CVE reports
The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section
Search CVEs
By Ubuntu release
Recent CVEs
CVE-2025-4664
High priorityInsufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
1 affected package
chromium-browser
CVE-2025-32433
High prioritySome fixes available 5 of 8
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By...
1 affected package
erlang
CVE-2023-52927
High prioritySome fixes available 65 of 90
In the Linux kernel, the following vulnerability has been resolved: netfilter: allow exp not to be removed in nf_ct_find_expectation Currently nf_conntrack_in() calling nf_ct_find_expectation() will remove the exp from the hash...
133 affected packages
linux, linux-allwinner-5.19, linux-aws, linux-aws-5.0, linux-aws-5.11...
CVE-2025-24201
High prioritySome fixes available 3 of 18
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4,...
5 affected packages
qtwebkit-opensource-src, qtwebkit-source, webkit2gtk, webkitgtk, wpewebkit
CVE-2025-24813
High priorityPath Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat. This issue affects...
5 affected packages
tomcat10, tomcat6, tomcat7, tomcat8, tomcat9
Resources
Join the discussion
Ubuntu Pro
10-year security coverage for Ubuntu and 23,000 open-source applications and toolchains.
Get Ubuntu ProFrom our blog
- Ubuntu Explained: How to ensure security and stability in cloud instances—part 3
- Ubuntu Explained: How to ensure security and stability in cloud instances—part 2
- Running OpenSSL 1.1.1 after EOL? Stay secure with Ubuntu Pro.
- Restricted unprivileged user namespaces are coming to Ubuntu 23.10
- Securing open source software dependencies in the public cloud