In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: ISO: Fix not releasing hdev reference on isoconnbig_sync
hcigetroute() returns a reference-counted hcidev pointer via hcidev_hold(). The function exits normally or with an error without ever releasing it.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/53xxx/CVE-2026-53251.json",
"cna_assigner": "Linux"
}