CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/28 10:16 a.m.•11 views

CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

9.8CVSS0.00552EPSS

OSV•added 2026/05/28 10:16 a.m.•6 views

UBUNTU-CVE-2026-46137

9.8CVSS5.7AI score0.00552EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•20 views

PT-2026-44260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Multipath TCP MPTCP implementation. The mptcp pm add timer helper function, which operates as a timer callback in softirq context, fails to properly hold the...

9.8CVSS5.8AI score0.00552EPSS

Exploits0References294

Cvelist•added 2026/05/27 12:15 p.m.•38 views

CVE-2026-45871 tpm: st33zp24: Fix missing cleanup on get_burstcount() error

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

0.0022EPSS

5.5CVSS5.7AI score0.00119EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active. Exiting to userspace will generate a spurious userspace exit, usually...

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: krb5enc – Fix for async decryption skipping hash verification The krb5encdispatchdecrypt function sets req-base.complete as the skcipher callback. This means that when the skcipher completes asynchronously, it signals...

7.5CVSS5.5AI score0.00294EPSS

7.1CVSS5.2AI score0.00145EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htablockbucket to userspace In the function htabmaplookupanddeletebatch, if htablockbucket returns -EBUSY, the operation proceeds to the next bucket. Moving to the next bucket may not only silently skip...

6.5CVSS6.8AI score0.00419EPSS

Astra Linux - уязвимость в firefox

A use-after-free crash could occur on macOS if a Firefox update was applied to a heavily utilized system. This could lead to a exploitable crash. This vulnerability affects Firefox versions earlier than 122...

7.8CVSS5.4AI score0.00131EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: gpib: Fixed a use-after-free in IO ioctl handlers. The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after the board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the...

NVD•added 2026/05/19 12:16 p.m.•9 views

CVE-2026-43493

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAYBACKLOG requests MAYBACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications...

9.8CVSS0.00554EPSS

ATTACKERKB•added 2026/05/19 10:44 a.m.•4 views

CVE-2026-43493

5.8AI score0.00554EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/19 10:44 a.m.•25 views

CVE-2026-43493

CVE-2026-43493 affects the Linux kernel crypto/pcrypt code and concerns MAY_BACKLOG handling. MAY_BACKLOG requests could return EBUSY; the fix adds a check for EBUSY and filters out EINPROGRESS notifications, addressing potential processing instability. The vulnerability is resolved in the Linux ...

9.8CVSS5.8AI score0.00554EPSS

Positive Technologies•added 2026/05/19 12:0 a.m.•9 views

PT-2026-41875

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the pcrypt crypto component regarding the handling of MAY BACKLOG requests. These requests can return an EBUSY error, which requires proper handling by checking for th...

9.8CVSS5.8AI score0.00554EPSS

Exploits0References151

RedhatCVE•added 2026/05/15 11:38 a.m.•9 views

CVE-2026-43326

A flaw was found in the Linux kernel, specifically within the schedext component. This vulnerability can lead to a system-wide deadlock, causing a Denial of Service DoS where the system becomes unresponsive. The issue arises when the kernel's scheduling mechanism enters a busy-wait state in a...

5.5CVSS5.8AI score0.00083EPSS

Exploits0References4

OSV•added 2026/05/13 7:17 p.m.•4 views

DEBIAN-CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

7.5CVSS5.8AI score0.00408EPSS