CVE Weekly Report — Week of Jun 22 – June 28, 2026
2026-W26
58
Total CVEs
1
Critical
17
High
0
Actively exploited
🔴 Critical CVEs (29)
| CVE | Product | CVSS | KEV | Description | Published |
|---|---|---|---|---|---|
| CVE-2026-52914 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: fix fragment reassembly length accounti… | Jun 24 |
| CVE-2026-52924 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling … | Jun 24 |
| CVE-2026-53010 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smb2_open during durab… | Jun 24 |
| CVE-2026-52955 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crus… | Jun 24 |
| CVE-2026-53176 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISER_HEADE… | Jun 25 |
| CVE-2026-52989 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmet_tcp_build_pdu_iovec() er… | Jun 24 |
| CVE-2026-52986 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: don't use simple_strto… | Jun 24 |
| CVE-2026-53246 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COO… | Jun 25 |
| CVE-2026-52931 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: tp_meter: avoid use of uninit sender va… | Jun 24 |
| CVE-2026-53002 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace… | Jun 24 |
| CVE-2026-53309 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: fix off-by-one in dlm_match_regions() re… | Jun 26 |
| CVE-2026-53175 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdir… | Jun 25 |
| CVE-2026-53151 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table… | Jun 25 |
| CVE-2026-52982 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150_st… | Jun 24 |
| CVE-2026-53006 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in icmpv6_rcv() Caching sad… | Jun 24 |
| CVE-2026-53247 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: Fix use-after-free in m… | Jun 25 |
| CVE-2026-52993 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: tipc: fix double-free in tipc_buf_append() tipc_ms… | Jun 24 |
| CVE-2026-53228 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: sit: reload inner IPv6 header after GSO offlo… | Jun 25 |
| CVE-2026-53221 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix incorrect tunnel matching in vti6_tnl_… | Jun 25 |
| CVE-2026-53215 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use… | Jun 25 |
| CVE-2026-53216 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: limit XDP frame size to the RX buffer … | Jun 25 |
| CVE-2026-53260 | Linux | 9.8 | — | In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested() in reqsk… | Jun 25 |
| CVE-2026-53131 | Linux | 9.4 | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using… | Jun 25 |
| CVE-2026-53043 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qr_numregions in dlm_match_regi… | Jun 24 |
| CVE-2026-52958 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdm… | Jun 24 |
| CVE-2026-53186 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRP_RSP sense copy by the received … | Jun 25 |
| CVE-2026-53224 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: sctp: validate embedded INIT chunk and address list… | Jun 25 |
| CVE-2026-52999 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix out-of-bounds read on… | Jun 24 |
| CVE-2026-53225 | Linux | 9.1 | — | In the Linux kernel, the following vulnerability has been resolved: sctp: fix uninit-value in __sctp_rcv_asconf_lookup(… | Jun 25 |
🟠 High CVEs (13)
| CVE | Product | CVSS | KEV | Description | Published |
|---|---|---|---|---|---|
| CVE-2026-52934 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: batman-adv: tvlv: reject oversized TVLV packets ba… | Jun 24 |
| CVE-2026-53266 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebt_snat ARP rewrite writab… | Jun 25 |
| CVE-2026-52918 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: serialize accept_q access bt_sock_poll(… | Jun 24 |
| CVE-2026-53198 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred file_lock o… | Jun 25 |
| CVE-2026-53171 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dma_length()… | Jun 25 |
| CVE-2026-53200 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN[0] when !FEAT_XN… | Jun 25 |
| CVE-2026-52952 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARN_ON in __iommu_group_set_domain_nofa… | Jun 24 |
| CVE-2026-53275 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD… | Jun 25 |
| CVE-2026-53277 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks… | Jun 25 |
| CVE-2026-53188 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ib_get_u… | Jun 25 |
| CVE-2026-53322 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling functio… | Jun 26 |
| CVE-2026-53281 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid NULL pointer dereference or refco… | Jun 26 |
| CVE-2026-53240 | Linux | 8.8 | — | In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix use-after-free on first_skb in __i… | Jun 25 |
