Linux Kernel CVE Tracker

Name: Linux Kernel CVE Database
Creator: LinuxCVETracker
License: https://nvd.nist.gov/general/faq#1f2488ea-0492-45a7-ae5b-ad29bc31dd05

16,022 vulnerabilities indexed — updated daily from NIST NVD

LinuxCVETracker is a free, searchable database of 16,022 Linux kernel CVEs, sourced daily from the NIST National Vulnerability Database and the CISA Known Exploited Vulnerabilities catalog. Of these, 250 are rated Critical severity and 26 have been confirmed as actively exploited. Use it to search, filter, and monitor Linux kernel security vulnerabilities by severity, year, affected package, or exploitation status.

CVE Statistics

16,022

Total CVEs

250

Critical

4,505

High

KEV — Actively Exploited

Linux Kernel CVE Database

16,022 vulnerabilities

Page 1 of 802

CVE ID	Package	Severity	CVSS	Published	Description
CVE-2026-52907	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: fix off by one bugs Change …
CVE-2026-52906	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: 9p: fix access mode flags being ORed instead of rep…
CVE-2026-52905	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region…
CVE-2026-52904	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix nvkm_device leak on aperture remov…
CVE-2026-46332	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive bu…
CVE-2026-46330	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: Revert "net/smc: Introduce TCP ULP support" This re…
CVE-2026-46329	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: erofs: handle end of filesystem properly for file-b…
CVE-2026-46328	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: apparmor: fix rlimit for posix cpu timers Posix cpu…
CVE-2026-46327	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: dm: fix unlocked test for dm_suspended_md The funct…
CVE-2026-46326	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: iio: pressure: mprls0025pa: fix spi_transfer struct…
CVE-2026-46325	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page siz…
CVE-2026-46324	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: use list_del_rcu for netlink …
CVE-2026-46323	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: net: gro: don't merge zcopy skbs skb_gro_receive() …
CVE-2026-46322	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: tun: free page on build_skb failure in tun_xdp_one(…
CVE-2026-46321	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tun_xdp_…
CVE-2026-46320	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tap_get_user_xdp()…
CVE-2026-46319	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: net/sched: act_ct: Only release RCU read lock after…
CVE-2026-46318	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: Revert "mm/hugetlbfs: update hugetlbfs to use mmap_…
CVE-2026-46317	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nested_mmus array behind mmu_l…
CVE-2026-46316	linux	Awaiting NVD	—	2026-06-09	In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache re…

2 3 … 802 ›

Frequently Asked Questions

How many Linux kernel CVEs have been published in total?

As of today, 16,022 Linux kernel CVEs have been published and indexed in this database. The Linux kernel is one of the most widely tracked packages in the NIST National Vulnerability Database due to its use in servers, cloud infrastructure, Android devices, and embedded systems. View full statistics →

How many Linux kernel CVEs are actively exploited?

26 Linux kernel CVEs are listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning they have been confirmed as actively exploited in the wild. These are the highest-priority vulnerabilities for patching. View all actively exploited CVEs →

How often is this database updated?

The database is updated daily from the NIST NVD API. New CVEs are typically added within 24–48 hours of NVD publication. CISA KEV status is also checked daily. Affected version data is sourced from the CVE.org API and refreshed regularly.

What is a CVSS score?

CVSS (Common Vulnerability Scoring System) is a standardised 0–10 score assigned to each CVE, measuring its technical severity. Scores 9.0–10.0 are Critical, 7.0–8.9 are High, 4.0–6.9 are Medium, and 0.1–3.9 are Low. CVSS scores are assigned by NIST analysts and updated as new information emerges.

What is the CISA KEV catalog?

The CISA Known Exploited Vulnerabilities (KEV) catalog is maintained by the US Cybersecurity and Infrastructure Security Agency. It lists CVEs confirmed as actively exploited in real-world attacks. US federal agencies are required to patch KEV-listed vulnerabilities within a defined deadline. The catalog is a high-signal filter for security teams prioritising patching efforts.