CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-53028

In the Linux kernel, the following vulnerability has been resolved: usb: typec: Fix error pointer dereference The variable tps-partner is checked for an error pointer and then if it is, it sends an error message but does not return and then immediately dereferenced a few lines below: tps-partner ...

5.6AI score0.00166EPSS

CVE-2026-53027

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix missing run load for vcn0 in attrdatagetblocklocked When a compressed or sparse attribute has its clusters frame-aligned, vcn is rounded down to the frame start using cmask, which can result in vcn != vcn0. In this...

5.7AI score0.00155EPSS

Debian CVE•added 5 days ago•5 views

CVE-2026-53026

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix nfs4file access extra count in nfsd4addrdaccesstowrdeleg In nfsd4addrdaccesstowrdeleg, if fp-fifdsORDONLY is already set by another thread, nfs4filegetaccess should not be called to increment the nfs4file access count...

7.5CVSS5.7AI score0.00432EPSS

Debian CVE•added 5 days ago•5 views

CVE-2026-53025

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free on cdev close This addresses a use-after-free bug when a raw bundle is disconnected but its chardev is still opened by an application. When the application releases the cdev, it causes the followi...

7.8CVSS5.6AI score0.00129EPSS

7.8CVSS5.6AI score0.00129EPSS

CVE-2026-53024

In the Linux kernel, the following vulnerability has been resolved: greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with the following trace with CONFIGINITONFREEDEFAULTON=y: BUG: kernel NULL...

CVE-2026-53023

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: terminate the cached volume label after UTF-8 conversion ntfsfillsuper loads the on-disk volume label with utf16stoutf8s and stores the result in sbi-volume.label. The converted label is later exposed through...

5.7AI score0.00172EPSS

CVE•added 5 days ago•6 views

CVE-2026-53022

The CVE-2026-53022 issue affects the Linux kernel (platform/x86: dell-wmi-sysman). The vulnerability arises in populate_enum_data(), where firmware-provided value-modifier and possible-value strings are appended with raw strcat() into fixed 512-byte members, after per-source bounds checks, enabli...

5.8AI score0.00172EPSS

Exploits0References7

CVE-2026-53022

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...

5.7AI score0.00172EPSS

CVE-2026-53021

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix integer overflow in UNMAP bounds check sbcexecuteunmap checks LBA + range does not exceed the device capacity, but does not guard against LBA + range wrapping around on 64-bit overflow. Add an overflow che...

5.8AI score0.00176EPSS

Cvelist•added 5 days ago•25 views

CVE-2026-53020 um: Fix potential race condition in TLB sync

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential race condition in TLB sync During the TLB sync, we need to traverse and modify the page table, so we should hold the page table lock. Since full SMP support for threads within the same process is still missing,...

7.8CVSS0.0012EPSS

Exploits0References2

7.8CVSS5.7AI score0.0012EPSS

CVE-2026-53020

CVE-2026-53018

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid reading already updated pages during GC We found the following issue during fuzz testing: page: refcount:3 mapcount:0 mapping:00000000b6e89c65 index:0x18b2dc pfn:0x161ba9 memcg:f8ffff800e269c00 aops:f2fsmetaaops ino:2...

5.6AI score0.00166EPSS

CVE-2026-53019

In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufreq scaling...

5.6AI score0.00166EPSS

CVE-2026-53017

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix data loss caused by incorrect use of natentry flag Data loss can occur when fsync is performed on a newly created file before any checkpoint has been written concurrently with a checkpoint operation. The scenario is as...

5.6AI score0.00162EPSS

Cvelist•added 5 days ago•25 views

CVE-2026-53016 crypto: ccp - copy IV using skcipher ivsize

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - copy IV using skcipher ivsize AFALG rfc3686-ctr-aes-ccp requests pass an 8-byte IV to the driver. ccpaescomplete restores AESBLOCKSIZE bytes into the caller's IV buffer while RFC3686 skciphers expose an 8-byte IV, s...

7.8CVSS0.00129EPSS

Exploits0References8

CVE•added 5 days ago•4 views

CVE-2026-53016

Summary of CVE-2026-53016 (Linux kernel): The vulnerability exists in the crypto CCP driver when handling AF_ALG rfc3686-ctr-aes-ccp requests. The function ccp_aes_complete() restores AES_BLOCK_SIZE bytes into the caller’s IV buffer, but RFC3686 skciphers expose an 8-byte IV, leading to a buffer ...

7.8CVSS5.7AI score0.00129EPSS

Exploits0References8

7.8CVSS5.9AI score0.00129EPSS

CVE-2026-53016

CVE-2026-53015

In the Linux kernel, the following vulnerability has been resolved: erofs: unify lcn as u64 for 32-bit platforms As sashiko reported 1, lcn was typed as unsigned long or unsigned int sometimes, which is only 32 bits wide on 32-bit platforms, which causes lcn lclusterbits to be truncated at 4 GiB...

5.6AI score0.00168EPSS