Critical-severity advisories
60 alerts in this category.
CVEs and security advisories rated CRITICAL — exploitation is trivial or already observed in the wild and impact is severe. These are the alerts that get prioritized first in any sane vulnerability-management program.
USN-8270-1: Exim vulnerability
It was discovered that Exim incorrectly handled BDAT body parsing. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.
Talos Intelligence Advisory — May 12, 2026
Talos Intelligence published an research on "Talos Intelligence Advisory — May 12, 2026". Topic areas: cisco, talos, malware, threat-intel. Published May 12, 2026. See the original source linked under
LinuxUSN-8263-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain malformed image files in certain instances. If a user or automated system using ImageMagick were tricked into opening a specially crafted
UbuntuCVE-2018-15607CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
Microsoft Security Response Center published an advisory on "CVE-2026-43500 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present". Topic areas: microsoft, windows, azure, patch. Publ
CVE-2026-43500SANS Internet Storm Center Advisory — May 12, 2026
SANS Internet Storm Center published an research on "SANS Internet Storm Center Advisory — May 12, 2026". Topic areas: sans, isc, incident, daily-summary. Published May 12, 2026. See the original sour
Long Term Support Channel Update for ChromeOS
Google Chrome Releases published an advisory on "Long Term Support Channel Update for ChromeOS". Topic areas: google, chrome, browser, patch. Published May 11, 2026. See the original source linked und
GoogleCVE-2026-3921Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools
Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders. The post Inside AD CS Escalation: Unpacking Advan
DSA-6264-1 dnsmasq - security update
https://security-tracker.debian.org/tracker/DSA-6264-1
DebianSANS Internet Storm Center Advisory — May 11, 2026
Apple today released its typical feature update across it's operating systems (iOS, iPadOS, macOS, tvOS, watchOS, vision OS). With this update, Apple patched 84 different vulnerabilities. Upd
AppleCVE-2025-4352411th May – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, the US education technology company behin
MicrosoftCVE-2026-4670VU#471747: dnsmasq contains several vulnerabilities, including attacker DNS redirect, privilege escalation, and heap manipulation
Overview dnsmasq is affected by multiple memory safety and input validation vulnerabilities, including heap buffer overflows, heap corruption, and code execution flaws. Collectively, these vulnerabili
AWSCVE-2026-2291USN-8255-2: Linux kernel (Azure) vulnerabilities
Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker coul
LinuxCVE-2023-2640USN-8266-1: Linux kernel vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary
LinuxCVE-2026-23268USN-8267-1: Linux kernel vulnerabilities
Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module (LSM). An unprivileged local attacker could use these issues to load, replace, and remove arbitrary
LinuxCVE-2026-23268SANS Internet Storm Center Advisory — May 11, 2026
A few months ago, I implemented Cloudflare's Turnstile CAPTCHA on some pages. The reason for implementing these CAPTCHAs is obvious: Bots make up a large percentage of traffic and affect site
GoogleVU#937808: Casdoor contains Arbitrary File Write vulnerability
Overview Casdoor contains an arbitrary file write vulnerability in the implementation of its "Local File System" storage provider. Due to insufficient sanitization of user-supplied paths, an authentic
CVE-2026-6815GTIG AI Threat Tracker: Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access
Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations
GoogleUSN-8254-2: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; -
LinuxCVE-2026-23112USN-8265-1: Linux kernel (NVIDIA Tegra) vulnerabilities
Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as En
LinuxCVE-2024-36347USN-8180-6: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
LinuxCVE-2023-53421CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
Microsoft Security Response Center published an advisory on "CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side". Topic areas: microsoft, windows, azure, patch. Published
CVE-2025-68304CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE
Microsoft Security Response Center published an advisory on "CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. Se
CVE-2025-21833USN-8200-3: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture
LinuxCVE-2022-49046CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free
