xen

511 tracked vulnerabilities.

CVE-2026-42486 CRITICAL
Multiple RBAC issues in XAPI
Jul 09, 2026
EPSS 0.00
CVE-2026-23562 CRITICAL
Multiple RBAC issues in XAPI
Jul 09, 2026
EPSS 0.00
CVE-2026-23561 CRITICAL
Multiple RBAC issues in XAPI
Jul 09, 2026
EPSS 0.00
CVE-2026-23560 CRITICAL
Multiple RBAC issues in XAPI
Jul 09, 2026
EPSS 0.00
CVE-2026-23559 CRITICAL
Multiple RBAC issues in XAPI
Jul 09, 2026
EPSS 0.00
CVE-2026-23556 CRITICAL
oxenstored keeps quota related use counts across domain destruction
Jul 09, 2026
EPSS 0.00
CVE-2026-42490 MEDIUM
domctl lock open to abuse
Jun 18, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-42489 MEDIUM
domctl lock open to abuse
Jun 18, 2026
CVSS 5.3
EPSS 0.00
CVE-2026-42488 HIGH
x86: mismatched mapcache metadata
Jun 18, 2026
CVSS 8.1
EPSS 0.00
CVE-2026-42487 HIGH
x86 HVM I/O port list traversal
Jun 18, 2026
CVSS 7.9
EPSS 0.00
CVE-2026-23558 HIGH
grant table v2 race in status page mapping
May 19, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-23557 MEDIUM
Xenstored DoS via XS_RESET_WATCHES command
May 19, 2026
CVSS 6.5
EPSS 0.00
CVE-2026-23555 HIGH
Xenstored DoS by unprivileged domain
Mar 23, 2026
CVSS 7.1
EPSS 0.00
CVE-2026-23554 HIGH
Use after free of paging structures in EPT
Mar 23, 2026
CVSS 7.8
EPSS 0.00
CVE-2026-23553 LOW
Xen >=4.6.0 - Improper Branch Target Buffer Isolation via IBPB Skip
Jan 28, 2026
CVSS 2.9
EPSS 0.00
CVE-2025-58151 CRITICAL
varstored: TOCTOU issues with mapped guest memory
Jul 09, 2026
EPSS 0.00
CVE-2025-58146 CRITICAL
XAPI UTF-8 string handling
Jul 09, 2026
EPSS 0.00
CVE-2025-27464 CRITICAL
WinPVDrivers: Excessive permissions on user-exposed devices
Jul 09, 2026
EPSS 0.00
CVE-2025-27463 CRITICAL
WinPVDrivers: Excessive permissions on user-exposed devices
Jul 09, 2026
EPSS 0.00
CVE-2025-27462 CRITICAL
WinPVDrivers: Excessive permissions on user-exposed devices
Jul 09, 2026
EPSS 0.00
CVE-2025-58150 HIGH
Xen - Out-of-bounds Write in Shadow Mode Tracing Code
Jan 28, 2026
CVSS 8.8
EPSS 0.00
CVE-2025-58149 HIGH
Xen >=4.0.0 - Use-After-Free in PCI Device Detach Logic
Oct 31, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58148 HIGH
Xen >=4.15.0 - Out-of-bounds Read and Write via Viridian Hypercall vCPU Mask Processing
Oct 31, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58147 HIGH
Xen >=4.15.0 - Out-of-bounds Read and Write via Viridian Hypercall vCPU Mask Handling
Oct 31, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58145 HIGH
Xen 4.12.0-4.16.x - Race Condition in Page Mapping
Sep 11, 2025
CVSS 7.5
EPSS 0.00