KEV · Actively exploited

CVE-2026-31431

HIGH 7.8 KEV Published on 2026-04-14

crypto: algif_aead - Revert to operating out-of-place

EPSS 2.24% above median percentile 84.9%

CISA Known Exploited Vulnerability

Added to KEV: 2026-05-01
Remediation deadline: 2026-05-15
Required action: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Ransomware: No