Microsoft Security Response Center published an advisory on "CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the
CVE-2025-21714CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
Microsoft Security Response Center published an advisory on "CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails". Topic areas: microsoft, windows, azure, patch. Published May 11
CVE-2025-21723CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands
Microsoft Security Response Center published an advisory on "CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands". Topic areas: microsoft, windows, azure, patch. Publis
CVE-2026-42257CVE-2026-45186
Microsoft Security Response Center published an advisory on "CVE-2026-45186". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the original source linked under References for
CVE-2026-45186CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()
Microsoft Security Response Center published an advisory on "CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-31707CVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_get
Microsoft Security Response Center published an advisory on "CVE-2026-43474 fs: init flags_valid before calling vfs_fileattr_get". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43474CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair
Microsoft Security Response Center published an advisory on "CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-43042CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC
Microsoft Security Response Center published an advisory on "CVE-2026-43310 media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC". Topic areas: microsoft, windows, azure, patch. Publis
CVE-2026-43310CVE-2026-43319 spi: spidev: fix lock inversion between spi_lock and buf_lock
Microsoft Security Response Center published an advisory on "CVE-2026-43319 spi: spidev: fix lock inversion between spi_lock and buf_lock". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43319CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()
Microsoft Security Response Center published an advisory on "CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43456CVE-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()
Microsoft Security Response Center published an advisory on "CVE-2026-31715 f2fs: fix UAF caused by decrementing sbi->nr_pages[] in f2fs_write_end_io()". Topic areas: microsoft, windows, azure, patch.
CVE-2026-31715CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing
Microsoft Security Response Center published an advisory on "CVE-2025-71299 spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing". Topic areas: microsoft, windows, azure, patch.
CVE-2025-71299CVE-2026-43299 btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()
Microsoft Security Response Center published an advisory on "CVE-2026-43299 btrfs: do not ASSERT() when the fs flips RO inside btrfs_repair_io_failure()". Topic areas: microsoft, windows, azure, patch
CVE-2026-43299CVE-2026-43344 perf/x86/intel/uncore: Fix die ID init and look up bugs
Microsoft Security Response Center published an advisory on "CVE-2026-43344 perf/x86/intel/uncore: Fix die ID init and look up bugs". Topic areas: microsoft, windows, azure, patch. Published May 11, 2
IntelCVE-2026-43344CVE-2026-43321 bpf: Properly mark live registers for indirect jumps
Microsoft Security Response Center published an advisory on "CVE-2026-43321 bpf: Properly mark live registers for indirect jumps". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43321CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl
Microsoft Security Response Center published an advisory on "CVE-2026-43400 drm/amdgpu: add upper bound check on user inputs in signal ioctl". Topic areas: microsoft, windows, azure, patch. Published
AMDCVE-2026-43400CVE-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking
Microsoft Security Response Center published an advisory on "CVE-2026-43009 bpf: Fix incorrect pruning due to atomic fetch precision tracking". Topic areas: microsoft, windows, azure, patch. Published
CVE-2026-43009CVE-2026-31729 usb: typec: ucsi: validate connector number in ucsi_notify_common()
Microsoft Security Response Center published an advisory on "CVE-2026-31729 usb: typec: ucsi: validate connector number in ucsi_notify_common()". Topic areas: microsoft, windows, azure, patch. Publish
CVE-2026-31729CVE-2026-43300 drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()
Microsoft Security Response Center published an advisory on "CVE-2026-43300 drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove()". Topic areas: microsoft, windows, azure, patch
CVE-2026-43300CVE-2026-43338 btrfs: reserve enough transaction items for qgroup ioctls
