CVE-2026-25167
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
CVE-2026-24292
Use after free in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
CVE-2026-24289
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
CVE-2026-24285
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
CVE-2026-23669
Use after free in RPC Runtime allows an authorized attacker to execute code over a network.
CVE-2026-23667
Use after free in Broadcast DVR allows an authorized attacker to elevate privileges locally.
CVE-2026-28688
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice.…
CVE-2026-28687
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, a heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access t…
CVE-2026-28799
PJSIP is a free and open source multimedia communication library written in C. Prior to version 2.17, a heap use-after-free vulnerability exists in PJSIP's event subscription framework (evsub.c) that is triggered during presence unsubscript…
CVE-2025-13350
Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_…
CVE-2026-22040
NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In version 0.24.6, by generating a combined traffic pattern of high-frequency publishes and rapid reconnect/kick-out using the same ClientID and massive subscribe/unsubsc…
CVE-2026-23234
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid UAF in f2fs_write_end_io()
As syzbot reported an use-after-free issue in f2fs_write_end_io().
It is caused by below race condition:
loop device um…
CVE-2026-23231
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_tables: fix use-after-free in nf_tables_addchain()
nf_tables_addchain() publishes the chain to table->chains via
list_add_tail_rcu() (in nft_chain_add()) be…
CVE-2026-0027
In smmu_detach_dev of arm-smmu-v3.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2025-47386
Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.
CVE-2025-47381
Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.
CVE-2025-47379
Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.
CVE-2025-47377
Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.
CVE-2025-47376
Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.
CVE-2025-47375
Memory corruption while handling different IOCTL calls from the user-space simultaneously.