CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/28 9:36 a.m.•14 views

CVE-2026-46176

5.7AI score0.00138EPSS

Exploits0References6Affected Software1

EUVD•added 2026/05/28 9:36 a.m.•8 views

EUVD-2026-32789

In the Linux kernel, the following vulnerability has been resolved: ice: fix double free in icesfethactivate error path When auxiliarydeviceadd fails, icesfethactivate jumps to auxdevuninit and calls auxiliarydeviceuninit&sfdev-adev. The device release callback icesfdevrelease frees sfdev, but th...

5.8AI score0.00138EPSS

CVE•added 2026/05/28 9:36 a.m.•18 views

CVE-2026-46162

CVE-2026-46162 affects the Linux kernel ice driver. The vulnerability is a double free in the error path of ice_sf_eth_activate() : when auxiliary_device_add() fails, execution jumps to the auxiliary device uninit path, the device release callback frees the device, but the code then falls through...

7.8CVSS5.8AI score0.00138EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/28 9:35 a.m.•18 views

CVE-2026-46139

CVE-2026-46139 relates to the Linux kernel Samba SMB ACL handling. A kmalloc’ed security descriptor buffer left the 2-byte reserved field uninitialized, because the code wrote fields with le16() but did not touch the reserved Sbz2 slot. If this field contained non-zero slab garbage, Samba could r...

5.9AI score0.00168EPSS

Cvelist•added 2026/05/28 9:35 a.m.•26 views

CVE-2026-46139 smb: client: use kzalloc to zero-initialize security descriptor buffer

In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d "smb: common: change the data type of numaces to le16" split struct smbacl's le32 numaces field into le16 numaces and le16 reserved. The...

0.00168EPSS

EUVD•added 2026/05/28 9:35 a.m.•9 views

EUVD-2026-32766

5.9AI score0.00168EPSS

ATTACKERKB•added 2026/05/28 9:35 a.m.•6 views

CVE-2026-46136

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...

Exploits0References7Affected Software1

EUVD•added 2026/05/28 9:35 a.m.•10 views

EUVD-2026-32763

Cvelist•added 2026/05/28 9:35 a.m.•31 views

CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

9.8CVSS0.00457EPSS

CVE•added 2026/05/28 9:35 a.m.•75 views

CVE-2026-46135

CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...

9.8CVSS5.8AI score0.00457EPSS

EUVD•added 2026/05/28 9:35 a.m.•7 views

EUVD-2026-32762

5.8AI score0.00457EPSS

EUVD•added 2026/05/28 9:35 a.m.•10 views

EUVD-2026-32761

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

CVE•added 2026/05/28 9:35 a.m.•17 views

CVE-2026-46134

Summary: CVE-2026-46134 affects the Linux kernel, specifically the Thunderbolt path under platform/chrome for CrosEC Type-C. The root cause was that in cros_typec_register_thunderbolt(), the adata->lock mutex was not initialized, which can lead to a NULL dereference when the mutex is later acq...

Cvelist•added 2026/05/28 9:35 a.m.•28 views

CVE-2026-46134 platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration

0.00173EPSS

EUVD•added 2026/05/28 9:35 a.m.•9 views

EUVD-2026-32891

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.7AI score0.00184EPSS

SUSE CVE•added 2026/05/28 4:1 a.m.•15 views

SUSE CVE-2025-71311

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longestmatchstd, invoked from ntfscompresswrite. When new folios are allocated without being marked uptodate and nireadframe is skipped because th...

5.7AI score0.002EPSS

SUSE CVE•added 2026/05/28 3:55 a.m.•8 views

SUSE CVE-2026-45977

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...

5.8AI score0.00121EPSS

RedhatCVE•added 2026/05/28 1:7 a.m.•8 views

CVE-2026-45926

A flaw was found in the Linux kernel. When initializing a Pulse Width Modulation PWM chip, a memory leak can occur if the pwmchipalloc function fails. This happens because the allocated pwmchip's initial reference is not properly released, leading to unmanaged memory consumption. This vulnerabili...

5.8AI score0.00162EPSS