[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f52d01SINLjfPUeTprGTL5ZciPF7dPo55AiOo38TkFJ8":3},{"report":4,"cves":25,"nav":78},{"id":5,"week_start":6,"week_end":7,"week_label":8,"year":9,"week_number":10,"total_cves":11,"critical_count":12,"high_count":11,"medium_count":12,"low_count":12,"kev_count":12,"top_products":13,"summary_en":22,"is_published":23,"created_at":24},"0f5a1bed-661e-465f-85d2-33e66736c8a9","2026-06-15","2026-06-21","2026-W25",2026,25,7,0,[14,18],{"name":15,"slug":16,"count":17},"Linux","linux",5,{"name":19,"slug":20,"count":21},"HAProxy","haproxy",2,null,true,"2026-07-17T07:24:12.990214+00:00",{"critical":26,"high":27,"medium":75,"low":76,"kev":77},[],[28,38,45,51,56,62,69],{"cveId":29,"severity":30,"cvssScore":31,"description":32,"publishedAt":33,"url":34,"productSlug":16,"productName":15,"productLogo":35,"cycle":36,"isKev":37},"CVE-2026-52911","HIGH",8.8,"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: scope conn->binding slowpath to bound sessions only\n\nWhen the binding SESSION_SETUP sets conn->binding = true, the flag stays\nset after the call so that the global session lookup in\nksmbd_session_lookup_all() can find the session, which was not added to\nconn->sessions. Because the flag is connection-wide, the global lookup\npath will also resolve any other session by id if asked.\n\nTighten the global lookup so that the ret","2026-06-21T08:16:23.607+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-52911","https:\u002F\u002Fcdn.simpleicons.org\u002Flinux","5.15",false,{"cveId":39,"severity":30,"cvssScore":40,"description":41,"publishedAt":42,"url":43,"productSlug":16,"productName":15,"productLogo":35,"cycle":44,"isKev":37},"CVE-2026-52910",7.8,"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Free reuseport cBPF prog after RCU grace period.\n\nEulgyu Kim reported the splat below with a repro. [0]\n\nThe repro sets up a UDP reuseport group with a cBPF prog and\nreplaces it with a new one while another thread is sending\na UDP packet to the group.\n\nThe reuseport prog is freed by sk_reuseport_prog_free().\nbpf_prog_put() is called for \"e\"BPF prog to destruct through\nmultiple stages while cBPF prog is freed immediately by","2026-06-19T15:16:35.487+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-52910","6.9",{"cveId":46,"severity":30,"cvssScore":40,"description":47,"publishedAt":48,"url":49,"productSlug":16,"productName":15,"productLogo":35,"cycle":50,"isKev":37},"CVE-2026-52909","In the Linux kernel, the following vulnerability has been resolved:\n\nip6_vti: set netns_immutable on the fallback device.\n\njohn1988 and Noam Rathaus reported that vti6_init_net() does not set the\nnetns_immutable flag on the per-netns fallback tunnel device (ip6_vti0).\n\nOther similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel)\ncorrectly set this flag during their fallback device initialization to\nprevent them from being moved to another network namespace.","2026-06-19T15:16:35.383+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-52909","7.1",{"cveId":52,"severity":30,"cvssScore":40,"description":53,"publishedAt":54,"url":55,"productSlug":16,"productName":15,"productLogo":35,"cycle":50,"isKev":37},"CVE-2026-52908","In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: During rereg_mr ensure that REREG_ACCESS is compatible\n\nIf IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be\nre-evaluated to ensure it is properly pinned as RW. Since the umem is\nhidden inside each driver's mr struct add a ib_umem_check_rereg() function\nthat each driver has to call before processing IB_MR_REREG_ACCESS.\n\nmlx4 has to retain its duplicate ib_access_writable check because it\nimplements IB_MR_RE","2026-06-19T15:16:35.277+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-52908",{"cveId":57,"severity":30,"cvssScore":40,"description":58,"publishedAt":59,"url":60,"productSlug":16,"productName":15,"productLogo":35,"cycle":61,"isKev":37},"CVE-2026-46331","In the Linux kernel, the following vulnerability has been resolved:\n\nnet\u002Fsched: fix pedit partial COW leading to page cache corruption\n\ntcf_pedit_act() computes the COW range for skb_ensure_writable()\nonce before the key loop using tcfp_off_max_hint, but the hint does\nnot account for the runtime header offset added by typed keys. This\ncan leave part of the write region un-COW'd.\n\nFix by moving skb_ensure_writable() inside the per-key loop where\nthe actual write offset is known, and add overflow ","2026-06-16T08:16:23.993+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-46331","7.0",{"cveId":63,"severity":30,"cvssScore":64,"description":65,"publishedAt":66,"url":67,"productSlug":20,"productName":19,"productLogo":22,"cycle":68,"isKev":37},"CVE-2026-55203",7.5,"HAProxy through 3.4.0, fixed in commit 5985276, contains an integer overflow vulnerability in the fcgi_conn structure's drl field that allows buffer misparse as new FCGI record headers. When contentLength is 65535 and paddingLength is 1 or more, the drl field wraps to 0, causing incorrect record consumption and allowing malicious FastCGI backends to desynchronize the FCGI framing parser, potentially causing request routing errors, response smuggling, or memory safety issues.","2026-06-18T17:16:34.373+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-55203","1.0",{"cveId":70,"severity":30,"cvssScore":64,"description":71,"publishedAt":72,"url":73,"productSlug":20,"productName":19,"productLogo":22,"cycle":74,"isKev":37},"CVE-2026-55204","HAProxy through  3.4.0, fixed in commit 9a6d1fe, contains a null pointer dereference vulnerability in hpack_dht_insert() within src\u002Fhpack-tbl.c that fails to validate the return value of hpack_dht_defrag() when the memory pool is exhausted. An attacker can trigger HPACK dynamic table insertions under memory pressure to dereference a NULL pointer and crash HAProxy worker processes, causing denial of service.","2026-06-18T17:16:34.567+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-55204","1.9",[],[],[],{"prev":79,"next":80},"2026-W24","2026-W26"]