CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2 days ago•3 views

CVE-2026-46246

In the Linux kernel, the following vulnerability has been resolved: power: supply: pm8916lbc: Fix use-after-free for extcon in IRQ handler Using the devm variant for requesting IRQ before the devm variant for allocating/registering the extcon handle, means that the extcon handle will be...

Exploits0References5Affected Software1

Debian CVE•added 2 days ago•4 views

CVE-2026-46246

EUVD•added 2 days ago•4 views

EUVD-2026-34107

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dclink NULL handling in HPD init amdgpudmhpdinit may see connectors without a valid dclink. The code already checks dclink for the polling decision, but later unconditionally dereferences it when setting up H...

Cvelist•added 2 days ago•28 views

Exploits0References2

CVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD init

0.00018EPSS

Exploits0References2

Debian CVE•added 2 days ago•4 views

CVE-2026-46245

Debian CVE•added 2 days ago•6 views

CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

Debian CVE•added 2 days ago•4 views

CVE-2025-71313

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

EUVD•added 2 days ago•5 views

EUVD-2025-210056

ATTACKERKB•added 2 days ago•3 views

Exploits0References2

CVE-2025-71313

Exploits0References3Affected Software1

EUVD•added 2 days ago•5 views

EUVD-2026-34106

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: Fix IPv6 innerthoff desync In nftinnerparsel2l3, when processing inner IPv6 packets, ipv6findhdr correctly computes the transport header offset traversing all extension headers, but the result is immediately...

ATTACKERKB•added 2 days ago•4 views

CVE-2026-46244

Exploits0References6Affected Software1

Debian CVE•added 2 days ago•3 views

CVE-2026-46244

9.1CVSS5.7AI score0.00018EPSS

CVE•added 2 days ago•6 views

CVE-2026-46244

The CVE-2026-46244 issue affects the Linux kernel netfilter nft_inner path. In nft_inner_parse_l2l3(), while handling inner IPv6 packets, ipv6_find_hdr() computes the transport header offset correctly across extension headers, but the code later overwrites this value with nhoff + sizeof(_ip6h) (4...

9.1CVSS5.8AI score0.00018EPSS

Cvelist•added 2 days ago•29 views

CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync

9.1CVSS0.00018EPSS

7.8CVSS5.7AI score0.00022EPSS

kernel: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

7.8CVSS5.9AI score0.00013EPSS

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

RedHat Linux•added 2 days ago•4 views

kernel: md/bitmap: fix GPF in write_page caused by resize race

A flaw was found in the Linux kernel's md/bitmap component. This vulnerability involves a use-after-free race condition that occurs during array resize operations. When the bitmapdaemonwork and bitmapresize functions execute concurrently, they can access memory pages that have already been freed...

4.7CVSS5.9AI score0.00012EPSS

8.8CVSS5.8AI score0.00053EPSS

kernel: smb: client: validate the whole DACL before rewriting it in cifsacl

A flaw was found in the Linux kernel's Server Message Block SMB client, specifically within the cifsacl functionality. A malicious SMB server could provide a malformed Discretionary Access Control List DACL that claims to contain more Access Control Entries ACEs than are actually present. This...

9.8CVSS5.8AI score0.00076EPSS

kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()

A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...