Microsoft Security Response Center published an advisory on "CVE-2026-43338 btrfs: reserve enough transaction items for qgroup ioctls". Topic areas: microsoft, windows, azure, patch. Published May 11,
CVE-2026-43338CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault
Microsoft Security Response Center published an advisory on "CVE-2026-7261 SoapServer session-persisted object use-after-free via SOAP header fault". Topic areas: microsoft, windows, azure, patch. Pub
CVE-2026-7261CVE-2026-43416 powerpc, perf: Check that current->mm is alive before getting user callchain
Microsoft Security Response Center published an advisory on "CVE-2026-43416 powerpc, perf: Check that current->mm is alive before getting user callchain". Topic areas: microsoft, windows, azure, patch
CVE-2026-43416CVE-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync
Microsoft Security Response Center published an advisory on "CVE-2026-43019 Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-43019CVE-2026-43443 ASoC: amd: acp-mach-common: Add missing error check for clock acquisition
Microsoft Security Response Center published an advisory on "CVE-2026-43443 ASoC: amd: acp-mach-common: Add missing error check for clock acquisition". Topic areas: microsoft, windows, azure, patch. P
AMDCVE-2026-43443CVE-2026-43053 xfs: close crash window in attr dabtree inactivation
Microsoft Security Response Center published an advisory on "CVE-2026-43053 xfs: close crash window in attr dabtree inactivation". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026
CVE-2026-43053CVE-2026-31706 ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()
Microsoft Security Response Center published an advisory on "CVE-2026-31706 ksmbd: validate num_aces and harden ACE walk in smb_inherit_dacl()". Topic areas: microsoft, windows, azure, patch. Publishe
CVE-2026-31706CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()
Microsoft Security Response Center published an advisory on "CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()". Topic areas: microsoft, windows, azure, patch.
CVE-2026-43308CVE-2026-43298 drm/amdgpu: Skip vcn poison irq release on VF
Microsoft Security Response Center published an advisory on "CVE-2026-43298 drm/amdgpu: Skip vcn poison irq release on VF". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See t
AMDCVE-2026-43298CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue
Microsoft Security Response Center published an advisory on "CVE-2026-43352 i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue". Topic areas: microsoft, windows, azure, patch. Publishe
CVE-2026-43352CVE-2025-71302 drm/panthor: fix for dma-fence safe access rules
Microsoft Security Response Center published an advisory on "CVE-2025-71302 drm/panthor: fix for dma-fence safe access rules". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. Se
CVE-2025-71302CVE-2026-43294 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels
Microsoft Security Response Center published an advisory on "CVE-2026-43294 drm: renesas: rz-du: mipi_dsi: fix kernel panic when rebooting for some panels". Topic areas: microsoft, windows, azure, pat
CVE-2026-43294CVE-2026-31709 smb: client: validate the whole DACL before rewriting it in cifsacl
Microsoft Security Response Center published an advisory on "CVE-2026-31709 smb: client: validate the whole DACL before rewriting it in cifsacl". Topic areas: microsoft, windows, azure, patch. Publish
CVE-2026-31709CVE-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31724 usb: gadget: f_eem: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-31724CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing
Microsoft Security Response Center published an advisory on "CVE-2026-42246 net-imap vulnerable to STARTTLS stripping via invalid response timing". Topic areas: microsoft, windows, azure, patch. Publi
CVE-2026-42246CVE-2026-43320 drm/amd/display: Fix dsc eDP issue
Microsoft Security Response Center published an advisory on "CVE-2026-43320 drm/amd/display: Fix dsc eDP issue". Topic areas: microsoft, windows, azure, patch. Published May 11, 2026. See the original
AMDCVE-2026-43320CVE-2026-31722 usb: gadget: f_rndis: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31722 usb: gadget: f_rndis: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published M
CVE-2026-31722CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move
Microsoft Security Response Center published an advisory on "CVE-2026-31725 usb: gadget: f_ecm: Fix net_device lifecycle with device_move". Topic areas: microsoft, windows, azure, patch. Published May
CVE-2026-31725
Get alerts that match YOUR environment
This page shows everything in the category. Vulnios narrows it down to alerts that affect your actual asset inventory — only the CVEs you need to act on.
Start a free scan