CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/16 6:39 a.m.•5 views

CVE-2026-47131

A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker can exploit this vulnerability by combining specific Buffer function calls and Node.js's ERRINVALIDARGTYPE error. This allows the attacker to obtain the host's TypeError constructor, leading to an...

10CVSS5.4AI score0.004EPSS

Exploits0References6

Positive Technologies•added 2026/06/09 12:0 a.m.•12 views

PT-2026-47757

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...

9.8CVSS5.3AI score0.00457EPSS

Exploits1References77

NVD•added 2026/06/08 5:16 p.m.•10 views

CVE-2026-46314

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...

0.00157EPSS

NVD•added 2026/06/08 5:16 p.m.•9 views

CVE-2026-46284

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...

OSV•added 2026/06/08 5:16 p.m.•6 views

UBUNTU-CVE-2026-46284

5.3AI score0.00166EPSS

Exploits0References6

Cvelist•added 2026/06/08 3:41 p.m.•36 views

CVE-2026-46284 mm/hugetlb: fix early boot crash on parameters without '=' separator

RedhatCVE•added 2026/06/05 7:35 p.m.•5 views

CVE-2026-5937

Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalidargument" exception, ultimately causing the program to terminate...

5.5CVSS5.4AI score0.00103EPSS

Exploits0References1

SUSE CVE•added 2026/05/28 3:55 a.m.•10 views

SUSE CVE-2026-45939

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2026-32223

NVD•added 2026/05/27 2:17 p.m.•11 views

CVE-2026-45939

OSV•added 2026/05/27 2:17 p.m.•6 views

UBUNTU-CVE-2026-45939

Cvelist•added 2026/05/27 12:17 p.m.•37 views

CVE-2026-45939 gpib: Fix memory leak in ni_usb_init()

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-43806

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in ni usb init In ni usb init, if ni usb setup init fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, ni usb setup init returns 0 on...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: xsk: Added a missing overflow check in xdpumemreg. The number of chunks can exceed the range of u32. Ensure that -EINVAL is returned in case of an overflow. Additionally, removed a redundant u32 cast when assigning umem-npgs...

5.5CVSS6.3AI score0.00176EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed a chunk map leak in btrfsmapblock after btrfschunkmapnumcopies. Fixed a chunk map leak in btrfsmapblock: if we return early with -EINVAL, we are not freeing the chunk map that we just looked up...

5.5CVSS5.8AI score0.00122EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: r8188eu: fixed a memory leak in rtwwxread32 Free “ptmp” before returning – EINVIL...

5.5CVSS5.7AI score0.00181EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: brcmfmac: A check on the count value of channel specifications is added to prevent out-of-bounds reads. This patch fixes out-of-bounds reads in brcmfconstructchaninfo and brcmfenablebw402g when the count value of channel...

7.1CVSS6.3AI score0.0017EPSS

SUSE CVE•added 2026/05/13 3:35 a.m.•6 views

SUSE CVE-2026-43297

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rga: Fix possible ERRPTR dereference in rgabufinit rgagetframe can return ERRPTR-EINVAL when buffer type is unsupported or invalid. rgabufinit does not check the return value and unconditionally dereferences the...

5.8AI score0.00122EPSS

RedhatCVE•added 2026/05/08 7:47 p.m.•14 views

CVE-2026-43348

A flaw was found in the Linux kernel's mshvvtl component. When registering VTL0 memory, an issue with memory mapping calculations can cause the system to trigger a warning and return an invalid argument error. This could lead to system instability or a denial of service DoS, preventing legitimate...

5.5CVSS5.8AI score0.001EPSS