CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-53294
High

In the Linux kernel, the mailbox-test driver has a double-free vulnerability when the RX channel is aliased to the TX channel with different MMIO. Freeing both channels triggers the bug.

CVE-2026-53293
Medium

In the Linux kernel, multiple bugs were found in the amdgpu driver's AMDGPU_INFO_READ_MMR_REG function. Issues include incorrect lock ordering (reset semaphore and mm_lock), memory allocation while holding the reset semaphore, and using down_read_trylock() instead of waiting for reset completion.

CVE-2026-53292
Medium

A vulnerability in the Linux kernel's Phonet subsystem causes a kernel BUG in pn_socket_autobind() when socket binding fails. The issue occurs when pn_socket_bind() returns -EINVAL due to invalid socket state with a zero port, leading to a kernel panic from a user-triggerable path.

CVE-2026-53291
Medium

In the Conexant audio driver for the Linux kernel, the return value of the jack detection registration function is not checked. If memory allocation fails, the driver continues with an unregistered callback, potentially causing a kernel crash.

CVE-2026-53290
High

In the Linux kernel, a use-after-free vulnerability was found in the DRM driver for Intel Xe GPUs. The xe_eu_stall_stream_close() function called drm_dev_put() before disabling the stream and freeing resources, potentially accessing freed memory.

CVE-2026-53289
Medium

In the Linux kernel's ice driver, a NULL pointer dereference vulnerability was found in ice_reset_all_vfs(). When VSI rebuild fails (e.g., during NVM firmware update), txq_map and rxq_map remain NULL, and subsequent ice_vf_post_vsi_rebuild() call causes a kernel panic.

CVE-2026-53288
Medium

In the Linux kernel for ARM64 architecture, a vulnerability was found due to insufficient reserved pages for early kernel mapping. This can cause a buffer overflow and potentially compromise system stability.

CVE-2026-53287
Medium

A copy-paste error in the Linux kernel's audit_log_capset() function causes CAPSET audit records to report the effective capability set in the inheritable field instead of the actual inheritable set. This bug has been present since 2008.

CVE-2026-53286
High

In the Linux kernel's idpf driver, a vulnerability causes double free and use-after-free in auxiliary device error paths. When auxiliary_device_add() fails, the error handling code incorrectly falls through, freeing the same iadev structure twice and accessing freed memory.

CVE-2026-53285
Medium

In the Linux kernel, a bug in the AMD Display driver (DCN32) causes a kernel crash when allocating memory for phantom planes. The issue occurs because dcn32_enable_phantom_plane() calls kvzalloc() within a softirq-disabled region, triggering BUG_ON(in_interrupt()).

CVE-2026-53284
High

In the Linux kernel's Btrfs filesystem, a bug was found where the dirty_pages io tree was prematurely cleared after a failed write during transaction commit. This caused dirty extent buffers to not be properly cleaned up during unmount, leading to warnings and potential data loss.

CVE-2026-53283
Medium

In the Linux kernel AMD IOMMU driver, a missing bounds check for the device ID (devid) in __rlookup_amd_iommu() caused an out-of-bounds read and a general protection fault (GPF) at boot when a PCI device was not described in the IVRS table.

CVE-2026-53282
Medium

A vulnerability was found in the Linux kernel's kexec mechanism. After recent changes, in a non-kjump kexec path the return address is no longer pushed onto the stack, causing purgatory code to attempt reading a non-existent address, leading to a fault and potential system hang.

CVE-2026-53281
High

In the Linux kernel iommu/vt-d driver, a vulnerability was found causing NULL pointer dereference or refcount corruption. The issue occurs when teardown operations are executed without checking if the dev_pasid structure exists, potentially leading to system crash or memory safety violation.

CVE-2026-53280
Medium

A vulnerability in the Linux kernel's pci_dev_reset_iommu_done() function was found where the IOMMU group domain pointer can be NULL if default domain allocation fails during first probe. This leads to a NULL pointer dereference and system crash when attempting to re-attach the device to the domain.

CVE-2026-53279
Medium

In the Linux kernel, the gma500 DRM driver for Oaktrail LVDS displays has a bug causing a hang during initialization. The LVDS init code retrieves an I2C adapter via i2c_get_adapter() and on failure attempts to deregister and free also that adapter, which was not allocated by the driver. Since i2c_get_adapter() increments the reference count, the deregistration waits indefinitely for the reference to be released, resulting in a permanent hang.

CVE-2026-53278
Medium

In the Linux kernel ARM MPAM subsystem, a NULL pointer dereference vulnerability was found in __destroy_component_cfg(). The issue occurs when the function is called from mpam_disable() before the configuration array is allocated, leading to a system crash.

CVE-2026-52785
Critical

OpenProject before versions 17.3.3 and 17.4.1 contains a SQL injection vulnerability in the timestamps functionality. Attackers can exploit the timestamps parameter to execute unauthorized database queries.

CVE-2026-52784
High

In OpenProject before versions 17.3.3 and 17.4.1, there is a CSRF vulnerability on the /users/:id path via the POST parameter user[admin]. An attacker can exploit this to unauthorizedly change admin privileges.

CVE-2026-52783
High

OpenProject versions prior to 17.3.3 and 17.4.1 store the OneDrive/SharePoint userless OAuth access token in plaintext in Rails.cache under a deterministic key. The token is continuously refreshed by an hourly cron and OAuth call sites, and none of the allowed cache backends (file_store, memcache, redis) encrypt data at rest.

PreviousPage 159 of 4564Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS