Linux Kernel CVE Statistics
247 Linux Kernel CVEs in January 2026
Full month · Source: NIST NVD
In January 2026, 247 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 42 were rated High severity and 115 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. January's 247 CVEs represent 12% of all 2026 Linux kernel CVEs , down from December's 1,056 (a 77% month-over-month decrease) .
247
Total CVEs
0
Critical
42
High
115
Medium
2
Low
0
KEV Exploited
All CVEs — January 2026
247 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2026-23036 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before iget_failed() in btrfs_r… | |
| CVE-2026-23039 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB d… | |
| CVE-2026-23027 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_pch_pic_… | |
| CVE-2026-23032 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: null_blk: fix kmemleak by releasing references to f… | |
| CVE-2026-23034 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue… | |
| CVE-2026-23038 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_de… | |
| CVE-2026-23033 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dma_pool resource leak in … | |
| CVE-2026-23031 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: can: gs_usb: gs_usb_receive_bulk_callback(): fix UR… | |
| CVE-2026-23037 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x: allow partial RX URB allocation to… | |
| CVE-2026-23030 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in … | |
| CVE-2026-23028 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_ipi_dest… | |
| CVE-2026-23029 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvm_device leak in kvm_eiointc_… | |
| CVE-2026-23035 | linux | Awaiting NVD | — | 2026-01-31 | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5e_destroy_netdev inst… | |
| CVE-2025-71140 | linux | Awaiting NVD | — | 2026-01-14 | In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context l… | |
| CVE-2025-68783 | linux | Awaiting NVD | — | 2026-01-13 | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-mixer: us16x08: validate meter packet ind… |