CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3384 matches found

NVD•added 2026/05/08 3:16 p.m.•4 views

CVE-2026-43420

In the Linux kernel, the following vulnerability has been resolved: ceph: fix inlink underrun during async unlink During async unlink, we drop the inlink counter before we receive the completion that will eventually update the inlink because "we assume that the unlink will succeed". That is not a...

4.7CVSS0.00012EPSS

Exploits0References8

OSV•added 2026/05/08 3:16 p.m.•3 views

UBUNTU-CVE-2026-43420

4.7CVSS5.7AI score0.00012EPSS

Exploits0References11

CVE•added 2026/05/08 2:21 p.m.•10 views

CVE-2026-43420

CVE-2026-43420 describes a race in Ceph/Linux kernel unlink handling where i_nlink is decremented before completion of async unlink, risking underrun if the updated i_nlink becomes zero. The root cause is updating i_nlink without proper synchronization between ceph_unlink() and MDS responses; the...

4.7CVSS5.8AI score0.00012EPSS

Exploits0References8Affected Software1

ATTACKERKB•added 2026/05/08 2:21 p.m.•4 views

CVE-2026-43361

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes Currently a user can trigger a transaction abort by snapshotting a previously received snapshot a bunch of times until we reach a BTRFSUUIDKEYRECEIVEDSUBVOL item...

5.8AI score0.00013EPSS

Exploits0References7Affected Software1

CNNVD•added 2026/05/08 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ceph asynchronous unlink operation reducing the inlink counter prematurely before it is...

4.7CVSS5.8AI score0.00012EPSS

Exploits0References2

Tenable Nessus•added 2026/05/08 12:0 a.m.•6 views

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-016777)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016777 advisory. In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of...

5.8AI score0.00052EPSS

Exploits0References4

Positive Technologies•added 2026/05/08 12:0 a.m.•7 views

PT-2026-39131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the NFS implementation where the system fails to return an error when a directory alias is found through nfs3 do create, nfs add or obtain, or d splice alias. In such...

5.5CVSS5.7AI score0.00013EPSS

Exploits0References17

SUSE CVE•added 2026/05/07 2:24 a.m.•4 views

SUSE CVE-2025-71289

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state...

5.5CVSS5.7AI score0.00015EPSS

Exploits0References3

SUSE CVE•added 2026/05/07 2:19 a.m.•6 views

SUSE CVE-2026-43075

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix out-of-bounds write in ocfs2writeendinline KASAN reports a use-after-free write of 4086 bytes in ocfs2writeendinline, called from ocfs2writeendnolock during a copyfilerange splice fallback on a corrupted ocfs2 filesyst...

7.8CVSS5.8AI score0.0002EPSS

Exploits0References3

SUSE CVE•added 2026/05/07 2:19 a.m.•6 views

SUSE CVE-2026-43076

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate inline data isize during inode read When reading an inode from disk, ocfs2validateinodeblock performs various sanity checks but does not validate the size of inline data. If the filesystem is corrupted, an inode's...

7.8CVSS5.9AI score0.00018EPSS

Exploits0References4

SUSE CVE•added 2026/05/07 2:18 a.m.•5 views

SUSE CVE-2026-43117

In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfssyncfile If overlay is used on top of btrfs, dentry-dsb translates to overlay's super block and fsid assignment will lead to a crash. Use fileinodefile-isb to...

9.1CVSS5.8AI score0.00076EPSS

Exploits0References3

SUSE CVE•added 2026/05/07 2:18 a.m.•7 views

SUSE CVE-2026-43118

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a directory, we always set the generation of the logged inode item to ...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References3

RedhatCVE•added 2026/05/06 11:44 p.m.•6 views

CVE-2026-43262

A flaw was found in the Linux kernel's gfs2 filesystem. This vulnerability occurs when the gfs2fiemap function calls iomapfiemap while holding an inode glock a global lock for filesystem operations. If the fiemap buffer is memory mapped to the same inode and accessing it triggers a page fault, it...

5.5CVSS5.9AI score0.00015EPSS

Exploits0References3

RedhatCVE•added 2026/05/06 5:28 p.m.•4 views

CVE-2025-71289

A flaw was found in the Linux kernel's NTFS3 file system driver. When a file is truncated, and an error occurs during the process of setting the attribute size, the system silently ignores this error. This oversight can lead to the file's inode, which stores critical file system metadata, being...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References4

RedhatCVE•added 2026/05/06 3:12 p.m.•7 views

CVE-2026-43076

A flaw was found in the ocfs2 filesystem module of the Linux kernel. This vulnerability occurs when the system attempts to read an inode from a corrupted filesystem, where the inline data size is not properly validated. This can lead to a use-after-free condition, potentially allowing a local...

7.8CVSS6AI score0.00018EPSS

Exploits0References4