4,309 CVEs

47 in CISA KEV

canonical Vulnerabilities

CVE security advisories and vulnerability history for canonical.

4,309

Total CVEs

Published

47

In CISA KEV

Exploited in the wild

495

Public exploits

With known exploit

6.3

Avg CVSS

2004–2026

Overview

canonical has 4,309 published CVE records since 2004, of which 47 are in CISA's Known Exploited Vulnerabilities catalog and 495 have a known public exploit. The average CVSS base score across scored CVEs is 6.3.

This page aggregates every publicly disclosed vulnerability (CVE) affecting canonical products, with severity breakdowns, the most-affected products, the most common weakness types, and the latest disclosures.

Severity and exploitation

How the CVSS severity of canonical's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical57

High247

Medium330

Low81

3,594 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

47

47 of canonical's CVEs are confirmed exploited in the wild.

Public exploits

495

495 of canonical's CVEs have a known public exploit available.

Most affected products

The canonical products with the most published CVEs.

ubuntu linux4,189 CVEs
debian linux2,262 CVEs
enterprise linux server787 CVEs
enterprise linux desktop773 CVEs
enterprise linux workstation770 CVEs
fedora768 CVEs
leap747 CVEs
linux kernel611 CVEs

Common weakness types

The CWE weakness categories most often found in canonical CVEs. Follow any weakness for its full explanation.

CNAs that assign these CVEs

The CVE Numbering Authorities that publish canonical CVE records.

Disclosure activity by year

How many canonical CVEs were published each year.

2019

711

2020

582

2021

35

2022

37

2023

32

2024

57

2025

33

2026

37

Latest canonical CVEs

The most recently disclosed vulnerabilities affecting canonical.

NULL pointer dereference in Ubuntu Linux AppArmor IPv4/IPv6 socket mediation
CWE-476
Low · CVSS 3.3
EPSS 0.0%2026-05-28
Use of uninitialized value in Ubuntu Linux AppArmor IPv4/IPv6 socket mediation rules
CWE-457
Low · CVSS 3.3
EPSS 0.0%2026-05-28
NULL pointer dereference in Ubuntu Linux AppArmor notification handling
CWE-476
Medium · CVSS 5.5
EPSS 0.0%2026-05-28
Deadlock or kernel panic in Ubuntu Linux AppArmor notification handling
CWE-833
Medium · CVSS 5.5
EPSS 0.0%2026-05-28
Out-of-bounds read in Ubuntu Linux AppArmor notification handling
CWE-125
High · CVSS 7.8
EPSS 0.0%2026-05-28
Out-of-bounds read in Ubuntu Linux AppArmor notification handling
CWE-125
Medium · CVSS 5.5
EPSS 0.0%2026-05-28
Use-after-free in Ubuntu Linux AppArmor notification handling
CWE-416
High · CVSS 7.8
EPSS 0.0%2026-05-28
Use of uninitialized value in Ubuntu Linux AppArmor notification handling
CWE-457
Low · CVSS 3.3
EPSS 0.0%2026-05-28
Incorrect validation of field size in Ubuntu Linux AppArmor notification responses
CWE-1284
Low · CVSS 3.3
EPSS 0.0%2026-05-28
Invalid pointer deallocation in Ubuntu Linux AppArmor notification handling
CWE-590
Medium · CVSS 6.1
EPSS 0.0%2026-05-28
NULL pointer dereference in Ubuntu Linux AppArmor notification handling
CWE-476
Low · CVSS 3.3
EPSS 0.0%2026-05-28
Memory leak in Ubuntu Linux AppArmor large notification response allocation
CWE-401
Medium · CVSS 5.5
EPSS 0.0%2026-05-28

Track new canonical CVEs as they are disclosed and get AI-written analysis and remediation guidance.

Monitor canonical CVEs

Other vendors

Browse vulnerabilities for other tracked vendors.

fedoraproject5,442 CVEs composer5,054 CVEs Oracle Corporation4,928 CVEs pip4,735 CVEs npm4,026 CVEs mozilla3,612 CVEs opensuse3,298 CVEs Siemens3,230 CVEs

Browse all vendors

Frequently asked questions

Common questions about canonical vulnerabilities.

How many CVEs does canonical have?

canonical has 4,309 published CVE records since 2004, including 70 in the last two years.

How many canonical CVEs are in CISA KEV?

Yes — 47 of canonical's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.

Which canonical products have the most CVEs?

The canonical products with the most published CVEs are ubuntu linux, debian linux, enterprise linux server, enterprise linux desktop, enterprise linux workstation.

What are the most common weakness types in canonical CVEs?

canonical's CVEs most often map to these CWE weakness types: CWE-125 (Out-of-bounds Read), CWE-416 (Use After Free), CWE-20 (Improper Input Validation), CWE-400 (Uncontrolled Resource Consumption).

Are there public exploits for canonical vulnerabilities?

Yes — 495 of canonical's CVEs have a known public exploit.

How many critical canonical vulnerabilities are there?

canonical has 57 critical and 247 high-severity CVEs.

What is the average severity of canonical CVEs?

The average CVSS base score across canonical's scored CVEs is 6.3.

References

Vulnerability data is sourced from the CVE Program; severity, KEV, and exploit signals are aggregated by RadicalNotion.AI.

Track canonical vulnerabilities

Monitor new canonical vulnerabilities as they are disclosed, with AI-written analysis and remediation guidance.

Start free See pricing