Linux kernel
This hub aggregates every CVE we track for Linux kernel, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.
15,045
CVEs tracked
232
Critical
4,565
High
31
In CISA KEV
Severity distribution
MEDIUM9,794HIGH4,565LOW454CRITICAL232
Monthly trend
303
279
415
280
356
229
910
207
281
551
376
404
188
738
631
97
406
170
51
170
377
1023
256
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Linux kernel.
- CVE-2026-53322vfio/pci: Clean up DMABUFs before disabling function8.8
- CVE-2026-53309ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison9.8
- CVE-2026-53300net: enetc: fix NTMP DMA use-after-free issue7.8
- CVE-2026-53290drm/xe/eustall: Fix drm_dev_put called before stream disable in close7.8
- CVE-2026-53284btrfs: only release the dirty pages io tree after successful writes7.5
- CVE-2026-53281iommu/vt-d: Avoid NULL pointer dereference or refcount corruption8.8
- CVE-2026-53277KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation8.8
- CVE-2026-53276Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer7.8
- CVE-2026-53275ipv6: mcast: Fix use-after-free when processing MLD queries8.8
- CVE-2026-53273tee: optee: prevent use-after-free when the client exits before the supplicant7.8
- CVE-2026-53270ipvs: clear the svc scheduler ptr early on edit7.8
- CVE-2026-53268netfilter: conntrack_irc: fix possible out-of-bounds read8.2
- CVE-2026-53267netfilter: nft_ct: bail out on template ct in get eval7.8
- CVE-2026-53266netfilter: bridge: make ebt_snat ARP rewrite writable8.8
- CVE-2026-53265dm cache policy smq: check allocation under invalidate lock7.8
Product normalization is registry-driven with AI assist and human review. How it works