CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7CVSS6.9AI score0.00239EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In the net subsystem, do not delay the execution of dstentriesadd within dstrelease. - dstentriesadd uses data per-core that might be freed during the dismantling of ip6routenetexit, by calling dstentriesdestroy. Before...

5.5CVSS6.1AI score0.00227EPSS

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: esp: Fixed improper handling of pages from pagepool. When the skb is reorganized during espoutput !esp-inline, the pages originating from the original skb fragments are supposed to be released back to the system through...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed IPsec cleanup over MPV devices When we call mlx5edetachnetdev, we ultimately disable the blocking event notifier. Among these events are IPsec MPV events from the IB to the core. Therefore, before disabling tho...

5.8AI score0.00166EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5e: Fixed the issue with the inversion dependency warning when enabling IPsec tunnels. Attempts to enable IPsec packet offloading in tunnel mode in the debug kernel generate the following kernel panic, due to two issues...

5.5CVSS6.5AI score0.00166EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: xfrm: The “x-tunnel” structure is deleted as soon as the “x” structure is deleted. The IP-compatibility tunnels are currently being deleted from various lists and hashtables because the last user state that relied on those tunnel...

5.8AI score0.00176EPSS

ATTACKERKB•added 2026/06/05 5:59 p.m.•6 views

CVE-2026-2379

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

8.2CVSS5.4AI score0.00226EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/06/05 12:0 a.m.•6 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which occurs when, under certain conditions, physical interface fluctuations and proxy restarts may cause the IPsec...

8.2CVSS5.2AI score0.00226EPSS

Ubuntu•added 2026/06/04 9:3 p.m.•15 views

USN-8388-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.1AI score0.93418EPSS

Exploits55

Vulnrichment•added 2026/06/02 2:35 p.m.•9 views

CVE-2026-10629 CVE-2026-10629

SIP signaling stack in Verizon IMS unspecified version implements SIP signaling without IPsec integrity protection missing Security-Client/Security-Server headers and ESP traffic, which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via...

5.7AI score0.00174EPSS

CERT•added 2026/06/02 12:0 a.m.•11 views

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

Overview VoLTE deployments on Verizon’s IMS network have operated without negotiated SIP integrity protection. In observed test conditions, SIP signaling—including registration, call setup, and messaging—traveled without IPsec ESP encapsulation and without SIP Security Agreement headers, exposing...

7.4CVSS5.7AI score0.00174EPSS

Exploits0References4

RedhatCVE•added 2026/05/28 6:36 p.m.•15 views

CVE-2026-46116

A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...

7.8CVSS5.8AI score0.00126EPSS

Exploits0References4

NVD•added 2026/05/28 5:16 p.m.•14 views

CVE-2026-38707

A command injection vulnerability exists in the IPSec VPN feature of InHand Networks IR302 firmware V3.5.108, IR305 firmware V1.0.118, IR315 firmware V1.0.118, IR615 firmware V1.0.118, and earlier versions. Attackers can exploit this vulnerability to obtain ROOT privileges on remote target device...

9.8CVSS0.01243EPSS

SUSE CVE•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45905

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

4.7CVSS5.7AI score0.00111EPSS

Exploits0References3

Cvelist•added 2026/05/28 12:0 a.m.•28 views

CVE-2026-38707

0.01243EPSS