CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

522 matches found

SUSE CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00013EPSS

Exploits0References4

RedhatCVE•added last week•6 views

CVE-2026-46171

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for RISC-V architecture. This vulnerability occurs when a second memory allocation fails during the vector context setup, causing a previously allocated memory block to be leaked. Over time, repeated occurrences of this issue...

5.8AI score0.00022EPSS

Exploits0References4

Rockylinux•added last week•7 views

kernel security update

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

9.8CVSS6.2AI score0.38453EPSS

Exploits38

CVE•added last week•11 views

CVE-2026-46131

The CVE-2026-46131 entry concerns the Linux kernel KVM/x86 hypervisor path. It states a vulnerability in the slow flush hypercalls where the is_guest_mode(vcpu) check is incorrect; translate_nested_gpa() is only valid if an L2 guest is running with nested EPT/NPT enabled. The fix uses the same co...

5.8AI score0.00024EPSS

Exploits0References5

SUSE CVE•added last week•3 views

SUSE CVE-2026-46032

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if restore host CR3 fails on nested VMEXIT If loading L1's CR3 fails on a nested VMEXIT, nestedsvmvmexit returns an error code that is ignored by most callers, and continues to run L1 with corrupted state....

6AI score0.00025EPSS

Exploits0References3

SUSE CVE•added last week•6 views

SUSE CVE-2026-46071

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

5.8AI score0.00022EPSS

Exploits0References3

RedhatCVE•added 2026/05/27 10:9 p.m.•7 views

CVE-2026-45987

A flaw was found in the KVM Kernel-based Virtual Machine nSVM component of the Linux kernel. This vulnerability occurs when the interrupt shadow state is not correctly synchronized to the cached Virtual Machine Control Block VMCB after a Level 2 L2 guest virtual machine VM execution. A local...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References4

RedhatCVE•added 2026/05/27 5:49 p.m.•7 views

CVE-2026-46076

A flaw was found in the Kernel-based Virtual Machine KVM nSVM module of the Linux kernel. This vulnerability occurs when an unhandled VMMCALL is not properly intercepted by the Level 1 L1 hypervisor. A malicious Level 2 L2 guest operating system could exploit this by making specific hypercalls,...

7.9CVSS5.8AI score0.00013EPSS

Exploits0References4

NVD•added 2026/05/27 2:17 p.m.•3 views

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00013EPSS

Exploits0References4

NVD•added 2026/05/27 2:17 p.m.•5 views

CVE-2026-46032

0.00025EPSS

Exploits0References2

NVD•added 2026/05/27 2:17 p.m.•4 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

0.00032EPSS

Exploits0References8

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

5.7AI score0.00022EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-46071

5.7AI score0.00022EPSS

Exploits0References3

EUVD•added 2026/05/27 12:58 p.m.•3 views

EUVD-2026-32465

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Inject UD for INVLPGA if EFER.SVME=0 INVLPGA should cause a UD when EFER.SVME is not set. Add a check to properly inject UD when EFER.SVME=0. sean: tag for stable@...

5.8AI score0.00032EPSS

Exploits0References5

Debian CVE•added 2026/05/27 12:58 p.m.•4 views

CVE-2026-46082

5.7AI score0.00032EPSS

Exploits0

Debian CVE•added 2026/05/27 12:58 p.m.•4 views

CVE-2026-46076

7.9CVSS5.7AI score0.00013EPSS

Exploits0

EUVD•added 2026/05/27 12:58 p.m.•4 views

EUVD-2026-32458

5.8AI score0.00013EPSS

Exploits0References4

CVE•added 2026/05/27 12:58 p.m.•9 views

CVE-2026-46076

The CVE-2026-46076 entry concerns the Linux kernel KVM nSVM, where an unhandled VMMCALL can produce an Undefined Opcode (#UD) when L2 is active, L1 does not intercept, nested_svm_l2_tlb_flush_enabled() is true, and the hypercall is not among the supported Hyper-V hypercalls. The vulnerability ari...

7.9CVSS5.8AI score0.00013EPSS

Exploits0References4