| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-43293 | media: chips-media: wave5: Fix kthread worker destruction in polling mode | Linux | Linux | - | - | 2026-05-08 13:11:17 | Deep Dive |
| CVE-2026-43292 | mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node | Linux | Linux | 中危 | - | 2026-05-08 13:11:16 | Deep Dive |
| CVE-2026-43291 | net: nfc: nci: Fix parameter validation for packet data | Linux | Linux | High | 8.3 | 2026-05-08 13:11:15 | Deep Dive |
| CVE-2026-43290 | media: uvcvideo: Return queued buffers on start_streaming() failure | Linux | Linux | High | 7.8 | 2026-05-08 13:11:15 | Deep Dive |
| CVE-2026-43289 | kexec: derive purgatory entry from symbol | Linux | Linux | - | - | 2026-05-08 13:11:14 | Deep Dive |
| CVE-2026-41491 | Dapr: Service Invocation path traversal ACL bypass | dapr | dapr | High | 8.1 | 2026-05-08 13:11:13 | Deep Dive |
| CVE-2026-43288 | ext4: move ext4_percpu_param_init() before ext4_mb_init() | Linux | Linux | - | - | 2026-05-08 13:11:13 | Deep Dive |
| CVE-2026-43287 | drm: Account property blob allocations to memcg | Linux | Linux | 中危 | - | 2026-05-08 13:11:13 | Deep Dive |
| CVE-2026-43286 | mm/hugetlb: restore failed global reservations to subpool | Linux | Linux | - | - | 2026-05-08 13:11:12 | Deep Dive |
| CVE-2026-43285 | mm/slab: do not access current->mems_allowed_seq if !allow_spin | Linux | Linux | - | - | 2026-05-08 13:11:11 | Deep Dive |
| CVE-2025-71299 | spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing | Linux | Linux | - | - | 2026-05-08 13:11:11 | Deep Dive |
| CVE-2025-71298 | drm/tests: shmem: Hold reservation lock around madvise | Linux | Linux | - | - | 2026-05-08 13:11:10 | Deep Dive |
| CVE-2025-71297 | wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() | Linux | Linux | 中危 | - | 2026-05-08 13:11:09 | Deep Dive |
| CVE-2025-71296 | drm/tests: shmem: Hold reservation lock around purge | Linux | Linux | 中危 | - | 2026-05-08 13:11:08 | Deep Dive |
| CVE-2026-41423 | Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server | angular | angular | - | - | 2026-05-08 13:06:59 | Deep Dive |
| CVE-2026-41161 | Username Enumeration via Timing Attack | Sync-in | server | - | - | 2026-05-08 13:00:54 | Deep Dive |
| CVE-2022-50994 | DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi | DrayTek | Vigor 2960 | High | 8.1 | 2026-05-08 12:35:09 | Deep Dive |
| CVE-2026-25199 | Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access | Apache Software Foundation | Apache CloudStack | - | - | 2026-05-08 12:22:56 | Deep Dive |
| CVE-2026-25077 | Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates | Apache Software Foundation | Apache CloudStack | - | - | 2026-05-08 12:21:27 | Deep Dive |
| CVE-2025-69233 | Apache CloudStack: Domain/account resources limits not honored | Apache Software Foundation | Apache CloudStack | Medium | 6.5 | 2026-05-08 12:19:31 | Deep Dive |