CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•10 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

6.3CVSS5.9AI score0.00044EPSS

EUVD•added 5 days ago•4 views

EUVD-2026-33429

6.3CVSS5.9AI score0.00044EPSS

NVD•added 6 days ago•4 views

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

0.00017EPSS

NVD•added 6 days ago•2 views

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

0.00018EPSS

EUVD•added 6 days ago•4 views

EUVD-2026-32829

6AI score0.00017EPSS

Cvelist•added 6 days ago•21 views

CVE-2026-46202 HID: appletb-kbd: run inactivity autodim from workqueues

0.00017EPSS

EUVD•added 6 days ago•7 views

EUVD-2026-32784

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

5.7AI score0.00012EPSS

SUSE CVE•added 6 days ago•6 views

SUSE CVE-2026-46008

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the damonctx-kdamond so that API callers and API functions themselves can show t...

5.7AI score0.00024EPSS

SUSE CVE•added 6 days ago•4 views

SUSE CVE-2026-46036

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...

7.8CVSS5.8AI score0.00013EPSS

Positive Technologies•added 6 days ago•6 views

PT-2026-44280

5.7AI score0.00012EPSS

NVD•added 2026/05/27 2:17 p.m.•3 views

CVE-2026-46036

7.8CVSS0.00013EPSS

NVD•added 2026/05/27 2:17 p.m.•5 views

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

0.00023EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43903

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIO DEVICE SET IRQS with a per-device mutex vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array based on its value, but provides no serialization against concurrent VFIO...

5.8AI score0.00013EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•7 views

PT-2026-43816

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and work struct to fix race condition Currently, hwrng fill is not cleared until the hwrng fillfn thread exits. Since hwrng unregister reads hwrng fill outside the rng mutex lock, a concurrent hwrng unregist...

5.8AI score0.00023EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fixed atomic context locking issue The ncmsetalt function was holding a mutex to prevent race conditions with configfs. This function invokes the mightsleep function within an atomic context. The struct pointer...

5.5CVSS5.7AI score0.00012EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fixed an oops error when unloading drivers that are parallel to each other. When the hclge driver is unloaded, it attempts to disable sriov first for each aedev node from hnae3aedevlist. If the hns3 driver is unloaded ...

5.5CVSS6.2AI score0.0003EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Prevent race condition during ffsep0queuewait When performing fast composition switching, there is a possibility that the process of ffsep0write/ffsep0read may enter a race condition due to ep0req being freed fr...

7.8CVSS6.2AI score0.00034EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fixed an issue where an invalid lock was taken on a wedge. If devices like GuC upload are wedged, the submission is not yet enabled, and the state has not even been initialized. This fix prevents the wedge-related calls...

5.5CVSS6.2AI score0.00038EPSS

EUVD•added 2026/05/08 3:31 p.m.•5 views

EUVD-2026-28729

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...

5.8AI score0.00012EPSS