A vulnerability described as critical has been identified in Linux Kernel up to 6.18.35/7.0.12 . Affected is the function ipv6_chk_acast_addr of the file appspot.com of the component ipv6 . The manipulation of the argument inet6_acaddr_lst[] results in use after free. This vulnerability is reported as CVE-2026-53259 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.