CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A random memory access flaw was discovered in the Linux kernel’s GPU i915 kernel driver functionality. This flaw allows a local user to crash the system or escalate their privileges on the system...

7.8CVSS6.7AI score0.00379EPSS

OSV•added 2026/05/03 9:55 a.m.•4 views

OESA-2026-2130 emacs security update

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a proje...

7.1CVSS5.8AI score0.00108EPSS

Tenable Nessus•added 2026/05/02 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-31767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the compression ratio in command...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References4

Tenable Nessus•added 2026/05/02 12:0 a.m.•18 views

RHEL 10 : thunderbird (RHSA-2026:12285)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:12285 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the...

9.8CVSS5.9AI score0.04938EPSS

Exploits1References52

Tenable Nessus•added 2026/05/02 12:0 a.m.•10 views

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2026:1650-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1650-1 advisory. This update for MozillaFirefox fixes the following issue: Update to Firefox Extended Support Release 140.10.0 ESR bsc1262230, MFSA 2026-32: -...

9.8CVSS5.9AI score0.04938EPSS

Exploits1References52

RedhatCVE•added 2026/05/01 11:43 p.m.•7 views

CVE-2026-31781

A flaw was found in the Linux kernel's Direct Rendering Manager DRM subsystem, specifically in the drm/ioc32 component. This vulnerability, related to speculative execution a technique used by modern processors to guess future instructions, allows a local attacker to potentially disclose sensitiv...

5.5CVSS5.9AI score0.00123EPSS

Exploits0References4

Snyk•added 2026/05/01 5:32 p.m.•8 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the IGES and STEP file parsing process. An attacker can cause a denial of service or access unintended memory contents by submitting specially crafted IGES or STEP files that trigger out-of-bounds reads or infinit...

7.1CVSS5.8AI score0.00098EPSS

OSV•added 2026/05/01 5:0 p.m.•3 views

OPENSUSE-SU-2026:20664-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Changes in MozillaThunderbird: - Mozilla Thunderbird 140.10.0 ESR Newly translated strings were not available in Thunderbird MFSA 2026-34 bsc1262230 CVE-2026-6746 Use-after-free in the DOM: Core & HTML component CVE-2026-6747...

10CVSS6.1AI score0.04938EPSS

Exploits2References70

NVD•added 2026/05/01 4:16 p.m.•15 views

CVE-2026-22165

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

8.1CVSS0.00346EPSS

Cvelist•added 2026/05/01 3:59 p.m.•32 views

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable subsequent exploit on the...

0.00346EPSS

EUVD•added 2026/05/01 3:59 p.m.•5 views

EUVD-2026-26663

Vulnrichment•added 2026/05/01 3:59 p.m.•4 views

CVE-2026-22166 GPU DDK - Write UAF in KEGLGetPoolBuffers, WebGL reachable

5.8AI score0.00346EPSS

CVE•added 2026/05/01 3:59 p.m.•15 views

CVE-2026-22166

CVE-2026-22166 pertains to GPU DDK components where a web page sending anomalous WebGPU content into the GPU GLES render process can trigger a write UAF crash in the GPU GLES user-space shared library (KEGLGetPoolBuffers). The exposed root cause is a write-after-free condition in KEGLGetPoolBuffe...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/01 3:56 p.m.•5 views

CVE-2026-22165

CVE•added 2026/05/01 3:56 p.m.•18 views

CVE-2026-22165

CVE-2026-22165 involves a flaw in a GPU DDK where a web page serving unusual WebGPU content loaded into the GPU GLES render process can trigger a write UAF in the GPU GLES user-space shared library. The root cause is described as UAF reads of GLES3Context::psDrawParams and GLES3Context::psMode an...

Exploits0References1Affected Software1

Cvelist•added 2026/05/01 3:48 p.m.•29 views

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

Software installed and run as a non-privileged user may conduct improper GPU system calls to force GPU to write to arbitrary physical memory pages. Under certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel an...

0.00148EPSS

Vulnrichment•added 2026/05/01 3:48 p.m.•1 views

CVE-2026-22167 GPU DDK - Cache resident PM buffers writable by other GPU requestors, leading to arbitrary write to physical memory

5.9AI score0.00148EPSS

ATTACKERKB•added 2026/05/01 3:48 p.m.•2 views

CVE-2026-22167

7.8CVSS5.9AI score0.00148EPSS