CVE Weekly Report — Week of Jun 22 – June 28, 2026

2026-W26

58
Total CVEs
1
Critical
17
High
0
Actively exploited

🔴 Critical CVEs (29)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-52914Linux9.8In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounti…Jun 24
CVE-2026-52924Linux9.8In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling …Jun 24
CVE-2026-53010Linux9.8In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2_open during durab…Jun 24
CVE-2026-52955Linux9.8In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crus…Jun 24
CVE-2026-53176Linux9.8In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISER_HEADE…Jun 25
CVE-2026-52989Linux9.8In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() er…Jun 24
CVE-2026-52986Linux9.8In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: don't use simple_strto…Jun 24
CVE-2026-53246Linux9.8In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COO…Jun 25
CVE-2026-52931Linux9.8In the Linux kernel, the following vulnerability has been resolved: batman-adv: tp_meter: avoid use of uninit sender va…Jun 24
CVE-2026-53002Linux9.8In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace…Jun 24
CVE-2026-53309Linux9.8In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions() re…Jun 26
CVE-2026-53175Linux9.8In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdir…Jun 25
CVE-2026-53151Linux9.8In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table…Jun 25
CVE-2026-52982Linux9.8In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150_st…Jun 24
CVE-2026-53006Linux9.8In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching sad…Jun 24
CVE-2026-53247Linux9.8In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Fix use-after-free in m…Jun 25
CVE-2026-52993Linux9.8In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_ms…Jun 24
CVE-2026-53228Linux9.8In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offlo…Jun 25
CVE-2026-53221Linux9.8In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix incorrect tunnel matching in vti6_tnl_…Jun 25
CVE-2026-53215Linux9.8In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use…Jun 25
CVE-2026-53216Linux9.8In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer …Jun 25
CVE-2026-53260Linux9.8In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested() in reqsk…Jun 25
CVE-2026-53131Linux9.4In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using…Jun 25
CVE-2026-53043Linux9.1In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qr_numregions in dlm_match_regi…Jun 24
CVE-2026-52958Linux9.1In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdm…Jun 24
CVE-2026-53186Linux9.1In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRP_RSP sense copy by the received …Jun 25
CVE-2026-53224Linux9.1In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list…Jun 25
CVE-2026-52999Linux9.1In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix out-of-bounds read on…Jun 24
CVE-2026-53225Linux9.1In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in __sctp_rcv_asconf_lookup(…Jun 25

🟠 High CVEs (13)

CVEProductCVSSKEVDescriptionPublished
CVE-2026-52934Linux8.8In the Linux kernel, the following vulnerability has been resolved: batman-adv: tvlv: reject oversized TVLV packets ba…Jun 24
CVE-2026-53266Linux8.8In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebt_snat ARP rewrite writab…Jun 25
CVE-2026-52918Linux8.8In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize accept_q access bt_sock_poll(…Jun 24
CVE-2026-53198Linux8.8In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred file_lock o…Jun 25
CVE-2026-53171Linux8.8In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dma_length()…Jun 25
CVE-2026-53200Linux8.8In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XN…Jun 25
CVE-2026-52952Linux8.8In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARN_ON in __iommu_group_set_domain_nofa…Jun 24
CVE-2026-53275Linux8.8In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD…Jun 25
CVE-2026-53277Linux8.8In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks…Jun 25
CVE-2026-53188Linux8.8In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ib_get_u…Jun 25
CVE-2026-53322Linux8.8In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling functio…Jun 26
CVE-2026-53281Linux8.8In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refco…Jun 26
CVE-2026-53240Linux8.8In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on first_skb in __i…Jun 25

📦 Most affected products

© 2026 EOLCanary — Data from endoflife.date & NVD
Explore