Linux Kernel CVE Tracker

15,984 vulnerabilities indexed — updated daily from NIST NVD

LinuxCVETracker is a free, searchable database of 15,984 Linux kernel CVEs, sourced daily from the NIST National Vulnerability Database and the CISA Known Exploited Vulnerabilities catalog. Of these, 250 are rated Critical severity and 26 have been confirmed as actively exploited. Use it to search, filter, and monitor Linux kernel security vulnerabilities by severity, year, affected package, or exploitation status.

CVE Statistics

15,984
Total CVEs
250
Critical
4,500
High
26
KEV — Actively Exploited

Linux Kernel CVE Database

All time 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 2001 2000 1999 1998 1997
15,984 vulnerabilities
Page 1 of 800
CVE ID Package Severity CVSS Published Description
CVE-2026-46274 linux Awaiting NVD 2026-06-08 In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io_w…
CVE-2025-71315 linux Awaiting NVD 2026-06-08 In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkm…
CVE-2026-46275 linux Awaiting NVD 2026-06-08 In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: fix UAFs and race conditions i…
CVE-2026-45702 linux Medium 5.5 2026-06-03 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cort…
CVE-2026-40290 linux High 7.8 2026-06-03 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cort…
CVE-2026-46250 linux High 7.3 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: MIPS: Work around LLVM bug when gp is used as globa…
CVE-2026-46254 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: AppArmor: Allow apparmor to handle unaligned dfa ta…
CVE-2026-46267 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: nfc: hci: shdlc: Stop timers and work before freein…
CVE-2026-46271 linux High 7.8 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: do WoW offloads only on primary link …
CVE-2026-45614 linux Medium 4.7 2026-06-03 OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cort…
CVE-2026-46269 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: pinctrl: canaan: k230: Fix NULL pointer dereference…
CVE-2026-46268 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Fix p2pmem_alloc_mmap() warning conditi…
CVE-2026-46258 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle_cr…
CVE-2026-46257 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when r…
CVE-2026-46249 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel…
CVE-2026-46244 linux Critical 9.1 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync I…
CVE-2026-46259 linux High 7.8 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading rea…
CVE-2026-46261 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: spi: wpcm-fiu: Fix potential NULL pointer dereferen…
CVE-2026-46260 linux High 7.8 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bound access in fib6_add_rt2node()…
CVE-2026-46248 linux Awaiting NVD 2026-06-03 In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif->li…

Frequently Asked Questions

How many Linux kernel CVEs have been published in total?

As of today, 15,984 Linux kernel CVEs have been published and indexed in this database. The Linux kernel is one of the most widely tracked packages in the NIST National Vulnerability Database due to its use in servers, cloud infrastructure, Android devices, and embedded systems. View full statistics →

How many Linux kernel CVEs are actively exploited?

26 Linux kernel CVEs are listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning they have been confirmed as actively exploited in the wild. These are the highest-priority vulnerabilities for patching. View all actively exploited CVEs →

How often is this database updated?

The database is updated daily from the NIST NVD API. New CVEs are typically added within 24–48 hours of NVD publication. CISA KEV status is also checked daily. Affected version data is sourced from the CVE.org API and refreshed regularly.

What is a CVSS score?

CVSS (Common Vulnerability Scoring System) is a standardised 0–10 score assigned to each CVE, measuring its technical severity. Scores 9.0–10.0 are Critical, 7.0–8.9 are High, 4.0–6.9 are Medium, and 0.1–3.9 are Low. CVSS scores are assigned by NIST analysts and updated as new information emerges.

What is the CISA KEV catalog?

The CISA Known Exploited Vulnerabilities (KEV) catalog is maintained by the US Cybersecurity and Infrastructure Security Agency. It lists CVEs confirmed as actively exploited in real-world attacks. US federal agencies are required to patch KEV-listed vulnerabilities within a defined deadline. The catalog is a high-signal filter for security teams prioritising patching efforts.