|
2861
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix signededness bug in smb_direct_prepare_negotiation()
smb_direct_prepare_negotiation() casts an unsigned __u32 value
fr…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-43185
|
2026-05-12 05:52 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2862
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35
[Why]
A backport of the change made for DCN401 th…
|
NVD-CWE-noinfo
|
CVE-2026-43191
|
2026-05-12 05:51 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2863
|
8.2 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: xt_tcpmss: check remaining length before reading optlen
Quoting reporter:
In net/netfilter/xt_tcpmss.c (lines 53-68)…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43190
|
2026-05-12 05:50 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2864
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: v4l2-async: Fix error handling on steps after finding a match
Once an async connection is found to be matching with an fwn…
|
NVD-CWE-noinfo
|
CVE-2026-43189
|
2026-05-12 05:47 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2865
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data()
On the receive path, __ioam6_fill_trace_data() uses trace->node…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-43186
|
2026-05-12 05:40 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2866
|
8.8 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
xfs: delete attr leaf freemap entries when empty
Back in commit 2a2b5932db6758 ("xfs: fix attr leaf header freemap.size
underflow…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-43187
|
2026-05-12 05:38 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2867
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ceph: do not propagate page array emplacement errors as batch errors
When fscrypt is enabled, move_dirty_folio_in_page_array() ma…
|
NVD-CWE-noinfo
|
CVE-2026-43188
|
2026-05-12 05:38 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2868
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
dm mpath: Add missing dm_put_device when failing to get scsi dh name
When commit fd81bc5cca8f ("scsi: device_handler: Return erro…
|
NVD-CWE-noinfo
|
CVE-2026-43192
|
2026-05-12 05:36 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2869
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
nfsd: fix nfs4_file refcount leak in nfsd_get_dir_deleg()
Claude pointed out that there is a nfs4_file refcount leak in
nfsd_get_…
|
NVD-CWE-Other
|
CVE-2026-43193
|
2026-05-12 05:36 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2870
|
9.6 |
CRITICAL
Network
|
praison
|
praisonai
|
PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP (Model Context Protocol) server (praisonai mcp serve) registers four file-handling tools by default — praisonai.rules…
|
CWE-20
CWE-22
CWE-94
CWE-829
CWE-913
Improper Input Validation
Path Traversal
Code Injection
Inclusion of Functionality from Untrusted Control Sphere
Improper Control of Dynamically-Managed Code Resources
|
CVE-2026-44336
|
2026-05-12 05:25 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
