CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.1CVSS6.9AI score0.00013EPSS

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: tls: fixed handling of zero-length records in the rxlist. Each recvmsg call must process either: - only contiguous DATA records any number of them - one non-DATA record If the next record has a different type than those that...

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tipc: Force a dst refcount before doing decryption As stated in commit 3bc07321ccc2 “xfrm: Force a dst refcount before entering the xfrm type handlers”: “Crypto requests might return asynchronously. In this case, we leave the rcu...

5.5CVSS6.2AI score0.0001EPSS

7.8CVSS6.3AI score0.00017EPSS

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: - net: tls: Fixed a use-after-free issue related to partial reads and async decryption. tlsdecryptsg does not take a reference to the pages from clearskb. Therefore, the putpage function in tlsdecryptdone releases these pages,...

7.5CVSS7.2AI score0.00879EPSS

Astra Linux - уязвимость в python-cryptography

A flaw was discovered in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which could result in the exposure of confidential or sensitive data...

8.1CVSS6AI score0.00046EPSS

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Track the decryption status in vmbusgpadl. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the shared memory being...

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: tls: Purging the asynchold element from tlsdecryptwait The asynchold queue retains encrypted input data while the AEAD engine references their scatterlist data. Once tlsdecryptwait returns, every AEAD operation is completed, and...

7.5CVSS5.6AI score0.00045EPSS

Exploits0References1

RedHat Linux•added 2026/05/19 9:46 p.m.•8 views

github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object

7.5CVSS6.3AI score0.00035EPSS

Exploits0References6

GithubExploit•added 2026/05/19 9:39 p.m.•55 views

Exploit for Improper Handling of Length Parameter Inconsistency in Linux Linux_Kernel

🩸 CVE-2026-31635 – DirtyDecrypt Linux Kernel Local Priv...

7.5CVSS6AI score0.00038EPSS

Exploits4

OSSF Malicious Packages•added 2026/05/19 6:39 p.m.•6 views

Malicious code in alya-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 473103f2220a0215abf49be7e46ec1748052935ce188e0eee6ded08af7b47cf1 alya-baileys is a fork of the Baileys WhatsApp library that adds a hidden, remotely-controlled action channel against the installer's authenticated...

5.8AI score

Exploits0References8

Tenable Nessus•added 2026/05/19 12:0 a.m.•11 views

SUSE SLES15 Security Update : kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2026:1878-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:1878-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.47 fixes one security issue The following security issue was fixed: - CVE-2026-43284:...

OSV•added 2026/05/18 9:6 a.m.•2 views

Exploits28References4

SUSE-SU-2026:21774-1 Security update for the Linux Kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

OSV•added 2026/05/18 8:2 a.m.•3 views

SUSE-SU-2026:1959-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...

8.8CVSS6.1AI score0.43539EPSS

Exploits40References11

OSV•added 2026/05/18 5:40 a.m.•1 views

SUSE-SU-2026:21761-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

OSV•added 2026/05/18 5:40 a.m.•2 views

SUSE-SU-2026:21809-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)

8.8CVSS5.8AI score0.38453EPSS

OSV•added 2026/05/18 4:42 a.m.•2 views

SUSE-SU-2026:21806-1 Security update for the Linux Kernel (Live Patch 3 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.8.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

OSV•added 2026/05/17 3:22 p.m.•5 views

SUSE-SU-2026:1904-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. - CVE-2026-46300: net: skbuff: propagate shared-frag marker...