while enabling statistics
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37743.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-37743.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-37743
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.2593
published_at 2026-04-02T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25971
published_at 2026-04-04T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25738
published_at 2026-04-07T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25809
published_at 2026-04-08T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25861
published_at 2026-04-09T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.25872
published_at 2026-04-11T12:55:00Z
6
value 0.00092
scoring_system epss
scoring_elements 0.2583
published_at 2026-04-12T12:55:00Z
7
value 0.00092
scoring_system epss
scoring_elements 0.25774
published_at 2026-04-13T12:55:00Z
8
value 0.00092
scoring_system epss
scoring_elements 0.25777
published_at 2026-04-16T12:55:00Z
9
value 0.00092
scoring_system epss
scoring_elements 0.2576
published_at 2026-04-18T12:55:00Z
10
value 0.00092
scoring_system epss
scoring_elements 0.25731
published_at 2026-04-21T12:55:00Z
11
value 0.00092
scoring_system epss
scoring_elements 0.25676
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-37743
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2363319
reference_id 2363319
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2363319
4
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
5
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
6
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-37743
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yumk-yrcg-7qet
419
url VCID-yx1f-r3sr-rues
vulnerability_id VCID-yx1f-r3sr-rues
summary In the Linux kernel, the following vulnerability has been resolved: ext4: replace BUG_ON with proper error handling in ext4_read_inline_folio Replace BUG_ON() with proper error handling when inline data size exceeds PAGE_SIZE. This prevents kernel panic and allows the system to continue running while properly reporting the filesystem corruption. The error is logged via ext4_error_inode(), the buffer head is released to prevent memory leak, and -EFSCORRUPTED is returned to indicate filesystem corruption.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31451.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31451.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31451
reference_id
reference_type
scores
0
value 0.00018
scoring_system epss
scoring_elements 0.04778
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31451
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31451
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31451
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460690
reference_id 2460690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460690
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31451
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yx1f-r3sr-rues
420
url VCID-z1gu-rwfd-7yfa
vulnerability_id VCID-z1gu-rwfd-7yfa
summary kernel: f2fs: fix UAF issue in f2fs_merge_page_bio()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40054.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-40054.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-40054
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05953
published_at 2026-04-04T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.0592
published_at 2026-04-02T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07327
published_at 2026-04-08T12:55:00Z
3
value 0.00026
scoring_system epss
scoring_elements 0.07354
published_at 2026-04-09T12:55:00Z
4
value 0.00026
scoring_system epss
scoring_elements 0.07352
published_at 2026-04-11T12:55:00Z
5
value 0.00026
scoring_system epss
scoring_elements 0.07339
published_at 2026-04-12T12:55:00Z
6
value 0.00026
scoring_system epss
scoring_elements 0.07329
published_at 2026-04-13T12:55:00Z
7
value 0.00026
scoring_system epss
scoring_elements 0.07259
published_at 2026-04-16T12:55:00Z
8
value 0.00026
scoring_system epss
scoring_elements 0.07253
published_at 2026-04-18T12:55:00Z
9
value 0.00026
scoring_system epss
scoring_elements 0.0738
published_at 2026-04-21T12:55:00Z
10
value 0.00026
scoring_system epss
scoring_elements 0.07341
published_at 2026-04-24T12:55:00Z
11
value 0.00026
scoring_system epss
scoring_elements 0.07272
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-40054
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40054
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2406765
reference_id 2406765
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2406765
5
reference_url https://usn.ubuntu.com/8029-1/
reference_id USN-8029-1
reference_type
scores
url https://usn.ubuntu.com/8029-1/
6
reference_url https://usn.ubuntu.com/8029-2/
reference_id USN-8029-2
reference_type
scores
url https://usn.ubuntu.com/8029-2/
7
reference_url https://usn.ubuntu.com/8029-3/
reference_id USN-8029-3
reference_type
scores
url https://usn.ubuntu.com/8029-3/
8
reference_url https://usn.ubuntu.com/8030-1/
reference_id USN-8030-1
reference_type
scores
url https://usn.ubuntu.com/8030-1/
9
reference_url https://usn.ubuntu.com/8048-1/
reference_id USN-8048-1
reference_type
