CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2 hours ago•3 views

CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

RedhatCVE•added 3 days ago•7 views

CVE-2026-43981

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, in engine/luahandler.go, the sync.RWMutex protecting LoadCommonFunctions is released before L.Push and L.PCall execute. Since gopher-lua's LState is explicitly not goroutine-safe, concurrent requests race on the shared state...

8.2CVSS5.5AI score0.0005EPSS

Tenable Nessus•added 5 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46202

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness -...

5.9AI score0.00022EPSS

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46097

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e Input: edt-ft5x06 - use per-client debugfs directory removed the manual debug...

Tenable Nessus•added 5 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-46134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL...

Tenable Nessus•added 5 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its valu...

7.8CVSS5.8AI score0.00013EPSS

Tenable Nessus•added 5 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In su...

5.7AI score0.00024EPSS

RedhatCVE•added 2026/06/01 4:3 p.m.•9 views

CVE-2026-45151

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...

CVE•added 2026/05/29 7:30 p.m.•15 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

EUVD•added 2026/05/29 7:30 p.m.•8 views

EUVD-2026-33429

ATTACKERKB•added 2026/05/29 7:30 p.m.•6 views

CVE-2026-45151

Exploits0References2Affected Software1

SUSE CVE•added 2026/05/29 1:16 a.m.•10 views

SUSE CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

SUSE CVE•added 2026/05/29 1:16 a.m.•7 views

SUSE CVE-2026-46157

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

5.3CVSS5.7AI score0.00013EPSS

RedhatCVE•added 2026/05/28 9:11 p.m.•8 views

CVE-2026-46134

A flaw was found in the Linux kernel's crosectypec component. This vulnerability occurs because a mutex, a mechanism used to prevent simultaneous access to shared resources, was not properly initialized during Thunderbolt registration. This oversight can lead to a NULL dereference, potentially...

EUVD•added 2026/05/28 12:30 p.m.•6 views

Exploits0References4

EUVD-2026-32865

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

5.7AI score0.00024EPSS

Exploits0References6

NVD•added 2026/05/28 10:16 a.m.•8 views

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

0.00022EPSS

NVD•added 2026/05/28 10:16 a.m.•7 views

CVE-2026-46134

0.00022EPSS