Vendor advisories
60 alerts in this category.
Vendor-issued security advisories — the official statements from product vendors about vulnerabilities affecting their software, including patch timelines, workarounds, and detection guidance.
USN-8270-1: Exim vulnerability
It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-8263-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specially crafted
UbuntuCVE-2018-15607CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
Microsoft Security Response Center published an advisory on "CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present". Topic areas: microsoft, windows, azure, patch. Publ
CVE-2026-43500DSA-6264-1 dnsmasq - security update
https://security-tracker.debian.org/tracker/DSA-6264-1
DebianUSN-8255-2: Linux kernel (Azure) vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker coul
LinuxCVE-2023-2640USN-8254-2: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; -
LinuxCVE-2026-23112USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
LinuxCVE-2023-53421CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
Microsoft Security Response Center published an advisory on "CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side". Topic areas: microsoft, windows, azure, patch. Published
CVE-2025-68304USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
LinuxCVE-2022-49046CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free
Microsoft Security Response Center published an advisory on "CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the
CVE-2025-21714CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
Microsoft Security Response Center published an advisory on "CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails". Topic areas: microsoft, windows, azure, patch. Published May 11
CVE-2025-21723CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands
Microsoft Security Response Center published an advisory on "CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands". Topic areas: microsoft, windows, azure, patch. Publis
CVE-2026-42257CVE-2026-45186
Microsoft Security Response Center published an advisory on "CVE-2026-45186". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the original source linked under References for
CVE-2026-45186CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()
Microsoft Security Response Center published an advisory on "CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-31707CVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_get
Microsoft Security Response Center published an advisory on "CVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_get". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43474CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair
Microsoft Security Response Center published an advisory on "CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-43042CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC
Microsoft Security Response Center published an advisory on "CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC". Topic areas: microsoft, windows, azure, patch. Publis
CVE-2026-43310CVE-2026-43319 spi: spidev: fix lock inversion between spi_lock and buf_lock
Microsoft Security Response Center published an advisory on "CVE-2026-43319 spi: spidev: fix lock inversion between spi_lock and buf_lock". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43319CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()
Microsoft Security Response Center published an advisory on "CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43456CVE-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()
Microsoft Security Response Center published an advisory on "CVE-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()". Topic areas: microsoft, windows, azure, patch.
CVE-2026-31715CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing
Microsoft Security Response Center published an advisory on "CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing". Topic areas: microsoft, windows, azure, patch.
CVE-2025-71299CVE-2026-43299 btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()
Microsoft Security Response Center published an advisory on "CVE-2026-43299 btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()". Topic areas: microsoft, windows, azure, patch
CVE-2026-43299CVE-2026-43344 perf/x86/intel/uncore: Fix die ID init and look up bugs
Microsoft Security Response Center published an advisory on "CVE-2026-43344 perf/x86/intel/uncore: Fix die ID init and look up bugs". Topic areas: microsoft, windows, azure, patch. Published May 11, 2
IntelCVE-2026-43344CVE-2026-43321 bpf: Properly mark live registers for indirect jumps
Microsoft Security Response Center published an advisory on "CVE-2026-43321 bpf: Properly mark live registers for indirect jumps". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43321CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl
Microsoft Security Response Center published an advisory on "CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl". Topic areas: microsoft, windows, azure, patch. Published
AMDCVE-2026-43400CVE-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking
Microsoft Security Response Center published an advisory on "CVE-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking". Topic areas: microsoft, windows, azure, patch. Published
CVE-2026-43009CVE-2026-31729 usb: typec: ucsi: validate connector number in ucsi_notify_common()
Microsoft Security Response Center published an advisory on "CVE-2026-31729 usb: typec: ucsi: validate connector number in ucsi_notify_common()". Topic areas: microsoft, windows, azure, patch. Publish
CVE-2026-31729CVE-2026-43300 drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
Microsoft Security Response Center published an advisory on "CVE-2026-43300 drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()". Topic areas: microsoft, windows, azure, patch
CVE-2026-43300CVE-2026-43338 btrfs: reserve enough transaction items for qgroup ioctls
Microsoft Security Response Center published an advisory on "CVE-2026-43338 btrfs: reserve enough transaction items for qgroup ioctls". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-43338CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault
Microsoft Security Response Center published an advisory on "CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault". Topic areas: microsoft, windows, azure, patch. Pub
CVE-2026-7261CVE-2026-43416 powerpc, perf: Check that current->mm is alive before getting user callchain
Microsoft Security Response Center published an advisory on "CVE-2026-43416 powerpc, perf: Check that current->mm is alive before getting user callchain". Topic areas: microsoft, windows, azure, patch
CVE-2026-43416CVE-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync
Microsoft Security Response Center published an advisory on "CVE-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43019CVE-2026-43443 ASoC: amd: acp-mach-common: Add missing error check for clock acquisition
Microsoft Security Response Center published an advisory on "CVE-2026-43443 ASoC: amd: acp-mach-common: Add missing error check for clock acquisition". Topic areas: microsoft, windows, azure, patch. P
AMDCVE-2026-43443CVE-2026-43053 xfs: close crash window in attr dabtree inactivation
Microsoft Security Response Center published an advisory on "CVE-2026-43053 xfs: close crash window in attr dabtree inactivation". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43053CVE-2026-31706 ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()
Microsoft Security Response Center published an advisory on "CVE-2026-31706 ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()". Topic areas: microsoft, windows, azure, patch. Publishe
CVE-2026-31706CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()
Microsoft Security Response Center published an advisory on "CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()". Topic areas: microsoft, windows, azure, patch.
