Loading...
Score 7.5 from GitHub Security Advisory (severity: HIGH) published 2026-05-08. NVD baseline CVSS 7.5; sources differ by 0.0.
In the Linux kernel, the following vulnerability has been resolved:
net: ncsi: fix skb leak in error paths
Early return paths in NCSI RX and AEN handlers fail to release the received skb, resulting in a memory leak.
Specifically, ncsi_aen_handler() returns on invalid AEN packets without consuming the skb. Similarly, ncsi_rcv_rsp() exits early when failing to resolve the NCSI device, response handler, or request, leaving the skb unfreed.
May 8, 2026
May 15, 2026
These vendors published their own advisory mentioning this CVE — often with vendor-specific remediation steps + affected product lists not in NVD.
See which npm, PyPI, Go, and Maven packages are affected by CVE-2026-43373
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.