| | CVE-2026-31433 |  Red Hat | medium | — | 0.0%
| | A flaw was found in the ksmbd module of the Linux kernel. A remote attacker can exploit this vulnera… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-22746 |  VMware | low | 3.7 | 0.0%
| | Vulnerability in Spring Spring Security. If an application is using the UserDetails#isEnabled, #isAc… | Apr 22, 2026 | Apr 24, 2026 |
| | CVE-2026-22747 | VMware | medium | 6.8 | 0.0%
| | Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle cer… | Apr 22, 2026 | Apr 24, 2026 |
| | CVE-2026-22748 | VMware | medium | 5.3 | 0.1%
| | Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtD… | Apr 22, 2026 | Apr 24, 2026 |
| | CVE-2026-22753 | VMware | high | 7.5 | 0.1%
| | Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a P… | Apr 22, 2026 | Apr 24, 2026 |
| | CVE-2026-22754 | VMware | high | 7.5 | 0.0%
| | Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/se… | Apr 22, 2026 | Apr 24, 2026 |
| | CVE-2026-40542 |  Apache | high | 7.3 | 0.1%
| | Missing critical step in authentication in Apache HttpClient 5.6 allows an attacker to cause the cli… | Apr 22, 2026 | May 1, 2026 |
| | CVE-2026-31431 | VMware | high | 7.8 | 4.1%
| ⚠ KEV | In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert to … | Apr 22, 2026 | May 12, 2026 |
| | CVE-2026-6857 | Apache | high | 7.5 | 0.4%
| | A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the Prot… | Apr 22, 2026 | Apr 29, 2026 |
| | CVE-2026-41651 | Red Hat | high | 8.8 | — | | A flaw was found in PackageKit. A time-of-check time-of-use (TOCTOU) race condition on transaction f… | Apr 22, 2026 | Apr 22, 2026 |
| | CVE-2026-41134 |  Microsoft | high | 7.8 | 0.1%
| | Kiota is an OpenAPI based HTTP Client code generator. Versions prior to 1.31.1 are affected by a cod… | Apr 22, 2026 | May 14, 2026 |
| | CVE-2026-31531 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel. A local user can trigger a denial of service by querying a nex… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-31532 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's Controller Area Network (CAN) raw socket implementation. A us… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41179 | Red Hat | high | 9.8 | 0.1%
| | A flaw was found in Rclone, a command-line program for syncing files with cloud storage. An unauthen… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-41196 | Red Hat | high | 8.2 | 0.1%
| | A flaw was found in Luanti (formerly Minetest), an open-source game platform. A malicious mod, when … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-13763 | Red Hat | low | 5.7 | — | | Multiple uses of uninitialized variables were found in libopensc that may lead to information disclo… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2025-66286 | Red Hat | medium | 4.7 | — | | An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-33999 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XK… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34001 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence … | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-34003 | Red Hat | high | 7.8 | — | | A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could se… | Apr 23, 2026 | Apr 23, 2026 |
| | CVE-2026-33694 |  Tenable | high | 7.4 | — | | This vulnerability allows an attacker to create a junction, enabling the deletion of arbitrary files… | Apr 23, 2026 | Apr 24, 2026 |
| | CVE-2026-24303 | Microsoft | critical | 9.6 | 0.0%
| | Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privile… | Apr 23, 2026 | Apr 28, 2026 |
| | CVE-2026-26150 | Microsoft | high | 8.6 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate p… | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-32172 | Microsoft | high | 8.0 | 0.0%
| | Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute … | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-32210 | Microsoft | critical | 9.3 | 0.0%
| | Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacke… | Apr 23, 2026 | May 5, 2026 |
| | CVE-2026-33102 | Microsoft | critical | 9.3 | 0.0%
| | Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker … | Apr 23, 2026 | Apr 29, 2026 |
| | CVE-2026-33819 | Microsoft | critical | 10.0 | 0.4%
| | Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code … | Apr 23, 2026 | May 5, 2026 |
| | CVE-2026-35431 | Microsoft | critical | 10.0 | 0.1%
| | Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthoriz… | Apr 23, 2026 | Apr 28, 2026 |
| | CVE-2026-31585 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's vidtv media driver. When the `vidtv_start_streaming()` functi… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31665 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's netfilter connection tracking (nf_conntrack) component. This … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31578 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's as102_usb driver. A local user could exploit a race condition… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31539 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's `smbdirect` module. A race condition in the receive credit ma… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31611 | Red Hat | medium | — | 0.0%
| | A flaw was found in the ksmbd component of the Linux kernel. A remote attacker could exploit this vu… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31631 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel, specifically within its rxrpc communication protocol. This vul… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31642 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's rxrpc module. This vulnerability occurs due to incorrect hand… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31612 | Red Hat | medium | — | 0.0%
| | A flaw was found in ksmbd, a Linux kernel module. A remote attacker can exploit this vulnerability b… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31647 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's idpf driver. This vulnerability arises from improper nesting … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31628 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel. On systems utilizing Zen1 processors, the hardware divider can… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31670 | Red Hat | low | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's rfkill component. A local user can exploit this by creating a… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31635 | Red Hat | high | 7.0 | 0.0%
| | A flaw was found in the Linux kernel's rxrpc component. An inverted length check in the `rxgk_verify… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31668 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's Segment Routing over IPv6 (SRv6) lightweight tunnel (seg6 lwt… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31653 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's Data Access MONitor (DAMON) subsystem. When a process being m… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31618 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's fbdev subsystem, specifically affecting the tdfxfb and udlfb … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31571 | Red Hat | low | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's `drm/i915` component. A local user can exploit this by config… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31577 | Red Hat | medium | — | 0.0%
| | A flaw was found in the `nilfs2` filesystem within the Linux kernel. A local user can trigger a null… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31553 | Red Hat | medium | — | 0.0%
| | A flaw was found in the Linux kernel's KVM (Kernel-based Virtual Machine) component. Specifically, i… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31542 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's x86/platform/uv component. When a socket is deconfigured, it … | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31667 | Red Hat | medium | 7.0 | 0.0%
| | A flaw was found in the Linux kernel, specifically within the uinput (user input) and ff-core (force… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31575 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel. A mismatch in the calculation of page indexes for huge pages w… | Apr 24, 2026 | Apr 24, 2026 |
| | CVE-2026-31546 | Red Hat | medium | 5.5 | 0.0%
| | A flaw was found in the Linux kernel's networking bonding driver. This vulnerability occurs when the… | Apr 24, 2026 | Apr 24, 2026 |