[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feQiKR3QOx3rlDrfpTwT_CJIynPcJr2MX_U5dtEp59Ew":3},{"product":4,"cycleMajor":14,"releases":15,"cves":23,"nextMajor":9},{"id":5,"slug":6,"name":7,"category":8,"vendor":9,"description":10,"logo_url":11,"official_url":9,"synced_at":12,"created_at":13},"869a0b9c-2a21-449a-95c3-5745623dacd4","ubuntu","Ubuntu","os",null,"Ubuntu is a Linux distribution based on Debian and composed primarily of free and open-source software. Developed by the British company Canonical and a community of contributors under a meritocratic governance model, Ubuntu is released in multiple o…","https:\u002F\u002Fcdn.simpleicons.org\u002Fubuntu","2026-06-09T20:02:18.514+00:00","2026-05-30T16:23:56.027772+00:00","26",[16],{"id":17,"product_id":5,"cycle":18,"release_date":19,"eol":20,"eol_boolean":9,"latest":18,"latest_release_date":19,"lts":21,"support":20,"created_at":22},"bbd0f2db-376f-443a-8c00-6b71fb215fe4","26.04","2026-04-23","2031-04-30",true,"2026-05-30T16:26:03.614798+00:00",[24,33,38,46,53,58,63,70,75],{"cveId":25,"releaseId":17,"cycle":18,"description":26,"severity":27,"cvssScore":28,"epssScore":29,"inKev":30,"publishedAt":31,"url":32},"CVE-2026-47331","Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.","HIGH",7.8,0.00015,false,"2026-05-28T19:16:41.757+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47331",{"cveId":34,"releaseId":17,"cycle":18,"description":35,"severity":27,"cvssScore":28,"epssScore":29,"inKev":30,"publishedAt":36,"url":37},"CVE-2026-47333","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in invalid data being processed by the AppArmor DFA policy engine.","2026-05-28T19:16:42.073+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47333",{"cveId":39,"releaseId":17,"cycle":18,"description":40,"severity":41,"cvssScore":42,"epssScore":43,"inKev":30,"publishedAt":44,"url":45},"CVE-2026-47328","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata and could lead to resource exhaustion.","MEDIUM",6.1,0.00014,"2026-05-28T19:16:40.687+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47328",{"cveId":47,"releaseId":17,"cycle":18,"description":48,"severity":41,"cvssScore":49,"epssScore":50,"inKev":30,"publishedAt":51,"url":52},"CVE-2026-47334","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.",5.5,0.00013,"2026-05-28T19:16:42.203+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47334",{"cveId":54,"releaseId":17,"cycle":18,"description":55,"severity":41,"cvssScore":49,"epssScore":43,"inKev":30,"publishedAt":56,"url":57},"CVE-2026-47332","Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information disclosure from adjacent slab objects.","2026-05-28T19:16:41.96+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47332",{"cveId":59,"releaseId":17,"cycle":18,"description":60,"severity":41,"cvssScore":49,"epssScore":43,"inKev":30,"publishedAt":61,"url":62},"CVE-2026-47326","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.","2026-05-28T19:16:40.11+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47326",{"cveId":64,"releaseId":17,"cycle":18,"description":65,"severity":66,"cvssScore":67,"epssScore":43,"inKev":30,"publishedAt":68,"url":69},"CVE-2026-47330","Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor notification responses.","LOW",3.3,"2026-05-28T19:16:41.53+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47330",{"cveId":71,"releaseId":17,"cycle":18,"description":72,"severity":66,"cvssScore":67,"epssScore":29,"inKev":30,"publishedAt":73,"url":74},"CVE-2026-47327","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.","2026-05-28T19:16:40.42+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47327",{"cveId":76,"releaseId":17,"cycle":18,"description":77,"severity":66,"cvssScore":67,"epssScore":78,"inKev":30,"publishedAt":79,"url":80},"CVE-2026-47329","Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.",0.0002,"2026-05-28T19:16:41.02+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-47329"]