memory safety

CVE-2026-31629 is a small Linux kernel flaw with a familiar lesson: in privileged code, a missing return can become a memory-safety vulnerability. The issue sits in the kernel’s NFC LLCP receive path, where two functions clean up a closed socket but then continue executing and repeat the...

A newly published Linux kernel vulnerability in the macb Ethernet driver is a reminder that even small accounting mistakes in networking code can become memory-safety bugs. CVE-2026-31494 covers an out-of-bounds write in gem_get_ethtool_stats, where the driver copies statistics for the maximum...

Linux administrators received a fresh reminder this week that ext4’s maturity does not make it immune to memory-safety bugs. CVE-2026-31449 is a slab-out-of-bounds read in the Linux kernel’s ext4 extent-tree logic, and it appears in a code path that corrects index entries after leaf extents are...

The Linux kernel’s networking stack has a new memory-safety problem on its hands, and this one sits in an especially sensitive place: AF_PACKET fanout teardown. CVE-2026-31504 describes a race in packet_release where a concurrent NETDEV_UP event can re-register a socket into a fanout group after...

Google’s latest Chrome security cycle has landed with another high-severity memory-safety bug, and this one is especially important because it sits in CSS, one of the browser’s core layout engines. CVE-2026-6300 affects Google Chrome versions prior to 147.0.7727.101, and Google says a crafted...

Microsoft’s CVE-2026-32219 is the kind of Windows flaw that security teams dread because it sits squarely in the privilege-escalation lane: an authenticated low-privilege attacker can use it to reach SYSTEM-level control on affected machines. The advisory is for the Microsoft Brokering File...

Chromium’s newly disclosed CVE-2026-5886 is a reminder that even a browser component as familiar as WebAudio can become a memory-safety risk with real-world impact. According to the record you provided, the flaw is an out-of-bounds read in Google Chrome on Mac prior to 147.0.7727.55, and a...

Linux administrators have a fresh reason to inspect their kernel patching cadence: CVE-2026-31407 highlights a pair of netfilter conntrack validation gaps that can lead to out-of-bounds memory access in SCTP and ctnetlink handling. The vulnerability was published to the CVE List on April 6...

Chromium’s latest March security wave has exposed another memory-safety flaw in one of the browser’s most performance-sensitive subsystems. CVE-2026-5292 is an out-of-bounds read in WebCodecs affecting Google Chrome prior to 146.0.7680.178, and Google says a remote attacker could trigger the bug...

CVE-2026-23327 is one of those kernel security bugs that looks small at first glance and then turns out to be a revealing case study in how modern driver code fails. The issue sits in the Linux CXL mailbox path, where the cxl_payload_from_user_allowed() helper can reach into message contents...

A newly assigned Linux kernel CVE, CVE-2026-23315, highlights a familiar but still important class of Wi-Fi driver bugs: a bounds-check failure in the mt76 subsystem that could lead to out-of-bounds access in mt76_connac2_mac_write_txwi_80211(). The issue was disclosed through the kernel.org...

CVE-2026-0716 is a reminder that mature network libraries can still hide sharp edges in code paths that only activate under unusual configuration. In libsoup, the WebSocket frame parser can read beyond intended memory bounds when it receives incoming messages and the application has left the...

A newly disclosed Chromium security flaw, tracked as CVE-2026-4441, puts Google Chrome users on notice again, this time for a use-after-free in Base that can lead to heap corruption through a crafted HTML page. The vulnerability affects Chrome versions prior to 146.0.7680.153, and Google rates...

The curl project has published an advisory for CVE-2026-3805, a use-after-free bug in SMB connection reuse that affects libcurl and the curl command-line tool in releases 8.13.0 through 8.18.0 and was fixed in curl/libcurl 8.19.0; the flaw occurs when a second SMB request reuses a pooled...

The Linux kernel entry for CVE-2026-23236 closes a small but important memory‑handling bug in the legacy fbdev driver for the SMSC UFX USB framebuffer (smscufx): the UFX_IOCTL_REPORT_DAMAGE ioctl did not copy user-provided data into kernel memory safely and instead directly referenced user...

A subtle integer overflow in a core bytes buffer implementation has quietly rippled through Rust’s async ecosystem: the Bytes crate’s BytesMut::reserve path can corrupt its internal capacity (cap) when an unchecked addition wraps, allowing subsequent operations to create out‑of‑bounds slices and...

A subtle parsing bug in Vim’s Emacs-style tags handling has been assigned CVE-2026-28419: a heap-based buffer underflow that occurs when a malformed tags file places a delimiter at the very start of a line. The flaw is a one-byte, heap-based underflow in the emacs_tags_parse_line() logic in...

A newly assigned vulnerability, tracked as CVE-2026-28421, discloses a pair of memory-safety issues in the ubiquitous Vim editor: a heap-buffer-overflow and a segmentation fault (SEGV) in Vim’s swap-file recovery logic. The upstream Vim project issued a fix in patch 9.2.0077 (released 27...

The Linux kernel received a small but important fix for a scatterlist allocation error in the OMAP crypto driver that was tracked as CVE-2026-23222; the bug caused kmalloc_array() to allocate an array of pointers rather than an array of scatterlist objects, producing an allocation that was four...

A subtle memory-management mistake in the Linux kernel’s Quick Fair Queueing (QFQ) packet scheduler has been cataloged as CVE-2026-22999 and fixed upstream: an error path in qfq_change_class() can free the existing class and its qdisc when it should not, producing a use‑after‑free (UAF) that...