|
4011
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop()
dwc2_gadget_exit_clock_gating() internally calls call_g…
|
CWE-667
Improper Locking
|
CVE-2026-31756
|
2026-05-9 03:30 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4012
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_conntrack_helper: pass helper to expect cleanup
nf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy…
|
CWE-416
Use After Free
|
CVE-2026-43027
|
2026-05-9 03:29 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4013
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: misc: usbio: Fix URB memory leak on submit failure
When usb_submit_urb() fails in usbio_probe(), the previously allocated
UR…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-31757
|
2026-05-9 03:26 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4014
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: usbtmc: Flush anchored URBs in usbtmc_release
When calling usbtmc_release, pending anchored URBs must be flushed or
killed t…
|
CWE-416
Use After Free
|
CVE-2026-31758
|
2026-05-9 03:23 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4015
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent
ctnetlink_alloc_expect() allocates expectations from a no…
|
NVD-CWE-noinfo
|
CVE-2026-43026
|
2026-05-9 03:21 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4016
|
7.5 |
HIGH
Network
|
zfnd
|
zebra-chain
zebrad
|
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and …
|
CWE-617
Reachable Assertion
|
CVE-2026-41584
|
2026-05-9 03:21 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4017
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
usb: ulpi: fix double free in ulpi_register_interface() error path
When device_register() fails, ulpi_register() calls put_device…
|
CWE-415
Double Free
|
CVE-2026-31759
|
2026-05-9 03:20 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4018
|
6.5 |
MEDIUM
Network
|
zfnd
|
zebra-rpc
zebrad
|
ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middlewa…
|
CWE-248
CWE-617
Uncaught Exception
Reachable Assertion
|
CVE-2026-41585
|
2026-05-9 03:19 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4019
|
7.3 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ctnetlink: ignore explicit helper on new expectations
Use the existing master conntrack helper, anything else is not r…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43025
|
2026-05-9 03:17 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4020
|
- |
|
-
|
-
|
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller…
|
CWE-89
SQL Injection
|
CVE-2026-42208
|
2026-05-9 03:16 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
