[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNzAEb3za8DhAg1RiZuIThaqzKYBgYsZYiLMFcf58IyY":3},{"product":4,"cycleMajor":14,"releases":15,"cves":31,"nextMajor":119},{"id":5,"slug":6,"name":7,"category":8,"vendor":9,"description":10,"logo_url":11,"official_url":9,"synced_at":12,"created_at":13},"869a0b9c-2a21-449a-95c3-5745623dacd4","ubuntu","Ubuntu","os",null,"Developers rely on a stable and secure operating system to build and deploy their applications, and one popular choice is a Linux distribution that has been around since 2004. Created by a British company and a community of contributors, this operating system is based on Debian and composed primarily of free and open-source software. Under a meritocratic governance model, new versions are regularly released, with the latest stable version being 22.04.5. With a large community of users and contributors, this operating system is widely used in various environments, from desktops to servers, due to its flexibility and customizability.\n\nThe end-of-life landscape for this operating system is complex, with a total of 44 versions released so far. Out of these, 40 versions have already reached their end-of-life, which means they no longer receive security updates or support. Currently, only 4 versions are still active and supported, with the next version to expire being 25.10, which will reach its end-of-life on 2026-07-01. This means that developers who are still using this version should start planning their upgrade to a newer version to ensure they continue to receive security updates and support. The last version to reach its end-of-life was 25.04, which expired on 2026-01-17.\n\nThe security picture for this operating system is a concern, with a total of 161 CVEs tracked, out of which 12 are critical. The most affected version is 14.04, which has 15 CVEs, highlighting the importance of keeping the operating system up-to-date. Developers should take action to ensure they are running a supported version and apply security patches regularly to protect their systems from potential vulnerabilities. Additionally, they should monitor the Known Exploited Vulnerabilities catalog for any updates related to this operating system, and take prompt action to mitigate any known vulnerabilities.","https:\u002F\u002Fcdn.simpleicons.org\u002Fubuntu","2026-07-18T02:08:33.221+00:00","2026-05-30T16:23:56.027772+00:00","24",[16,23],{"id":17,"product_id":5,"cycle":18,"release_date":19,"eol":20,"eol_boolean":9,"latest":18,"latest_release_date":19,"lts":21,"support":20,"created_at":22},"1a0ff9c3-695b-46cc-9e19-6f9c87bc8c95","24.10","2024-10-10","2025-07-10",false,"2026-05-30T16:26:03.614798+00:00",{"id":24,"product_id":5,"cycle":25,"release_date":26,"eol":27,"eol_boolean":9,"latest":28,"latest_release_date":29,"lts":30,"support":27,"created_at":22},"e19f2351-5fc3-46df-b15e-943265dda281","24.04","2024-04-25","2029-05-31","24.04.4","2026-02-12",true,[32,40,48,54,60,68,73,80,86,91,97,98,104,111,118],{"cveId":33,"releaseId":24,"cycle":25,"description":34,"severity":35,"cvssScore":36,"epssScore":37,"inKev":21,"publishedAt":38,"url":39},"CVE-2026-47334","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.","MEDIUM",5.5,0.00078,"2026-05-28T19:16:42.203+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47334",{"cveId":41,"releaseId":24,"cycle":25,"description":42,"severity":43,"cvssScore":44,"epssScore":45,"inKev":21,"publishedAt":46,"url":47},"CVE-2026-47333","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.","HIGH",7.8,0.00107,"2026-05-28T19:16:42.073+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47333",{"cveId":49,"releaseId":24,"cycle":25,"description":50,"severity":35,"cvssScore":36,"epssScore":51,"inKev":21,"publishedAt":52,"url":53},"CVE-2026-47332","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.",0.00106,"2026-05-28T19:16:41.96+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47332",{"cveId":55,"releaseId":24,"cycle":25,"description":56,"severity":43,"cvssScore":44,"epssScore":57,"inKev":21,"publishedAt":58,"url":59},"CVE-2026-47331","Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.",0.00114,"2026-05-28T19:16:41.757+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47331",{"cveId":61,"releaseId":24,"cycle":25,"description":62,"severity":63,"cvssScore":64,"epssScore":65,"inKev":21,"publishedAt":66,"url":67},"CVE-2026-47330","Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.","LOW",3.3,0.00092,"2026-05-28T19:16:41.53+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47330",{"cveId":69,"releaseId":24,"cycle":25,"description":70,"severity":63,"cvssScore":64,"epssScore":65,"inKev":21,"publishedAt":71,"url":72},"CVE-2026-47329","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.","2026-05-28T19:16:41.02+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47329",{"cveId":74,"releaseId":24,"cycle":25,"description":75,"severity":35,"cvssScore":76,"epssScore":77,"inKev":21,"publishedAt":78,"url":79},"CVE-2026-47328","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.",6.1,0.00093,"2026-05-28T19:16:40.687+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47328",{"cveId":81,"releaseId":24,"cycle":25,"description":82,"severity":63,"cvssScore":64,"epssScore":83,"inKev":21,"publishedAt":84,"url":85},"CVE-2026-47327","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.",0.00091,"2026-05-28T19:16:40.42+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47327",{"cveId":87,"releaseId":24,"cycle":25,"description":88,"severity":35,"cvssScore":36,"epssScore":77,"inKev":21,"publishedAt":89,"url":90},"CVE-2026-47326","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.","2026-05-28T19:16:40.11+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47326",{"cveId":92,"releaseId":17,"cycle":18,"description":93,"severity":43,"cvssScore":44,"epssScore":94,"inKev":30,"publishedAt":95,"url":96},"CVE-2026-31431","In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Revert to operating out-of-place\n\nThis mostly reverts commit 72548b093ee3 except for the copying of\nthe associated data.\n\nThere is no benefit in operating in-place in algif_aead since the\nsource and destination come from different mappings.  Get rid of\nall the complexity added for in-place operation and just copy the\nAD directly.",0.96267,"2026-04-22T09:16:21.27+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-31431",{"cveId":92,"releaseId":24,"cycle":25,"description":93,"severity":43,"cvssScore":44,"epssScore":94,"inKev":30,"publishedAt":95,"url":96},{"cveId":99,"releaseId":24,"cycle":25,"description":100,"severity":43,"cvssScore":44,"epssScore":101,"inKev":21,"publishedAt":102,"url":103},"CVE-2026-3888","Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private \u002Ftmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.",0.00383,"2026-03-17T14:16:17.41+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-3888",{"cveId":105,"releaseId":24,"cycle":25,"description":106,"severity":43,"cvssScore":107,"epssScore":108,"inKev":21,"publishedAt":109,"url":110},"CVE-2026-3497","Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program with",7.5,0.0218,"2026-03-12T19:16:19.91+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-3497",{"cveId":112,"releaseId":24,"cycle":25,"description":113,"severity":35,"cvssScore":114,"epssScore":115,"inKev":21,"publishedAt":116,"url":117},"CVE-2025-26466","A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server\u002Fclient key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.",5.9,0.38474,"2025-02-28T22:15:40.08+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2025-26466",{"cveId":112,"releaseId":17,"cycle":18,"description":113,"severity":35,"cvssScore":114,"epssScore":115,"inKev":21,"publishedAt":116,"url":117},"25"]