NVD

Icon for New NVD Communications and Status Updates Page

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Legal Disclaimer:

Here is where you can read the NVD legal disclaimer.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

CVE-2025-39911 - In the Linux kernel, the following vulnerability has been resolved: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path If request_irq() in i40e_vsi_request_irq_msix() fails in an iteration later than the first, the error path wants to... read CVE-2025-39911
Published: October 01, 2025; 4:15:34 AM -0400

V3.1: 7.8 HIGH
CVE-2026-21858 - n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant ac... read CVE-2026-21858
Published: January 07, 2026; 7:15:59 PM -0500
CVE-2025-39909 - In the Linux kernel, the following vulnerability has been resolved: mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() Patch series "mm/damon: avoid divide-by-zero in DAMON module's parameters application". DAMON's REC... read CVE-2025-39909
Published: October 01, 2025; 4:15:33 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-68926 - RustFS is a distributed object storage system built in Rust. In versions prior to 1.0.0-alpha.78, RustFS implements gRPC authentication using a hardcoded static token `"rustfs rpc"` that is publicly exposed in the source code repository, hardcoded... read CVE-2025-68926
Published: December 30, 2025; 12:15:43 PM -0500
CVE-2025-39907 - In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer Avoid below overlapping mappings by using a contiguous non-cacheable buffer. [ 4.077708] DMA-API: stm32_fm... read CVE-2025-39907
Published: October 01, 2025; 4:15:33 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39902 - In the Linux kernel, the following vulnerability has been resolved: mm/slub: avoid accessing metadata when pointer is invalid in object_err() object_err() reports details of an object for further debugging, such as the freelist pointer, redzone,... read CVE-2025-39902
Published: October 01, 2025; 4:15:32 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-39894 - In the Linux kernel, the following vulnerability has been resolved: netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm When send a broadcast packet to a tap device, which was added to a bridge, br_nf_local_in()... read CVE-2025-39894
Published: October 01, 2025; 4:15:31 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-68705 - RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-alpha.78, RustFS contains a path traversal vulnerability in the /rustfs/rpc/read_file_stream endpoint. This issue has been patched in version 1.0.0-al... read CVE-2025-68705
Published: January 07, 2026; 4:15:59 PM -0500

V3.1: 9.8 CRITICAL
CVE-2025-39885 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix recursive semaphore deadlock in fiemap call syzbot detected a OCFS2 hang due to a recursive semaphore on a FS_IOC_FIEMAP of the extent list on a specially crafted mma... read CVE-2025-39885
Published: September 23, 2025; 2:15:48 AM -0400

V3.1: 5.5 MEDIUM
CVE-2025-69255 - RustFS is a distributed object storage system built in Rust. In versions 1.0.0-alpha.13 to 1.0.0-alpha.77, a malformed gRPC GetMetrics request causes get_metrics to unwrap() failed deserialization of metric_type/opts, panicking the handler thread ... read CVE-2025-69255
Published: January 07, 2026; 4:16:00 PM -0500

V3.1: 4.0 MEDIUM
CVE-2025-39883 - In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory When I did memory failure tests, below panic occurs: page dumped because: VM_BUG_ON_PAGE(PagePois... read CVE-2025-39883
Published: September 23, 2025; 2:15:48 AM -0400

V3.1: 7.1 HIGH
CVE-2025-39881 - In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free (UAF) vulnerability was identified in the PSI (Pressure Stall Information) monitoring mechanism: BUG: KAS... read CVE-2025-39881
Published: September 23, 2025; 2:15:47 AM -0400

V3.1: 7.8 HIGH
CVE-2022-50459 - In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: iscsi_tcp: Fix null-ptr-deref while calling getpeername() Fix a NULL pointer crash that occurs when we are freeing the socket at the same time we access it via sysf... read CVE-2022-50459
Published: October 01, 2025; 8:15:39 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50458 - In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need an... read CVE-2022-50458
Published: October 01, 2025; 8:15:39 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50457 - In the Linux kernel, the following vulnerability has been resolved: mtd: core: Fix refcount error in del_mtd_device() del_mtd_device() will call of_node_put() to mtd_get_of_node(mtd), which is mtd->dev.of_node. However, memset(&mtd->dev, 0) is c... read CVE-2022-50457
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50456 - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix resolving backrefs for inline extent followed by prealloc If a file consists of an inline extent followed by a regular or prealloc extent, then a legitimate attempt t... read CVE-2022-50456
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50454 - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in nouveau_gem_prime_import_sg_table() nouveau_bo_init() is backed by ttm_bo_init() and ferries its return code back to the caller. On failures... read CVE-2022-50454
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 7.8 HIGH
CVE-2022-50453 - In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbinding the GPIO device, then calling any of the syste... read CVE-2022-50453
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50452 - In the Linux kernel, the following vulnerability has been resolved: net: sched: cake: fix null pointer access issue when cake_init() fails When the default qdisc is cake, if the qdisc of dev_queue fails to be inited during mqprio_init(), cake_re... read CVE-2022-50452
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 5.5 MEDIUM
CVE-2022-50451 - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix memory leak on ntfs_fill_super() error path syzbot reported kmemleak as below: BUG: memory leak unreferenced object 0xffff8880122f1540 (size 32): comm "a.out", ... read CVE-2022-50451
Published: October 01, 2025; 8:15:38 AM -0400

V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated August 27, 2024

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

Legal Disclaimer: