Oracle Linux 10 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50372)

high Nessus Plugin ID 325292

Synopsis

The remote Oracle Linux host is missing one or more security updates.

Description

The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50372 advisory.

- net/sched: fix pedit partial COW leading to page cache corruption (Rajat Gupta) {CVE-2026-46331}
- eventpoll: fix ep_remove struct eventpoll / struct file UAF (Christian Brauner) [Orabug: 39668743] {CVE-2026-46242}
- net: skbuff: fix missing zerocopy reference in pskb_carve helpers (Minh Nguyen) [Orabug: 39656679] {CVE-2026-52943}
- arm64: errata: Mitigate TLBI errata on various Arm CPUs (Mark Rutland) [Orabug: 39548792] {CVE-2025-10263}
- openvswitch: vport: fix self-deadlock on release of tunnel ports (Ilya Maximets) {CVE-2026-46165}
- iommu/amd: serialize sequence allocation under concurrent TLB invalidations (Ankit Soni) {CVE-2026-43220}
- usb: ulpi: fix memory leak on ulpi_register() error paths (Felix Gu) {CVE-2026-46109}
- smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463671] {CVE-2026-46243}
- net: skbuff: propagate shared-frag marker through frag-transfer helpers (Hyunwoo Kim) [Orabug:
39368826,39441323] {CVE-2026-43503,CVE-2026-46300}
- net: skbuff: preserve shared-frag marker during coalescing (William Bowling) [Orabug: 39368826] {CVE-2026-46300}
- netfilter: reject zero shift in nft_bitwise (Kai Ma) [Orabug: 39452464] {CVE-2026-46101}
- net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels (Andrea Mayer) [Orabug: 39452457] {CVE-2026-46099}
- ALSA: caiaq: fix usb_dev refcount leak on probe failure (Deepanshu Kartikey) [Orabug: 39452739] {CVE-2026-46048}
- ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (Greg Kroah-Hartman) [Orabug: 39426003] {CVE-2026-43501}
- ALSA: caiaq: Fix potentially leftover ep1_in_urb at error path (Takashi Iwai) [Orabug: 39452746] {CVE-2026-45992}
- net: bonding: fix use-after-free in bond_xmit_broadcast() (Xiang Mei) [Orabug: 39205989] {CVE-2026-31419}
- crypto: authencesn - reject short ahash digests during instance creation (Yucheng Lu) [Orabug: 39452231] {CVE-2026-46033}
- spi: fix resource leaks on device setup failure (Johan Hovold) [Orabug: 39452400] {CVE-2026-46083}
- net: qrtr: ns: Limit the total number of nodes (Manivannan Sadhasivam) [Orabug: 39452123] {CVE-2026-46003}
- net: bridge: use a stable FDB dst snapshot in RCU readers (Zhengchuan Liang) [Orabug: 39452411] {CVE-2026-46086}
- net: qrtr: ns: Limit the maximum number of lookups (Manivannan Sadhasivam) [Orabug: 39452207] {CVE-2026-46026}
- net: qrtr: ns: Limit the maximum server registration per node (Manivannan Sadhasivam) [Orabug: 39410851] {CVE-2026-43491}
- RDMA/mana_ib: Disable RX steering on RSS QP destroy (Long Li) [Orabug: 39452406] {CVE-2026-46084}
- media: rc: igorplugusb: heed coherency rules (Oliver Neukum) [Orabug: 39452432] {CVE-2026-46091}
- wifi: mwifiex: fix use-after-free in mwifiex_adapter_cleanup() (Daniel Hodges) [Orabug: 39452343] {CVE-2026-46069}
- thermal: core: Fix thermal zone governor cleanup issues (Rafael J. Wysocki) [Orabug: 39452186] {CVE-2026-46021}
- smb: client: validate the whole DACL before rewriting it in cifsacl (Michael Bommarito) [Orabug:
39300611] {CVE-2026-31709}
- scsi: sd: fix missing put_disk() when device_add(&disk_dev) fails (Yang Xiuwei) [Orabug: 39452100] {CVE-2026-45997}
- rtmutex: Use waiter::task instead of current in remove_waiter() (Keenan Dong) [Orabug: 39425998] {CVE-2026-43499}
- ceph: only d_add() negative dentries when they are unhashed (Max Kellermann) [Orabug: 39452291] {CVE-2026-46052}
- dm mirror: fix integer overflow in create_dirty_log() (Junrui Luo) [Orabug: 39452196] {CVE-2026-46023}
- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (Shuvam Pandey) [Orabug: 39452304] {CVE-2026-46056}
- tcp: call sk_data_ready() after listener migration (Zhenzhong Wu) [Orabug: 39452159] {CVE-2026-46015}
- inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails (Chia-Ming Chang) [Orabug:
39452250] {CVE-2026-46040}
- md/raid5: validate payload size before accessing journal metadata (Junrui Luo) [Orabug: 39452349] {CVE-2026-46070}
- md/raid5: fix soft lockup in retry_aligned_read() (Chia-Ming Chang) [Orabug: 39452287] {CVE-2026-46051}
- ext4: fix missing brelse() in ext4_xattr_inode_dec_ref_all() (Sohei Koyama) [Orabug: 39452269] {CVE-2026-46046}
- ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access (Deepanshu Kartikey) [Orabug:
39452442] {CVE-2026-46094}
- io_uring/poll: fix multishot recv missing EOF on wakeup race (Jens Axboe) {CVE-2026-23473}
- KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1 (Kevin Cheng) [Orabug: 39452372] {CVE-2026-46076}
- KVM: SVM: Inject #UD for INVLPGA if EFER.SVME=0 (Kevin Cheng) [Orabug: 39452394] {CVE-2026-46082}
- KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 (Yosry Ahmed) [Orabug: 39452061] {CVE-2026-45987}
- xfs: fix a resource leak in xfs_alloc_buftarg() (Haoxiang Li) [Orabug: 39452131] {CVE-2026-46005}
- libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (Raphael Zimmer) [Orabug:
39452201] {CVE-2026-46024}
- ipv4: icmp: validate reply type before using icmp_pointers (Ruide Cao) [Orabug: 39452243] {CVE-2026-46037}
- RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (Hkbinbin) [Orabug: 39452259] {CVE-2026-46043}
- net: qrtr: ns: Free the node during ctrl_cmd_bye() (Manivannan Sadhasivam) [Orabug: 39452246] {CVE-2026-46038}
- rxrpc: Fix rxkad crypto unalignment handling (David Howells) [Orabug: 39452728] {CVE-2026-46085}
- ALSA: caiaq: Handle probe errors properly (Takashi Iwai) [Orabug: 39452126] {CVE-2026-46004}
- rbd: fix null-ptr-deref when device_add_disk() fails (Dawei Feng) [Orabug: 39452385] {CVE-2026-46079}
- md/raid10: fix deadlock with check operation and nowait requests (Josh Hunt) [Orabug: 39452284] {CVE-2026-46050}
- jbd2: fix deadlock in jbd2_journal_cancel_revoke() (Zhang Yi) [Orabug: 39452318] {CVE-2026-46061}
- erofs: fix the out-of-bounds nameoff handling for trailing dirents (Gao Xiang) [Orabug: 39452380] {CVE-2026-46078}
- ALSA: ctxfi: Add fallback to default RSR for S/PDIF (Harin Lee) [Orabug: 39452280] {CVE-2026-46049}
- ext2: reject inodes with zero i_nlink and valid mode in ext2_iget() (Vasiliy Kovalev) [Orabug: 39452119] {CVE-2026-46002}
- net: qrtr: ns: Fix use-after-free in driver remove() (Manivannan Sadhasivam) [Orabug: 39452274] {CVE-2026-46047}
- net: strparser: fix skb_head leak in strp_abort_strp() (Luxiao Xu) [Orabug: 39452468] {CVE-2026-46102}
- ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names() (Ziqing Chen) [Orabug: 39452416] {CVE-2026-46088}
- crypto: pcrypt - Fix handling of MAY_BACKLOG requests (Herbert Xu) [Orabug: 39410863] {CVE-2026-43493}
- wifi: rtw88: check for PCI upstream bridge existence (Fedor Pchelkin) [Orabug: 39452437] {CVE-2026-46092}
- zram: do not forget to endio for partial discard requests (Sergey Senozhatsky) [Orabug: 39452420] {CVE-2026-46089}
- ocfs2: split transactions in dio completion to avoid credit exhaustion (Heming Zhao) [Orabug: 39452388] {CVE-2026-46080}
- drm/amdgpu: Limit BO list entry count to prevent resource exhaustion (Jesse Zhang) [Orabug: 39167551] {CVE-2026-23468}
- padata: Fix pd UAF once and for all (Herbert Xu) [Orabug: 38335055] {CVE-2025-38584}
- drm/nouveau: fix u32 overflow in pushbuf reloc bounds check (Greg Kroah-Hartman) [Orabug: 39452133] {CVE-2026-46006}
- ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES (Cassio Gabriel) [Orabug: 39452170] {CVE-2026-46018}
- Buffer overflow in drivers/xen/sys-hypervisor.c (Juergen Gross) [Orabug: 39305898] {CVE-2026-31786}
- xen/privcmd: fix double free via VMA splitting (Juergen Gross) [Orabug: 39305908] {CVE-2026-31787}
- rxrpc: Fix missing validation of ticket length in non-XDR key preparsing (Anderson Nascimento) [Orabug:
39300563] {CVE-2026-31696}
- crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed (Sean Christopherson) {CVE-2026-31697}
- crypto: ccp: Don't attempt to copy PDH cert to userspace if PSP command failed (Sean Christopherson) {CVE-2026-31698}
- crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed (Sean Christopherson) {CVE-2026-31699}
- net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() (Bingquan Chen) {CVE-2026-31700}
- ALSA: caiaq: take a reference on the USB device in create_card() (Berk Cem Goksel) [Orabug: 39300586] {CVE-2026-31701}
- smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path (Michael Bommarito) [Orabug:
39300607] {CVE-2026-31708}
- smb: client: require a full NFS mode SID before reading mode bits (Michael Bommarito) [Orabug: 39343707] {CVE-2026-43350}
- fuse: reject oversized dirents in page cache (Samuel Page) [Orabug: 39300556] {CVE-2026-31694}
- mm/pagewalk: fix race between concurrent split and refault (Max Boone) [Orabug: 39250782] {CVE-2026-31456}
- wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (Felix Fietkau) [Orabug: 39167472] {CVE-2026-23444}
- mm/userfaultfd: fix hugetlb fault mutex hash calculation (Jianhui Zhou) [Orabug: 39273453] {CVE-2026-31575}
- ipv6: add NULL checks for idev in SRv6 paths (Heminhong) [Orabug: 39167467] {CVE-2026-23442}
- ocfs2: fix out-of-bounds write in ocfs2_write_end_inline (Joseph Qi) [Orabug: 39331090] {CVE-2026-43075}
- ocfs2: validate inline data i_size during inode read (Deepanshu Kartikey) [Orabug: 39331097] {CVE-2026-43076}
- media: as102: fix to not free memory after the device is registered in as102_usb_probe() (Jeongjun Park) [Orabug: 39273467] {CVE-2026-31578}
- bcache: fix cached_dev.sb_bio use-after-free and crash (Mingzhe Zou) [Orabug: 39273481] {CVE-2026-31580}
- ALSA: 6fire: fix use-after-free on disconnect (Berk Cem Goksel) [Orabug: 39273486] {CVE-2026-31581}
- media: em28xx: fix use-after-free in em28xx_v4l2_open() (Abhishek Kumar) [Orabug: 39273493] {CVE-2026-31583}
- mm: blk-cgroup: fix use-after-free in cgwb_release_workfn() (Breno Leitao) [Orabug: 39273507] {CVE-2026-31586}
- KVM: x86: Use scratch field in MMIO fragment to hold small write values (Sean Christopherson) [Orabug:
39273521] {CVE-2026-31588}
- x86-64: rename misleadingly named '__copy_user_nocache()' function (Linus Torvalds) [Orabug: 39323162] {CVE-2026-43073}
- kernel: be more careful about dup_mmap() failures and uprobe registering (Liam R. Howlett) {CVE-2025-21709}
- gpiolib: fix race condition for gdev->srcu (Pawel Narewski) [Orabug: 38887677] {CVE-2026-22986}
- KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (Sean Christopherson) [Orabug:
39273529] {CVE-2026-31590}
- KVM: SEV: Reject attempts to sync VMSA of an already-launched/encrypted vCPU (Sean Christopherson) [Orabug: 39273553] {CVE-2026-31593}
- ocfs2: handle invalid dinode in ocfs2_group_extend (Zhengyuan Huang) [Orabug: 39273569] {CVE-2026-31596}
- ocfs2: fix use-after-free in ocfs2_fault() when VM_FAULT_RETRY (Tejas Bharambe) [Orabug: 39273578] {CVE-2026-31597}
- ocfs2: fix possible deadlock between unlink and dio_end_io_write (Joseph Qi) [Orabug: 39273586] {CVE-2026-31598}
- dcache: Limit the minimal number of bucket to two (Zhihao Cheng) [Orabug: 39323133] {CVE-2026-43071}
- ALSA: ctxfi: Limit PTP to a single page (Harin Lee) [Orabug: 39273608] {CVE-2026-31602}
- wifi: rtw88: fix device leak on probe failure (Johan Hovold) [Orabug: 39273620] {CVE-2026-31604}

Tenable has extracted the preceding description block directly from the Oracle Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://linux.oracle.com/errata/ELSA-2026-50372.html

Plugin Details

Severity: High

ID: 325292

File Name: oraclelinux_ELSA-2026-50372.nasl

Version: 1.1

Type: Local

Agent: unix

Published: 7/6/2026

Updated: 7/6/2026

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security, Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.5

Percentile: 99.86

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2026-23112

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 7.3

Threat Score: 7.3

Threat Vector: CVSS:4.0/E:A

Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS Score Source: CVE-2025-54518

Vulnerability Information

CPE: p-cpe:/a:oracle:linux:kernel-uek, p-cpe:/a:oracle:linux:kernel-uek-debug, p-cpe:/a:oracle:linux:kernel-uek-debug-devel, p-cpe:/a:oracle:linux:kernel-uek-devel, p-cpe:/a:oracle:linux:kernel-uek-doc, p-cpe:/a:oracle:linux:kernel-uek-tools, cpe:/o:oracle:linux:9, p-cpe:/a:oracle:linux:kernel-uek-core, p-cpe:/a:oracle:linux:kernel-uek-debug-core, p-cpe:/a:oracle:linux:kernel-uek-debug-modules, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-extra, p-cpe:/a:oracle:linux:kernel-uek-modules, p-cpe:/a:oracle:linux:kernel-uek-modules-extra, p-cpe:/a:oracle:linux:kernel-uek64k, p-cpe:/a:oracle:linux:kernel-uek64k-core, p-cpe:/a:oracle:linux:kernel-uek64k-modules, p-cpe:/a:oracle:linux:kernel-uek64k-modules-extra, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-core, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-deprecated, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-desktop, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-extra-netfilter, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-usb, p-cpe:/a:oracle:linux:kernel-uek-debug-modules-wireless, p-cpe:/a:oracle:linux:kernel-uek-modules-core, p-cpe:/a:oracle:linux:kernel-uek-modules-deprecated, p-cpe:/a:oracle:linux:kernel-uek-modules-desktop, p-cpe:/a:oracle:linux:kernel-uek-modules-extra-netfilter, p-cpe:/a:oracle:linux:kernel-uek-modules-usb, p-cpe:/a:oracle:linux:kernel-uek-modules-wireless, p-cpe:/a:oracle:linux:kernel-uek64k-modules-core, p-cpe:/a:oracle:linux:kernel-uek64k-modules-deprecated, p-cpe:/a:oracle:linux:kernel-uek64k-modules-desktop, p-cpe:/a:oracle:linux:kernel-uek64k-modules-extra-netfilter, p-cpe:/a:oracle:linux:kernel-uek64k-modules-usb, p-cpe:/a:oracle:linux:kernel-uek64k-modules-wireless, cpe:/o:oracle:linux:10, p-cpe:/a:oracle:linux:kernel-uek64k-devel

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/OracleLinux

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/2/2026

Vulnerability Publication Date: 4/9/2024

CISA Known Exploited Vulnerability Due Dates: 5/15/2026

Reference Information

CVE: CVE-2024-14027, CVE-2024-58096, CVE-2024-58097, CVE-2025-10263, CVE-2025-21709, CVE-2025-21717, CVE-2025-21882, CVE-2025-22116, CVE-2025-38426, CVE-2025-38431, CVE-2025-38584, CVE-2025-39764, CVE-2025-39816, CVE-2025-39832, CVE-2025-39858, CVE-2025-39979, CVE-2025-40135, CVE-2025-40147, CVE-2025-40219, CVE-2025-54518, CVE-2025-68209, CVE-2025-68239, CVE-2025-68333, CVE-2025-68334, CVE-2025-68351, CVE-2025-68358, CVE-2025-68725, CVE-2025-68736, CVE-2025-68737, CVE-2025-71152, CVE-2025-71161, CVE-2025-71197, CVE-2025-71222, CVE-2025-71224, CVE-2025-71225, CVE-2025-71229, CVE-2025-71231, CVE-2025-71232, CVE-2025-71234, CVE-2025-71235, CVE-2025-71236, CVE-2025-71238, CVE-2025-71268, CVE-2025-71269, CVE-2025-71273, CVE-2025-71274, CVE-2025-71286, CVE-2025-71294, CVE-2025-71295, CVE-2025-71297, CVE-2025-71305, CVE-2026-22981, CVE-2026-22985, CVE-2026-22986, CVE-2026-22993, CVE-2026-23004, CVE-2026-23057, CVE-2026-23058, CVE-2026-23059, CVE-2026-23060, CVE-2026-23061, CVE-2026-23062, CVE-2026-23069, CVE-2026-23071, CVE-2026-23072, CVE-2026-23073, CVE-2026-23074, CVE-2026-23076, CVE-2026-23078, CVE-2026-23082, CVE-2026-23083, CVE-2026-23084, CVE-2026-23085, CVE-2026-23086, CVE-2026-23087, CVE-2026-23088, CVE-2026-23089, CVE-2026-23091, CVE-2026-23095, CVE-2026-23097, CVE-2026-23099, CVE-2026-23100, CVE-2026-23101, CVE-2026-23103, CVE-2026-23104, CVE-2026-23105, CVE-2026-23107, CVE-2026-23108, CVE-2026-23110, CVE-2026-23111, CVE-2026-23112, CVE-2026-23113, CVE-2026-23119, CVE-2026-23120, CVE-2026-23123, CVE-2026-23124, CVE-2026-23125, CVE-2026-23126, CVE-2026-23128, CVE-2026-23129, CVE-2026-23131, CVE-2026-23133, CVE-2026-23138, CVE-2026-23146, CVE-2026-23148, CVE-2026-23151, CVE-2026-23154, CVE-2026-23155, CVE-2026-23156, CVE-2026-23157, CVE-2026-23159, CVE-2026-23161, CVE-2026-23163, CVE-2026-23164, CVE-2026-23166, CVE-2026-23168, CVE-2026-23173, CVE-2026-23177, CVE-2026-23178, CVE-2026-23179, CVE-2026-23188, CVE-2026-23189, CVE-2026-23190, CVE-2026-23191, CVE-2026-23193, CVE-2026-23198, CVE-2026-23199, CVE-2026-23200, CVE-2026-23201, CVE-2026-23202, CVE-2026-23204, CVE-2026-23205, CVE-2026-23207, CVE-2026-23209, CVE-2026-23210, CVE-2026-23212, CVE-2026-23213, CVE-2026-23214, CVE-2026-23215, CVE-2026-23216, CVE-2026-23219, CVE-2026-23223, CVE-2026-23229, CVE-2026-23230, CVE-2026-23231, CVE-2026-23237, CVE-2026-23240, CVE-2026-23243, CVE-2026-23244, CVE-2026-23245, CVE-2026-23246, CVE-2026-23249, CVE-2026-23250, CVE-2026-23251, CVE-2026-23252, CVE-2026-23253, CVE-2026-23254, CVE-2026-23255, CVE-2026-23260, CVE-2026-23261, CVE-2026-23262, CVE-2026-23264, CVE-2026-23266, CVE-2026-23270, CVE-2026-23271, CVE-2026-23273, CVE-2026-23274, CVE-2026-23276, CVE-2026-23277, CVE-2026-23278, CVE-2026-23279, CVE-2026-23281, CVE-2026-23285, CVE-2026-23286, CVE-2026-23289, CVE-2026-23290, CVE-2026-23292, CVE-2026-23293, CVE-2026-23296, CVE-2026-23297, CVE-2026-23300, CVE-2026-23302, CVE-2026-23303, CVE-2026-23304, CVE-2026-23306, CVE-2026-23307, CVE-2026-23309, CVE-2026-23310, CVE-2026-23312, CVE-2026-23313, CVE-2026-23315, CVE-2026-23316, CVE-2026-23317, CVE-2026-23318, CVE-2026-23319, CVE-2026-23321, CVE-2026-23335, CVE-2026-23336, CVE-2026-23340, CVE-2026-23343, CVE-2026-23351, CVE-2026-23352, CVE-2026-23354, CVE-2026-23356, CVE-2026-23357, CVE-2026-23359, CVE-2026-23360, CVE-2026-23362, CVE-2026-23365, CVE-2026-23367, CVE-2026-23368, CVE-2026-23369, CVE-2026-23370, CVE-2026-23373, CVE-2026-23374, CVE-2026-23375, CVE-2026-23379, CVE-2026-23380, CVE-2026-23381, CVE-2026-23382, CVE-2026-23383, CVE-2026-23386, CVE-2026-23388, CVE-2026-23389, CVE-2026-23390, CVE-2026-23391, CVE-2026-23392, CVE-2026-23395, CVE-2026-23396, CVE-2026-23397, CVE-2026-23398, CVE-2026-23399, CVE-2026-23401, CVE-2026-23412, CVE-2026-23413, CVE-2026-23414, CVE-2026-23417, CVE-2026-23420, CVE-2026-23434, CVE-2026-23438, CVE-2026-23439, CVE-2026-23440, CVE-2026-23441, CVE-2026-23442, CVE-2026-23443, CVE-2026-23444, CVE-2026-23445, CVE-2026-23447, CVE-2026-23448, CVE-2026-23449, CVE-2026-23452, CVE-2026-23454, CVE-2026-23455, CVE-2026-23456, CVE-2026-23457, CVE-2026-23458, CVE-2026-23461, CVE-2026-23462, CVE-2026-23465, CVE-2026-23468, CVE-2026-23474, CVE-2026-23475, CVE-2026-31389, CVE-2026-31392, CVE-2026-31393, CVE-2026-31394, CVE-2026-31396, CVE-2026-31399, CVE-2026-31400, CVE-2026-31402, CVE-2026-31403, CVE-2026-31405, CVE-2026-31406, CVE-2026-31407, CVE-2026-31408, CVE-2026-31411, CVE-2026-31413, CVE-2026-31414, CVE-2026-31415, CVE-2026-31416, CVE-2026-31418, CVE-2026-31419, CVE-2026-31421, CVE-2026-31422, CVE-2026-31423, CVE-2026-31424, CVE-2026-31426, CVE-2026-31427, CVE-2026-31428, CVE-2026-31429, CVE-2026-31430, CVE-2026-31431, CVE-2026-31434, CVE-2026-31436, CVE-2026-31438, CVE-2026-31440, CVE-2026-31441, CVE-2026-31446, CVE-2026-31447, CVE-2026-31448, CVE-2026-31449, CVE-2026-31450, CVE-2026-31451, CVE-2026-31452, CVE-2026-31453, CVE-2026-31454, CVE-2026-31455, CVE-2026-31456, CVE-2026-31458, CVE-2026-31462, CVE-2026-31466, CVE-2026-31467, CVE-2026-31469, CVE-2026-31470, CVE-2026-31473, CVE-2026-31474, CVE-2026-31479, CVE-2026-31480, CVE-2026-31487, CVE-2026-31488, CVE-2026-31489, CVE-2026-31492, CVE-2026-31494, CVE-2026-31495, CVE-2026-31496, CVE-2026-31497, CVE-2026-31498, CVE-2026-31500, CVE-2026-31503, CVE-2026-31504, CVE-2026-31505, CVE-2026-31506, CVE-2026-31508, CVE-2026-31510, CVE-2026-31511, CVE-2026-31512, CVE-2026-31513, CVE-2026-31514, CVE-2026-31515, CVE-2026-31516, CVE-2026-31518, CVE-2026-31519, CVE-2026-31520, CVE-2026-31521, CVE-2026-31522, CVE-2026-31523, CVE-2026-31524, CVE-2026-31525, CVE-2026-31527, CVE-2026-31528, CVE-2026-31530, CVE-2026-31531, CVE-2026-31532, CVE-2026-31533, CVE-2026-31540, CVE-2026-31542, CVE-2026-31546, CVE-2026-31548, CVE-2026-31550, CVE-2026-31551, CVE-2026-31552, CVE-2026-31554, CVE-2026-31555, CVE-2026-31556, CVE-2026-31557, CVE-2026-31561, CVE-2026-31563, CVE-2026-31565, CVE-2026-31566, CVE-2026-31570, CVE-2026-31575, CVE-2026-31578, CVE-2026-31580, CVE-2026-31581, CVE-2026-31583, CVE-2026-31586, CVE-2026-31588, CVE-2026-31590, CVE-2026-31593, CVE-2026-31596, CVE-2026-31597, CVE-2026-31598, CVE-2026-31602, CVE-2026-31604, CVE-2026-31607, CVE-2026-31614, CVE-2026-31624, CVE-2026-31625, CVE-2026-31628, CVE-2026-31634, CVE-2026-31638, CVE-2026-31639, CVE-2026-31642, CVE-2026-31647, CVE-2026-31648, CVE-2026-31649, CVE-2026-31651, CVE-2026-31656, CVE-2026-31657, CVE-2026-31658, CVE-2026-31659, CVE-2026-31661, CVE-2026-31662, CVE-2026-31664, CVE-2026-31665, CVE-2026-31666, CVE-2026-31667, CVE-2026-31668, CVE-2026-31669, CVE-2026-31670, CVE-2026-31671, CVE-2026-31672, CVE-2026-31673, CVE-2026-31674, CVE-2026-31675, CVE-2026-31676, CVE-2026-31677, CVE-2026-31678, CVE-2026-31679, CVE-2026-31680, CVE-2026-31681, CVE-2026-31682, CVE-2026-31683, CVE-2026-31684, CVE-2026-31685, CVE-2026-31689, CVE-2026-31693, CVE-2026-31694, CVE-2026-31696, CVE-2026-31697, CVE-2026-31698, CVE-2026-31699, CVE-2026-31700, CVE-2026-31701, CVE-2026-31708, CVE-2026-31709, CVE-2026-31729, CVE-2026-31731, CVE-2026-31733, CVE-2026-31738, CVE-2026-31752, CVE-2026-31758, CVE-2026-31759, CVE-2026-31761, CVE-2026-31762, CVE-2026-31763, CVE-2026-31765, CVE-2026-31767, CVE-2026-31772, CVE-2026-31773, CVE-2026-31774, CVE-2026-31776, CVE-2026-31778, CVE-2026-31779, CVE-2026-31781, CVE-2026-31786, CVE-2026-31787, CVE-2026-31788, CVE-2026-43012, CVE-2026-43013, CVE-2026-43014, CVE-2026-43015, CVE-2026-43016, CVE-2026-43017, CVE-2026-43018, CVE-2026-43019, CVE-2026-43020, CVE-2026-43023, CVE-2026-43024, CVE-2026-43025, CVE-2026-43026, CVE-2026-43027, CVE-2026-43028, CVE-2026-43030, CVE-2026-43033, CVE-2026-43035, CVE-2026-43036, CVE-2026-43037, CVE-2026-43038, CVE-2026-43040, CVE-2026-43041, CVE-2026-43043, CVE-2026-43046, CVE-2026-43047, CVE-2026-43049, CVE-2026-43050, CVE-2026-43051, CVE-2026-43052, CVE-2026-43054, CVE-2026-43056, CVE-2026-43057, CVE-2026-43059, CVE-2026-43060, CVE-2026-43061, CVE-2026-43062, CVE-2026-43063, CVE-2026-43064, CVE-2026-43065, CVE-2026-43066, CVE-2026-43068, CVE-2026-43069, CVE-2026-43071, CVE-2026-43072, CVE-2026-43073, CVE-2026-43074, CVE-2026-43075, CVE-2026-43076, CVE-2026-43077, CVE-2026-43078, CVE-2026-43079, CVE-2026-43080, CVE-2026-43084, CVE-2026-43085, CVE-2026-43086, CVE-2026-43089, CVE-2026-43090, CVE-2026-43091, CVE-2026-43092, CVE-2026-43093, CVE-2026-43094, CVE-2026-43099, CVE-2026-43104, CVE-2026-43105, CVE-2026-43107, CVE-2026-43110, CVE-2026-43111, CVE-2026-43112, CVE-2026-43113, CVE-2026-43114, CVE-2026-43117, CVE-2026-43119, CVE-2026-43120, CVE-2026-43123, CVE-2026-43124, CVE-2026-43125, CVE-2026-43126, CVE-2026-43128, CVE-2026-43129, CVE-2026-43130, CVE-2026-43132, CVE-2026-43133, CVE-2026-43134, CVE-2026-43135, CVE-2026-43136, CVE-2026-43137, CVE-2026-43139, CVE-2026-43140, CVE-2026-43143, CVE-2026-43147, CVE-2026-43150, CVE-2026-43152, CVE-2026-43153, CVE-2026-43156, CVE-2026-43158, CVE-2026-43161, CVE-2026-43163, CVE-2026-43167, CVE-2026-43168, CVE-2026-43169, CVE-2026-43170, CVE-2026-43171, CVE-2026-43177, CVE-2026-43178, CVE-2026-43180, CVE-2026-43186, CVE-2026-43187, CVE-2026-43189, CVE-2026-43190, CVE-2026-43194, CVE-2026-43199, CVE-2026-43201, CVE-2026-43206, CVE-2026-43210, CVE-2026-43211, CVE-2026-43214, CVE-2026-43215, CVE-2026-43218, CVE-2026-43220, CVE-2026-43223, CVE-2026-43231, CVE-2026-43233, CVE-2026-43238, CVE-2026-43239, CVE-2026-43243, CVE-2026-43246, CVE-2026-43248, CVE-2026-43251, CVE-2026-43252, CVE-2026-43253, CVE-2026-43255, CVE-2026-43257, CVE-2026-43260, CVE-2026-43261, CVE-2026-43262, CVE-2026-43264, CVE-2026-43265, CVE-2026-43266, CVE-2026-43271, CVE-2026-43273, CVE-2026-43275, CVE-2026-43277, CVE-2026-43278, CVE-2026-43279, CVE-2026-43281, CVE-2026-43284, CVE-2026-43287, CVE-2026-43288, CVE-2026-43289, CVE-2026-43292, CVE-2026-43304, CVE-2026-43306, CVE-2026-43313, CVE-2026-43314, CVE-2026-43315, CVE-2026-43316, CVE-2026-43318, CVE-2026-43319, CVE-2026-43320, CVE-2026-43328, CVE-2026-43329, CVE-2026-43332, CVE-2026-43333, CVE-2026-43334, CVE-2026-43336, CVE-2026-43338, CVE-2026-43339, CVE-2026-43341, CVE-2026-43350, CVE-2026-43357, CVE-2026-43359, CVE-2026-43360, CVE-2026-43361, CVE-2026-43362, CVE-2026-43363, CVE-2026-43365, CVE-2026-43366, CVE-2026-43368, CVE-2026-43370, CVE-2026-43371, CVE-2026-43374, CVE-2026-43381, CVE-2026-43382, CVE-2026-43383, CVE-2026-43392, CVE-2026-43393, CVE-2026-43394, CVE-2026-43395, CVE-2026-43397, CVE-2026-43403, CVE-2026-43405, CVE-2026-43406, CVE-2026-43407, CVE-2026-43408, CVE-2026-43409, CVE-2026-43411, CVE-2026-43413, CVE-2026-43415, CVE-2026-43419, CVE-2026-43420, CVE-2026-43425, CVE-2026-43427, CVE-2026-43428, CVE-2026-43429, CVE-2026-43430, CVE-2026-43432, CVE-2026-43436, CVE-2026-43437, CVE-2026-43438, CVE-2026-43439, CVE-2026-43441, CVE-2026-43444, CVE-2026-43445, CVE-2026-43448, CVE-2026-43449, CVE-2026-43450, CVE-2026-43451, CVE-2026-43452, CVE-2026-43453, CVE-2026-43456, CVE-2026-43459, CVE-2026-43466, CVE-2026-43468, CVE-2026-43469, CVE-2026-43470, CVE-2026-43471, CVE-2026-43472, CVE-2026-43473, CVE-2026-43475, CVE-2026-43482, CVE-2026-43483, CVE-2026-43484, CVE-2026-43486, CVE-2026-43487, CVE-2026-43488, CVE-2026-43491, CVE-2026-43493, CVE-2026-43499, CVE-2026-43500, CVE-2026-43501, CVE-2026-43503, CVE-2026-45847, CVE-2026-45851, CVE-2026-45852, CVE-2026-45853, CVE-2026-45855, CVE-2026-45856, CVE-2026-45857, CVE-2026-45858, CVE-2026-45859, CVE-2026-45860, CVE-2026-45861, CVE-2026-45862, CVE-2026-45868, CVE-2026-45870, CVE-2026-45871, CVE-2026-45872, CVE-2026-45873, CVE-2026-45877, CVE-2026-45878, CVE-2026-45886, CVE-2026-45888, CVE-2026-45890, CVE-2026-45892, CVE-2026-45894, CVE-2026-45895, CVE-2026-45898, CVE-2026-45899, CVE-2026-45905, CVE-2026-45910, CVE-2026-45912, CVE-2026-45913, CVE-2026-45914, CVE-2026-45915, CVE-2026-45916, CVE-2026-45917, CVE-2026-45919, CVE-2026-45920, CVE-2026-45922, CVE-2026-45923, CVE-2026-45925, CVE-2026-45933, CVE-2026-45941, CVE-2026-45942, CVE-2026-45943, CVE-2026-45947, CVE-2026-45948, CVE-2026-45949, CVE-2026-45957, CVE-2026-45962, CVE-2026-45964, CVE-2026-45968, CVE-2026-45970, CVE-2026-45972, CVE-2026-45973, CVE-2026-45974, CVE-2026-45976, CVE-2026-45982, CVE-2026-45983, CVE-2026-45984, CVE-2026-45985, CVE-2026-45987, CVE-2026-45988, CVE-2026-45997, CVE-2026-45998, CVE-2026-46000, CVE-2026-46002, CVE-2026-46003, CVE-2026-46004, CVE-2026-46005, CVE-2026-46006, CVE-2026-46015, CVE-2026-46018, CVE-2026-46021, CVE-2026-46023, CVE-2026-46024, CVE-2026-46026, CVE-2026-46028, CVE-2026-46033, CVE-2026-46037, CVE-2026-46038, CVE-2026-46040, CVE-2026-46043, CVE-2026-46046, CVE-2026-46047, CVE-2026-46048, CVE-2026-46049, CVE-2026-46050, CVE-2026-46051, CVE-2026-46052, CVE-2026-46056, CVE-2026-46061, CVE-2026-46069, CVE-2026-46070, CVE-2026-46076, CVE-2026-46078, CVE-2026-46079, CVE-2026-46080, CVE-2026-46082, CVE-2026-46083, CVE-2026-46084, CVE-2026-46085, CVE-2026-46086, CVE-2026-46088, CVE-2026-46089, CVE-2026-46091, CVE-2026-46092, CVE-2026-46094, CVE-2026-46099, CVE-2026-46101, CVE-2026-46102, CVE-2026-46109, CVE-2026-46165, CVE-2026-46242, CVE-2026-46243, CVE-2026-46300, CVE-2026-46331, CVE-2026-46333, CVE-2026-52943, CVE-2026-53359

IAVA: 2026-A-0428