The SOS Intelligence CVE Chatter Weekly Top Ten – 11 May 2026

by Amir Hadzipasic

This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.

There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.

We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.

If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!

1. CVE-2026-31431

In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead – Revert to operating out-of-place

This mostly reverts commit 72548b093ee3 except for the copying of
the associated data.

There is no benefit in operating in-place in algif_aead since the
source and destination come from different mappings. Get rid of
all the complexity added for in-place operation and just copy the
AD directly.

https://nvd.nist.gov/vuln/detail/CVE-2026-31431

2. CVE-2024-34102

Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0.

https://nvd.nist.gov/vuln/detail/CVE-2024-34102

3. CVE-2016-10033

https://nvd.nist.gov/vuln/detail/CVE-2016-10033

4. CVE-2017-8759

https://nvd.nist.gov/vuln/detail/CVE-2017-8759

5. CVE-2021-40539

https://nvd.nist.gov/vuln/detail/CVE-2021-40539

6. CVE-2022-21227

https://nvd.nist.gov/vuln/detail/CVE-2022-21227

7. CVE-2024-38063

https://nvd.nist.gov/vuln/detail/CVE-2024-38063

8. CVE-2024-49113

https://nvd.nist.gov/vuln/detail/CVE-2024-49113

9. CVE-2025-0368

https://nvd.nist.gov/vuln/detail/CVE-2025-0368

10. CVE-2025-14847

https://nvd.nist.gov/vuln/detail/CVE-2025-14847

cve chatter weekly top ten CVE intelligence SOS Intelligence

Cryptocurrency Fraud Tools: A Dark Web Marketplace Analysis

The SOS Intelligence CVE Chatter Weekly Top Ten – 04 May 2026

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.