382 Linux Kernel CVEs in April 2026
Full month · Source: NIST NVD
In April 2026, 382 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 27 were rated Critical, 162 were rated High severity and 193 Medium. CVE-2026-31431 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. April's 382 CVEs represent 18% of all 2026 Linux kernel CVEs , up from March's 182 (a 110% month-over-month increase) .
Actively Exploited CVEs — April 2026
1 CVE in CISA KEVCVE-2026-31431 is the only Linux kernel CVE from April 2026 confirmed as actively exploited in the wild. It carries a CVSS score of 7.8 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2026-31431 | High KEV | 7.8 | 2026-04-22 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to … |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2026-31608 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_s… | |
| CVE-2026-31659 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buf… | |
| CVE-2026-31633 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response… | |
| CVE-2026-31668 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths… | |
| CVE-2026-31536 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: smb: server: let send_done handle a completion with… | |
| CVE-2026-31589 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: mm: call ->free_folio() directly in folio_unmap_inv… | |
| CVE-2026-31607 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret… | |
| CVE-2026-31649 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode Th… | |
| CVE-2026-31657 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by referen… | |
| CVE-2026-31637 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets … | |
| CVE-2026-31669 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_est… | |
| CVE-2026-31609 | linux | Critical | 9.8 | 2026-04-24 | In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io… | |
| CVE-2026-31533 | linux | Critical | 9.8 | 2026-04-23 | In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of… | |
| CVE-2026-31444 | linux | Critical | 9.8 | 2026-04-22 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free and NULL deref in smb_gra… | |
| CVE-2026-31478 | linux | Critical | 9.8 | 2026-04-22 | In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() i… |