scores
url https://usn.ubuntu.com/8048-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-40054
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z1gu-rwfd-7yfa
421
url VCID-z22s-ebq4-y7a4
vulnerability_id VCID-z22s-ebq4-y7a4
summary kernel: s390/fpu: Fix false-positive kmsan report in fpu_vstl()
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68751.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68751.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-68751
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06793
published_at 2026-04-02T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.0684
published_at 2026-04-04T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.06822
published_at 2026-04-07T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.06874
published_at 2026-04-08T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.06907
published_at 2026-04-09T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.069
published_at 2026-04-11T12:55:00Z
6
value 0.00025
scoring_system epss
scoring_elements 0.06893
published_at 2026-04-12T12:55:00Z
7
value 0.00025
scoring_system epss
scoring_elements 0.06888
published_at 2026-04-13T12:55:00Z
8
value 0.00025
scoring_system epss
scoring_elements 0.0683
published_at 2026-04-16T12:55:00Z
9
value 0.00025
scoring_system epss
scoring_elements 0.06811
published_at 2026-04-18T12:55:00Z
10
value 0.00025
scoring_system epss
scoring_elements 0.06956
published_at 2026-04-21T12:55:00Z
11
value 0.00025
scoring_system epss
scoring_elements 0.06938
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-68751
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427120
reference_id 2427120
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427120
4
reference_url https://usn.ubuntu.com/8094-1/
reference_id USN-8094-1
reference_type
scores
url https://usn.ubuntu.com/8094-1/
5
reference_url https://usn.ubuntu.com/8094-2/
reference_id USN-8094-2
reference_type
scores
url https://usn.ubuntu.com/8094-2/
6
reference_url https://usn.ubuntu.com/8094-3/
reference_id USN-8094-3
reference_type
scores
url https://usn.ubuntu.com/8094-3/
7
reference_url https://usn.ubuntu.com/8094-4/
reference_id USN-8094-4
reference_type
scores
url https://usn.ubuntu.com/8094-4/
8
reference_url https://usn.ubuntu.com/8094-5/
reference_id USN-8094-5
reference_type
scores
url https://usn.ubuntu.com/8094-5/
9
reference_url https://usn.ubuntu.com/8152-1/
reference_id USN-8152-1
reference_type
scores
url https://usn.ubuntu.com/8152-1/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-68751
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z22s-ebq4-y7a4
422
url VCID-z35d-gch3-1uct
vulnerability_id VCID-z35d-gch3-1uct
summary kernel: kernel: be more careful about dup_mmap() failures and uprobe registering
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21709.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21709.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-21709
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12288
published_at 2026-04-11T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12214
published_at 2026-04-13T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12103
published_at 2026-04-16T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12107
published_at 2026-04-18T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12218
published_at 2026-04-21T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12151
published_at 2026-04-07T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12231
published_at 2026-04-08T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12281
published_at 2026-04-09T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.12251
published_at 2026-04-12T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.12955
published_at 2026-04-24T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14502
published_at 2026-04-02T12:55:00Z
11
value 0.00047
scoring_system epss
scoring_elements 0.14572
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-21709
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2348549
reference_id 2348549
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2348549
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-21709
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z35d-gch3-1uct
423
url VCID-z6xa-pf4r-4kbm
vulnerability_id VCID-z6xa-pf4r-4kbm
summary In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix folio isn't locked in softleaf_to_folio() On arm64 server, we found folio that get from migration entry isn't locked in softleaf_to_folio(). This issue triggers when mTHP splitting and zap_nonpresent_ptes() races, and the root cause is lack of memory barrier in softleaf_to_folio(). The race is as follows: CPU0 CPU1 deferred_split_scan() zap_nonpresent_ptes() lock folio split_folio() unmap_folio() change ptes to migration entries __split_folio_to_order() softleaf_to_folio() set flags(including PG_locked) for tail pages folio = pfn_folio(softleaf_to_pfn(entry)) smp_wmb() VM_WARN_ON_ONCE(!folio_test_locked(folio)) prep_compound_page() for tail pages In __split_folio_to_order(), smp_wmb() guarantees page flags of tail pages are visible before the tail page becomes non-compound. smp_wmb() should be paired with smp_rmb() in softleaf_to_folio(), which is missed. As a result, if zap_nonpresent_ptes() accesses migration entry that stores tail pfn, softleaf_to_folio() may see the updated compound_head of tail page before page->flags. This issue will trigger VM_WARN_ON_ONCE() in pfn_swap_entry_folio() because of the race between folio split and zap_nonpresent_ptes() leading to a folio incorrectly undergoing modification without a folio lock being held. This is a BUG_ON() before commit 93976a20345b ("mm: eliminate further swapops predicates"), which in merged in v6.19-rc1. To fix it, add missing smp_rmb() if the softleaf entry is migration entry in softleaf_to_folio() and softleaf_to_page(). [tujinjiang@huawei.com: update function name and comments]
