CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/27 12:56 p.m.•14 views

EUVD-2026-32401

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

5.9AI score0.00022EPSS

CVE•added 2026/05/27 12:56 p.m.•15 views

CVE-2026-46018

In the Linux kernel ALSA USB audio path, the vulnerability arises from parse_uac2_sample_rate_range() capping the number of enumerated UAC2 sample rates at MAX_NR_RATES but only exiting the inner loop. A malformed UAC2 RANGE response with extra triplets can continue parsing, causing repeated "inv...

5.8AI score0.00037EPSS

Exploits0References8

Cvelist•added 2026/05/27 12:56 p.m.•42 views

CVE-2026-46018 ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

0.00037EPSS

Exploits0References8

EUVD-2026-32399

5.8AI score0.00037EPSS

EUVD-2026-32398

In the Linux kernel, the following vulnerability has been resolved: mm: fix deferred split queue races during migration migratefoliomove records the deferred split queue state from src and replays it on dst. Replaying it after removemigrationptessrc, dst, 0 makes dst visible before it is requeued...

5.8AI score0.00024EPSS

Exploits0References2

EUVD-2026-32397

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

5.9AI score0.00024EPSS

EUVD-2026-32396

In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...

5.8AI score0.00013EPSS

Cvelist•added 2026/05/27 12:56 p.m.•36 views

CVE-2026-46016 remoteproc: xlnx: Only access buffer information if IPI is buffered

0.00024EPSS

CVE•added 2026/05/27 12:56 p.m.•18 views

CVE-2026-46015

The CVE-2026-46015 issue affects the Linux kernel TCP path when migrating an established child socket between listeners in the same SO_REUSEPORT group. After inet_csk_listen_stop() migrates, the target listener can obtain a new accept-queue entry via inet_csk_reqsk_queue_add(), but the path does ...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References7

Cvelist•added 2026/05/27 12:56 p.m.•40 views

CVE-2026-46015 tcp: call sk_data_ready() after listener migration

7.8CVSS0.00013EPSS

Exploits0References7

Cvelist•added 2026/05/27 12:56 p.m.•35 views

CVE-2026-46014 KVM: SVM: Add missing save/restore handling of LBR MSRs

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

0.00022EPSS

EUVD-2026-32395

5.8AI score0.00022EPSS

Cvelist•added 2026/05/27 12:56 p.m.•34 views

CVE-2026-46012 rxrpc: Fix memory leaks in rxkad_verify_response()

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix memory leaks in rxkadverifyresponse Fix rxkadverifyresponse to free the ticket and the server key under all circumstances by initialising the ticket pointer to NULL and then making all paths through the function after...

0.00024EPSS

EUVD•added 2026/05/27 12:56 p.m.•6 views

EUVD-2026-32309

5.8AI score0.00024EPSS

CVE•added 2026/05/27 12:56 p.m.•12 views

CVE-2026-46011

Summary (CVE-2026-46011, Linux kernel, media: mtk-jpeg): A use-after-free in the mtk-jpeg driver arises when the release path frees the context (ctx) without cancelling pending/running work in ctx->jpeg_work, creating a race with the workqueue accessing freed memory. The race occurs during clo...

7.8CVSS5.7AI score0.00013EPSS

EUVD•added 2026/05/27 12:56 p.m.•6 views

EUVD-2026-32308

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...

5.7AI score0.00013EPSS

EUVD•added 2026/05/27 12:56 p.m.•5 views

EUVD-2026-32307

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

5.8AI score0.00053EPSS

CVE•added 2026/05/27 12:56 p.m.•14 views

CVE-2026-46010

CVE-2026-46010 affects the Linux kernel's rxrpc component. The root cause is missing error handling in rxgk_extract_token(): if rxgk_decrypt_skb() returns -ENOMEM, the function should return that error instead of proceeding, which can lead to an abort. Several advisories state the vulnerability c...

8.1CVSS5.8AI score0.00053EPSS