CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. A remote attacker could exploit this by sending a specially crafted COOKIEECHO chunk to a listening SCTP server. The server's failure to properly validate the length of a cached peer INIT chunk within...

7CVSS5.9AI score0.00173EPSS

Exploits0References4

OSV•added yesterday•2 views

ECHO-502D-311B-E0E0

Bulletin has no description...

4.8CVSS5.7AI score0.00114EPSS

Exploits0References1

OSV•added yesterday•4 views

ECHO-8413-BF93-7DC1

Bulletin has no description...

6.3CVSS5.7AI score0.00221EPSS

Exploits0References1

CVE•added yesterday•5 views

CVE-2026-53246

CVE-2026-53246 affects the Linux kernel SCTP implementation. When a listening SCTP server processes a COOKIE_ECHO chunk, a cached peer INIT chunk embedded after the cookie could have its header length inflated beyond the remaining COOKIE_ECHO data. This allowed the parameter walk performed by sct...

6AI score0.00173EPSS

Exploits0References3

EUVD•added yesterday•3 views

EUVD-2026-39197

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

6AI score0.00173EPSS

Exploits0References3

Debian CVE•added yesterday•3 views

CVE-2026-53246

5.9AI score0.00173EPSS

Exploits0

CVE•added yesterday•5 views

CVE-2026-53208

The CVE concerns the Linux kernel Bluetooth stack (L2CAP) where BR/EDR signaling packets larger than the signaling MTU could be accepted and cause an attacker to trigger multiple ECHO_RSP frames before pairing. Specifically, l2cap_sig_channel() allowed BR/EDR signaling packets up to the channel M...

5.8AI score0.00176EPSS

Exploits0References8

OSV•added 2 days ago•4 views

ECHO-84B2-B2CE-8A5F

Bulletin has no description...

5.3CVSS5.8AI score0.0023EPSS

Exploits0References1

CVE•added 2 days ago•7 views

CVE-2026-52924

The CVE‑2026‑52924 affects the Linux kernel SCTP implementation. A corner case during a Stale Cookie transition (COOKIE_ECHO→COOKIE_WAIT) can leave out_curr pointing to a freed sctp_stream_out after purging the old stream table, causing use‑after‑free in SCTP scheduling paths (e.g., sctp_sched_fc...

5.8AI score0.00165EPSS

Exploits0References8

Debian CVE•added 2 days ago•4 views

CVE-2026-52924

In the Linux kernel, the following vulnerability has been resolved: sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association setup/reconfiguration. In this path, the outbound stream scheduler state...

5.7AI score0.00165EPSS

Exploits0

OSV•added 2 days ago•3 views

ECHO-4E4C-B37E-F35F

Bulletin has no description...

7.8CVSS5.8AI score0.00599EPSS

Exploits0References1

OSV•added 3 days ago•2 views

ECHO-063C-9C61-C3D6

Bulletin has no description...

6.3CVSS5.8AI score0.00323EPSS

Exploits0References1