U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
Icon for NVD Communications and Status Updates Page
Communications Page
The NVD now supports CVSS version 4.0!
CVSS v4.0 Support
The letters N V D typed out in binary
2.0 APIs

The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.

For information on how to cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2026-43964 - Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.
    Published: May 04, 2026; 3:16:07 PM -0400

    V3.1: 7.5 HIGH

  • CVE-2026-42138 - Dify is an open-source LLM app development platform. Prior to version 1.13.1, using the method POST /api/files/upload, any unauthenticated user can upload an SVG file with XSS. The method POST /v1/files/upload, which requires authentication throug... read CVE-2026-42138
    Published: May 04, 2026; 2:16:31 PM -0400

    V3.1: 6.1 MEDIUM

  • CVE-2026-43184 - In the Linux kernel, the following vulnerability has been resolved: rnbd-srv: Zero the rsp buffer before using it Before using the data buffer to send back the response message, zero it completely. This prevents any stray bytes to be picked up b... read CVE-2026-43184
    Published: May 06, 2026; 8:16:37 AM -0400

  • CVE-2026-43183 - In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix a resource leak in cx25821_dev_setup() Add release_mem_region() if ioremap() fails to release the memory region obtained by cx25821_get_resources().
    Published: May 06, 2026; 8:16:36 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-31780 - In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation The variable valuesize is declared as u8 but accumulates the total length of all SSIDs to scan. Each SSID co... read CVE-2026-31780
    Published: May 01, 2026; 11:16:41 AM -0400

  • CVE-2026-43181 - In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain u... read CVE-2026-43181
    Published: May 06, 2026; 8:16:36 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-43182 - In the Linux kernel, the following vulnerability has been resolved: media: ccs: Avoid possible division by zero Calculating maximum M for scaler configuration involves dividing by MIN_X_OUTPUT_SIZE limit register's value. Albeit the value is pre... read CVE-2026-43182
    Published: May 06, 2026; 8:16:36 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-43185 - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prepare_negotiation() casts an unsigned __u32 value from sp->max_recv_size and req->preferred_send_siz... read CVE-2026-43185
    Published: May 06, 2026; 8:16:37 AM -0400

  • CVE-2026-31781 - In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drm_compat_ioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, t... read CVE-2026-31781
    Published: May 01, 2026; 11:16:41 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-43191 - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 that addresses an issue where we turn off the PHY ... read CVE-2026-43191
    Published: May 06, 2026; 8:16:37 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-43190 - In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_tcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xt_tcpmss.c (lines 53-68), the TCP option parser reads op[i+1] directly ... read CVE-2026-43190
    Published: May 06, 2026; 8:16:37 AM -0400

  • CVE-2026-31782 - In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad container_of in intel_pmu_hw_config Auto counter reload may have a group of events with software events present within it. The software event PMU isn... read CVE-2026-31782
    Published: May 01, 2026; 11:16:41 AM -0400

  • CVE-2026-43189 - In the Linux kernel, the following vulnerability has been resolved: media: v4l2-async: Fix error handling on steps after finding a match Once an async connection is found to be matching with an fwnode, a sub-device may be registered (in case it ... read CVE-2026-43189
    Published: May 06, 2026; 8:16:37 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-31783 - In the Linux kernel, the following vulnerability has been resolved: spi: amlogic: spifc-a4: unregister ECC engine on probe failure and remove() callback aml_sfc_probe() registers the on-host NAND ECC engine, but teardown was missing from both pr... read CVE-2026-31783
    Published: May 01, 2026; 11:16:41 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-31772 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix stack buffer overflow in hci_le_big_create_sync hci_le_big_create_sync() uses DEFINE_FLEX to allocate a struct hci_cp_le_big_create_sync on the stack wi... read CVE-2026-31772
    Published: May 01, 2026; 11:16:40 AM -0400

  • CVE-2026-43186 - In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receive path, __ioam6_fill_trace_data() uses trace->nodelen to decide how much data to write for each no... read CVE-2026-43186
    Published: May 06, 2026; 8:16:37 AM -0400

  • CVE-2026-43187 - In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 ("xfs: fix attr leaf header freemap.size underflow"), Brian Foster observed that it's possible for... read CVE-2026-43187
    Published: May 06, 2026; 8:16:37 AM -0400

  • CVE-2026-43188 - In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, move_dirty_folio_in_page_array() may fail because it needs to allocate bounce buffe... read CVE-2026-43188
    Published: May 06, 2026; 8:16:37 AM -0400

    V3.1: 5.5 MEDIUM

  • CVE-2026-31773 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SMP: derive legacy responder STK authentication from MITM state The legacy responder path in smp_random() currently labels the stored STK as authenticated whenever pe... read CVE-2026-31773
    Published: May 01, 2026; 11:16:40 AM -0400

  • CVE-2026-43192 - In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dm_put_device when failing to get scsi dh name When commit fd81bc5cca8f ("scsi: device_handler: Return error pointer in scsi_dh_attached_handler_name()") a... read CVE-2026-43192
    Published: May 06, 2026; 8:16:38 AM -0400

    V3.1: 5.5 MEDIUM

Created September 20, 2022 , Updated August 27, 2024