CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 4 days ago•4 views

CVE-2026-52950

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can now combine this as one unit and have the init d...

7.8CVSS0.00173EPSS

EUVD•added 4 days ago•3 views

EUVD-2026-38922

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common resv with the VM which is always locked this would only show up with...

5.7AI score0.00166EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm/i915/active: Fixed the misuse of non-idle barriers as fence trackers. Users reported errors related to list corruption when using i915 perf with a number of concurrently running graphics applications. Root cause analysis...

5.5CVSS6.1AI score0.00162EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Invalid parameter check in msmdsiPhyEnable The function performs a check on the “phy” input parameter, however, it is used before the check. The “dev” variable is initialized after the sanity check to avoid a possibl...

5.5CVSS5.5AI score0.0021EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - Media: Rockchip: RGA: Fixed a possible dereference of the ERRPTR parameter in rgabufinit. - RGAgetframe: Can return ERRPTR -EINVAL when the buffer type is unsupported or invalid. rgabufinit does not check the return value an...

5.5CVSS6AI score0.00122EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Resources are freed after they are unregistered. The unbind operation of the DP component iterates through the submodules to unregister them and clean up the situation. However, if the unbind occurs because the DP...

7.8CVSS5.4AI score0.00149EPSS

NVD•added 2026/06/09 5:17 p.m.•7 views

CVE-2026-44812

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

7.8CVSS0.00437EPSS

NVD•added 2026/06/09 5:17 p.m.•10 views

CVE-2026-44803

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

7.8CVSS0.00437EPSS

EUVD•added 2026/06/09 5:6 p.m.•7 views

EUVD-2026-35759

Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally...

7.8CVSS5.7AI score0.00437EPSS

CVE•added 2026/06/09 5:6 p.m.•57 views

CVE-2026-44803

CVE-2026-44803 describes an integer overflow/wraparound in Windows Win32K - GRFX that can allow a local attacker to execute code. The vulnerability is identified across multiple sources (NVD, CVE listing, and MSRC update page) and is classified with a high impact: local code execution, requiring ...

7.8CVSS5.7AI score0.00437EPSS

Exploits0References1Affected Software16

OSV•added 2026/06/08 4:16 p.m.•5 views

UBUNTU-CVE-2025-71315

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

7.3CVSS5.4AI score0.00162EPSS

Exploits0References5

SUSE CVE•added 2026/06/06 2:53 a.m.•5 views

SUSE CVE-2026-10891

Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.6AI score0.00325EPSS

EUVD•added 2026/06/05 12:31 a.m.•9 views

EUVD-2026-34554

8.8CVSS5.8AI score0.00325EPSS

Vulnrichment•added 2026/06/04 11:3 p.m.•7 views

CVE-2026-10891

5.8AI score0.00325EPSS

Positive Technologies•added 2026/06/04 12:0 a.m.•8 views

PT-2026-46420

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the GFX component allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a memory corruption flaw that...

9.6CVSS5.8AI score0.00985EPSS

Exploits0References434

OSV•added 2026/05/28 11:16 p.m.•6 views

DEBIAN-CVE-2026-9895

Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00214EPSS

Cvelist•added 2026/05/28 10:25 p.m.•28 views

CVE-2026-9936

Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00222EPSS