CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•5 views

EUVD-2026-38968

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: fix deadlock in remain-on-channel mt76remainonchannel and mt76roccomplete call mt76setchannel while already holding dev-mutex. Since mt76setchannel also acquires dev-mutex, this results in a deadlock. Use mt76setchann...

5.7AI score0.00166EPSS

Exploits0References3

Debian CVE•added 5 days ago•3 views

CVE-2026-53099

In the Linux kernel, the following vulnerability has been resolved: bpf: Switch CONFIGCFICLANG to CONFIGCFI This was renamed in commit 23ef9d439769 "kcfi: Rename CONFIGCFICLANG to CONFIGCFI" as it is now a compiler-agnostic option. Using the wrong name results in the code getting compiled out...

5.7AI score0.00156EPSS

EUVD•added 5 days ago•4 views

EUVD-2026-38967

5.8AI score0.00156EPSS

Debian CVE•added 5 days ago•3 views

CVE-2026-53098

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix use-after-free bugs in mt7915macdumpwork When the mt7915 pci chip is detaching, the mt7915crashdata is released in mt7915coredumpunregister. However, the work item dumpwork may still be running or pending,...

5.6AI score0.00168EPSS

Debian CVE•added 5 days ago•3 views

CVE-2026-53097

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix use-after-free bugs in mt7996macdumpwork When the mt7996 pci chip is detaching, the mt7996crashdata is released in mt7996coredumpunregister. However, the work item dumpwork may still be running or pending,...

5.6AI score0.00168EPSS

EUVD•added 5 days ago•4 views

EUVD-2026-38965

5.7AI score0.00168EPSS

Exploits0References4

7.8CVSS5.7AI score0.00132EPSS

CVE-2026-53096

In the Linux kernel, the following vulnerability has been resolved: bpf: Use RCU-safe iteration in devmapredirectmulti SKB path The DEVMAPHASH branch in devmapredirectmulti uses hlistforeachentrysafe to iterate hash buckets, but this function runs under RCU protection called from...

EUVD•added 5 days ago•5 views

EUVD-2026-38964

5.7AI score0.00132EPSS

Exploits0References7

CVE-2026-53095

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix abuse of kprobewritectx via freplace uprobe programs are allowed to modify struct ptregs. Since the actual program type of uprobe is KPROBE, it can be abused to modify struct ptregs via kprobe+freplace when the kprobe...

5.6AI score0.00166EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-53094 bpf: Fix stale offload->prog pointer after constant blinding

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stale offload-prog pointer after constant blinding When a dev-bound-only BPF program BPFFXDPDEVBOUNDONLY undergoes JIT compilation with constant blinding enabled bpfjitharden = 2, bpfjitblindconstants clones the program...

7.8CVSS0.00128EPSS

Exploits0References5

7.8CVSS5.7AI score0.00128EPSS

CVE-2026-53094

CVE-2026-53093

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detected by Smatch:...

5.6AI score0.00176EPSS

EUVD•added 5 days ago•3 views

EUVD-2026-38961

5.7AI score0.00176EPSS

Exploits0References8

7.8CVSS5.4AI score0.00127EPSS

CVE-2026-53092

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix linked reg delta tracking when srcreg == dstreg Consider the case of rX += rX where srcreg and dstreg are pointers to the same bpfregstate in adjustregminmaxvals. The latter first modifies the dstreg in-place, and later ...

CVE•added 5 days ago•10 views

CVE-2026-53092

CVE-2026-53092 affects the Linux kernel’s BPF subsystem . The root cause is in register delta tracking when the same source and destination registers are used (e.g., rX += rX). In adjust_reg_min_max_vals(), the code mutates the destination in-place, and later, when evaluating the source register,...

7.8CVSS5.5AI score0.00127EPSS

Exploits0References3

CVE•added 5 days ago•8 views

CVE-2026-53091

The CVE-2026-53091 issue concerns the Linux kernel’s handling of GSO packet headers during qdisc_pkt_len_segs_init(). The root cause is that many ndo_start_xmit() paths assume headers are already in skb->head, while tso_build_hdr() may copy from skb->data, and qdisc_pkt_len_segs_init() diss...

8.4CVSS5.8AI score0.00117EPSS

Debian CVE•added 5 days ago•8 views

CVE-2026-53091

In the Linux kernel, the following vulnerability has been resolved: net: pull headers in qdiscpktlensegsinit Most ndostartxmit methods expects headers of gso packets to be already in skb-head. net/core/tso.c users are particularly at risk, because tsobuildhdr does a memcpyhdr, skb-data, hdrlen;...

8.4CVSS5.7AI score0.00117EPSS

EUVD•added 5 days ago•3 views

EUVD-2026-38959

5.8AI score0.00117EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-53091 net: pull headers in qdisc_pkt_len_segs_init()

8.4CVSS0.00117EPSS