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31466.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31466
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06773
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31466
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31466
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31466
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2460685
reference_id 2460685
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2460685
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31466
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6xa-pf4r-4kbm
424
url VCID-zh73-s87g-vfff
vulnerability_id VCID-zh73-s87g-vfff
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31430.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31430
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01696
published_at 2026-04-21T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.0171
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31430
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2459691
reference_id 2459691
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2459691
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
1
url pkg:deb/debian/linux@6.19.12-1
purl pkg:deb/debian/linux@6.19.12-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-dq8r-defv-hbg6
1
vulnerability VCID-n59e-jkf6-13bf
2
vulnerability VCID-p3vt-v7gj-gqbc
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.19.12-1
aliases CVE-2026-31430
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zh73-s87g-vfff
425
url VCID-zhaf-5de2-tycd
vulnerability_id VCID-zhaf-5de2-tycd
summary In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via get_ts_info ethtool call which is possible while the interface is just present in the kernel. BUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 Read of size 4 at addr ffff8880194345cc by task syz.0.6/948 CPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106 print_address_description mm/kasan/report.c:316 [inline] print_report+0x17f/0x496 mm/kasan/report.c:420 kasan_report+0xd9/0x180 mm/kasan/report.c:524 ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426 gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349 macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371 __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558 ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline] __dev_ethtool net/ethtool/ioctl.c:3017 [inline] dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095 dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510 sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215 sock_ioctl+0x577/0x6d0 net/socket.c:1320 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 </TASK> Allocated by task 457: kmalloc include/linux/slab.h:563 [inline] kzalloc include/linux/slab.h:699 [inline] ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235 gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375 macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920 __dev_open+0x2ce/0x500 net/core/dev.c:1501 __dev_change_flags+0x56a/0x740 net/core/dev.c:8651 dev_change_flags+0x92/0x170 net/core/dev.c:8722 do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833 __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608 rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655 rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150 netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:718 [inline] __sock_sendmsg+0x14b/0x180 net/socket.c:730 __sys_sendto+0x320/0x3b0 net/socket.c:2152 __do_sys_sendto net/socket.c:2164 [inline] __se_sys_sendto net/socket.c:2160 [inline] __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160 do_syscall_x64 arch/x86/entry/common.c:46 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76 entry_SYSCALL_64_after_hwframe+0x6e/0xd8 Freed by task 938: kasan_slab_free include/linux/kasan.h:177 [inline] slab_free_hook mm/slub.c:1729 [inline] slab_free_freelist_hook mm/slub.c:1755 [inline] slab_free mm/slub.c:3687 [inline] __kmem_cache_free+0xbc/0x320 mm/slub.c:3700 device_release+0xa0/0x240 drivers/base/core.c:2507 kobject_cleanup lib/kobject.c:681 [inline] kobject_release lib/kobject.c:712 [inline] kref_put include/linux/kref.h:65 [inline] kobject_put+0x1cd/0x350 lib/kobject.c:729 put_device+0x1b/0x30 drivers/base/core.c:3805 ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391 gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404 macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966 __dev_close_many+0x1b9/0x310 net/core/dev.c:1585 __dev_close net/core/dev.c:1597 [inline] __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649 dev_change_fl ---truncated---
