Linux Kernel CVE Statistics
1,043 Linux Kernel CVEs in May 2026
Full month · Source: NIST NVD
In May 2026, 1,043 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 42 were rated Critical, 340 were rated High severity and 346 Medium. No CVEs from this month have been confirmed as actively exploited via the CISA KEV catalog. May's 1,043 CVEs represent 49% of all 2026 Linux kernel CVEs , up from April's 382 (a 173% month-over-month increase) .
1043
Total CVEs
42
Critical
340
High
346
Medium
2
Low
0
KEV Exploited
All CVEs — May 2026
1043 CVEs
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2026-46130 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split acros… | |
| CVE-2026-46144 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in mana_ib_create_qp_rs… | |
| CVE-2026-46121 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcg_path kfree() … | |
| CVE-2026-46128 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad d… | |
| CVE-2026-46136 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer leng… | |
| CVE-2026-46142 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access Register… | |
| CVE-2026-46108 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocati… | |
| CVE-2026-46109 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpi_register() error… | |
| CVE-2026-46131 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hyperca… | |
| CVE-2026-46126 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix mana_destroy_wq_obj() cleanup in man… | |
| CVE-2026-46132 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero ifla_vf_broadcast to avoid sta… | |
| CVE-2026-46134 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_typec: Init mutex in Thund… | |
| CVE-2026-46139 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize securit… | |
| CVE-2026-46140 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length bef… | |
| CVE-2026-46147 | linux | Awaiting NVD | — | 2026-05-28 | In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering i… |