|
11
|
9.1 |
CRITICAL
Network
|
zfnd
|
zebra-script
zebrad
|
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-script version 5.0.2, after a refactoring, Zebra failed to validate a consensus rule that restricted t…
New
|
CWE-573
Improper Following of Specification by Caller
|
CVE-2026-41583
|
2026-05-9 03:44 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: use skb_header_pointer() for TCPv4 GSO frag_off check
Syzbot reported a KMSAN uninit-value warning in gso_features_check()
c…
Update
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-43036
|
2026-05-9 03:44 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak
When building netlink messages…
Update
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-43035
|
2026-05-9 03:43 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
9.1 |
CRITICAL
Network
|
zfnd
|
zebra-script
zebrad
|
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0 and prior to zebra-script version 6.0.0, the fix for CVE-2026-41583 introduced a separate issue due to insufficient error…
New
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2026-44497
|
2026-05-9 03:42 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bnxt_en: set backing store type from query type
bnxt_hwrm_func_backing_store_qcaps_v2() stores resp->type from the
firmware respo…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43034
|
2026-05-9 03:41 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
7.5 |
HIGH
Network
|
zfnd
|
zebrad
|
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), al…
New
|
CWE-682
Incorrect Calculation
|
CVE-2026-44498
|
2026-05-9 03:40 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption
When decrypting data that is not in-place (src …
Update
|
NVD-CWE-noinfo
|
CVE-2026-43033
|
2026-05-9 03:40 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
NFC: pn533: bound the UART receive buffer
pn532_receive_buf() appends every incoming byte to dev->recv_skb and
only resets the bu…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43032
|
2026-05-9 03:39 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets
When a TX packet spans multiple buffer descriptors (scatter-gath…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43031
|
2026-05-9 03:38 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
bpf: Fix regsafe() for pointers to packet
In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N
regsafe() may retur…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43030
|
2026-05-9 03:36 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