CVE-2026-43308CVE-2026-43298 drm/amdgpu: Skip vcn poison irq release on VF
Microsoft Security Response Center published an advisory on "CVE-2026-43298 drm/amdgpu: Skip vcn poison irq release on VF". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See t
AMDCVE-2026-43298CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
Microsoft Security Response Center published an advisory on "CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue". Topic areas: microsoft, windows, azure, patch. Publishe
CVE-2026-43352CVE-2025-71302 drm/panthor: fix for dma-fence safe access rules
Microsoft Security Response Center published an advisory on "CVE-2025-71302 drm/panthor: fix for dma-fence safe access rules". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. Se
CVE-2025-71302CVE-2026-43294 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
Microsoft Security Response Center published an advisory on "CVE-2026-43294 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels". Topic areas: microsoft, windows, azure, pat
CVE-2026-43294CVE-2026-31709 smb: client: validate the whole DACL before rewriting it in cifsacl
Microsoft Security Response Center published an advisory on "CVE-2026-31709 smb: client: validate the whole DACL before rewriting it in cifsacl". Topic areas: microsoft, windows, azure, patch. Publish
CVE-2026-31709CVE-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-31724CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing
Microsoft Security Response Center published an advisory on "CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing". Topic areas: microsoft, windows, azure, patch. Publi
CVE-2026-42246CVE-2026-43320 drm/amd/display: Fix dsc eDP issue
Microsoft Security Response Center published an advisory on "CVE-2026-43320 drm/amd/display: Fix dsc eDP issue". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the original
AMDCVE-2026-43320CVE-2026-31722 usb: gadget: f_rndis: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31722 usb: gadget: f_rndis: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published M
CVE-2026-31722CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-31725CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers
Microsoft Security Response Center published an advisory on "CVE-2026-31771 Bluetooth: hci_event: move wake reason storage into validated event handlers". Topic areas: microsoft, windows, azure, patch
CVE-2026-31771CVE-2026-43052 wifi: mac80211: check tdls flag in ieee80211_tdls_oper
Microsoft Security Response Center published an advisory on "CVE-2026-43052 wifi: mac80211: check tdls flag in ieee80211_tdls_oper". Topic areas: microsoft, windows, azure, patch. Published May 11, 20
CVE-2026-43052CVE-2026-43421 usb: gadget: f_ncm: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-43421 usb: gadget: f_ncm: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43421CVE-2026-31712 ksmbd: require minimum ACE size in smb_check_perm_dacl()
Microsoft Security Response Center published an advisory on "CVE-2026-31712 ksmbd: require minimum ACE size in smb_check_perm_dacl()". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-31712CVE-2026-43305 drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path
Microsoft Security Response Center published an advisory on "CVE-2026-43305 drm/amd/display: Fix mismatched unlock for DMUB HW lock in HWSS fast path". Topic areas: microsoft, windows, azure, patch. P
AMDCVE-2026-43305CVE-2026-31777 ALSA: ctxfi: Check the error for index mapping
Microsoft Security Response Center published an advisory on "CVE-2026-31777 ALSA: ctxfi: Check the error for index mapping". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See
CVE-2026-31777CVE-2026-31723 usb: gadget: f_subset: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31723 usb: gadget: f_subset: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published
CVE-2026-31723CVE-2026-42258 net-imap: Command Injection via unvalidated Symbol inputs
Microsoft Security Response Center published an advisory on "CVE-2026-42258 net-imap: Command Injection via unvalidated Symbol inputs". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-42258CVE-2026-43292 mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node
Microsoft Security Response Center published an advisory on "CVE-2026-43292 mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43292CVE-2026-43010 bpf: Reject sleepable kprobe_multi programs at attach time
Microsoft Security Response Center published an advisory on "CVE-2026-43010 bpf: Reject sleepable kprobe_multi programs at attach time". Topic areas: microsoft, windows, azure, patch. Published May 11
CVE-2026-43010CVE-2026-6735 XSS within PHP-FPM status endpoint
Microsoft Security Response Center published an advisory on "CVE-2026-6735 XSS within PHP-FPM status endpoint". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the original
CVE-2026-6735CVE-2026-43318 drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify
Microsoft Security Response Center published an advisory on "CVE-2026-43318 drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify". Topic areas: microsoft, windows, azure, patch. Published May 1
AMDCVE-2026-43318CVE-2026-43353 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue
Microsoft Security Response Center published an advisory on "CVE-2026-43353 i3c: mipi-i3c-hci: Fix race in DMA ring dequeue". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See
CVE-2026-43353CVE-2026-43309 md raid: fix hang when stopping arrays with metadata through dm-raid
Microsoft Security Response Center published an advisory on "CVE-2026-43309 md raid: fix hang when stopping arrays with metadata through dm-raid". Topic areas: microsoft, windows, azure, patch. Publis
CVE-2026-43309
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan