Osnova onyx

This hub aggregates every CVE we track for Osnova onyx, a product in the operating systems space. Use it to gauge the current risk picture and drill into individual advisories.

Operating Systemson-premos

8,999

CVEs tracked

480

Critical

3,782

High

109

In CISA KEV

Severity distribution

MEDIUM4,511HIGH3,782CRITICAL480LOW226

Monthly trend

332

229

239

305

217

271

193

123

222

237

113

235

2024-072026-06

Latest CVEs

See all →

The 15 most recently published vulnerabilities affecting Osnova onyx.

CVE-2026-43500rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present7.8May 11, 2026
CVE-2026-43284xfrm: esp: avoid in-place decrypt on shared skb frags8.8May 8, 2026
CVE-2026-31431crypto: algif_aead - Revert to operating out-of-placeKEV7.8Apr 22, 2026
CVE-2025-43904In SchedMD Slurm before 24.11.5, 24.05.8, and 23.11.11, the accounting system can allow a Coordinator to promote a user to Administrator.4.2Jan 16, 2026
CVE-2025-24528In MIT Kerberos 5 (aka krb5) before 1.22 (with incremental propagation), there is an integer overflow for a large update size to resize() in kdb_log.c. An authenticated attacker can cause an out-of...7.1Jan 16, 2026
CVE-2025-14373Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity...4.3Dec 12, 2025
CVE-2025-14372Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: M...6.1Dec 12, 2025
CVE-2025-14333Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 1468.1Dec 9, 2025
CVE-2025-14331Same-origin policy bypass in the Request Handling component6.5Dec 9, 2025
CVE-2025-14330JIT miscompilation in the JavaScript Engine: JIT component9.8Dec 9, 2025
CVE-2025-14329Privilege escalation in the Netmonitor component8.8Dec 9, 2025
CVE-2025-14328Privilege escalation in the Netmonitor component8.8Dec 9, 2025
CVE-2025-14325JIT miscompilation in the JavaScript Engine: JIT component7.3Dec 9, 2025
CVE-2025-14324JIT miscompilation in the JavaScript Engine: JIT component9.8Dec 9, 2025
CVE-2025-14323Privilege escalation in the DOM: Notifications component8.8Dec 9, 2025

Product normalization is registry-driven with AI assist and human review. How it works