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31396.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-31396
reference_id
reference_type
scores
0
value 0.00024
scoring_system epss
scoring_elements 0.06619
published_at 2026-04-07T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06669
published_at 2026-04-08T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.0664
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09236
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09222
published_at 2026-04-13T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09117
published_at 2026-04-16T12:55:00Z
6
value 0.00032
scoring_system epss
scoring_elements 0.09098
published_at 2026-04-18T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09252
published_at 2026-04-21T12:55:00Z
8
value 0.00032
scoring_system epss
scoring_elements 0.09294
published_at 2026-04-24T12:55:00Z
9
value 0.00032
scoring_system epss
scoring_elements 0.09265
published_at 2026-04-09T12:55:00Z
10
value 0.00032
scoring_system epss
scoring_elements 0.09267
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-31396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31396
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454865
reference_id 2454865
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454865
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2026-31396
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zhaf-5de2-tycd
426
url VCID-zs1j-hpbv-7qbz
vulnerability_id VCID-zs1j-hpbv-7qbz
summary kernel: ibmvnic: Use kernel helpers for hex dumps
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22104.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22104.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22104
reference_id
reference_type
scores
0
value 0.00077
scoring_system epss
scoring_elements 0.23007
published_at 2026-04-02T12:55:00Z
1
value 0.00077
scoring_system epss
scoring_elements 0.23051
published_at 2026-04-04T12:55:00Z
2
value 0.00077
scoring_system epss
scoring_elements 0.22842
published_at 2026-04-07T12:55:00Z
3
value 0.00077
scoring_system epss
scoring_elements 0.22916
published_at 2026-04-08T12:55:00Z
4
value 0.00077
scoring_system epss
scoring_elements 0.22968
published_at 2026-04-09T12:55:00Z
5
value 0.00077
scoring_system epss
scoring_elements 0.22986
published_at 2026-04-11T12:55:00Z
6
value 0.00077
scoring_system epss
scoring_elements 0.22949
published_at 2026-04-12T12:55:00Z
7
value 0.00077
scoring_system epss
scoring_elements 0.22893
published_at 2026-04-13T12:55:00Z
8
value 0.00077
scoring_system epss
scoring_elements 0.22907
published_at 2026-04-16T12:55:00Z
9
value 0.00077
scoring_system epss
scoring_elements 0.22901
published_at 2026-04-18T12:55:00Z
10
value 0.00077
scoring_system epss
scoring_elements 0.22864
published_at 2026-04-21T12:55:00Z
11
value 0.00077
scoring_system epss
scoring_elements 0.22697
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22104
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22104
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22104
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2360265
reference_id 2360265
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2360265
5
reference_url https://access.redhat.com/errata/RHSA-2025:10829
reference_id RHSA-2025:10829
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10829
6
reference_url https://access.redhat.com/errata/RHSA-2025:10830
reference_id RHSA-2025:10830
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10830
7
reference_url https://access.redhat.com/errata/RHSA-2025:11571
reference_id RHSA-2025:11571
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11571
8
reference_url https://access.redhat.com/errata/RHSA-2025:11572
reference_id RHSA-2025:11572
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11572
9
reference_url https://access.redhat.com/errata/RHSA-2025:11810
reference_id RHSA-2025:11810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11810
10
reference_url https://access.redhat.com/errata/RHSA-2025:9302
reference_id RHSA-2025:9302
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9302
11
reference_url https://access.redhat.com/errata/RHSA-2025:9896
reference_id RHSA-2025:9896
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9896
12
reference_url https://usn.ubuntu.com/7594-1/
reference_id USN-7594-1
reference_type
scores
url https://usn.ubuntu.com/7594-1/
13
reference_url https://usn.ubuntu.com/7594-2/
reference_id USN-7594-2
reference_type
scores
url https://usn.ubuntu.com/7594-2/
14
reference_url https://usn.ubuntu.com/7594-3/
reference_id USN-7594-3
reference_type
scores
url https://usn.ubuntu.com/7594-3/
fixed_packages
0
url pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
purl pkg:deb/debian/linux@6.12.74-2~bpo12%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.74-2~bpo12%252B1
aliases CVE-2025-22104
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zs1j-hpbv-7qbz
Fixing_vulnerabilities
Risk_score3.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/linux@6.12.73-1