CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/20 7:11 a.m.•4 views

MAL-2026-4467 Malicious code in @weirdorg/dotenv (npm)

6.2AI score

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Do not dereference the ACPI root object handle. The commit referenced in the “Fixes” section below the VMBus client driver attempts to traverse the ACPI namespace from the VMBus ACPI device to the ACPI namespa...

5.5CVSS6.3AI score0.00017EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: net: fixed the out-of-bounds error related to the UaF in the netns ops registration error path. If the net AssignGeneric function fails, the current error path in opsinit attempts to clear the gen pointer slot. However, during th...

7.8CVSS5.9AI score0.00016EPSS

5.8CVSS6.2AI score0.00023EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: TCP: Properly terminate timers for kernel sockets We received various reports from syzbot regarding TCP timers being fired after the corresponding netns has been dismantled. Fortunately, Josef Bacik was able to trigger this issue...

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nfp: MC addresses are cleaned up in the application firmware when the port is closed. When moving devices from one namespace to another, MC addresses are cleaned up by software, but they are not removed from the application...

5.7AI score0.00026EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•11 views

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: fixed a use-after-free in twtimerhandler A real-world panic issue was discovered in Linux 5.4. Bug: Unable to handle a page fault for the address: ffffde49a863de28 PGD: 7e6fe62067 P4D: 7e6fe62067 PUD: 7e6fe63067 PMD:...

7.8CVSS6AI score0.00015EPSS

5.5CVSS5.7AI score0.00012EPSS

Astra Linux - уязвимость в linux, linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fixed a potential “struct net” leak in inet6rtmgetaddr. It appears that if the user space provides a correct IFATARGETNETNSID value, but no IFAADDRESS or IFALOCAL attributes are set, inet6rtmgetaddr will return -EINVAL, alo...

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

Linux Kernel nftables Out-of-bounds Read/Write Vulnerability; nftbyteorder improperly handles the contents of VM registers when CAPNETADMIN is present in any user or network namespace...

7.8CVSS6.8AI score0.00221EPSS

Exploits2References2

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ceph: fixed NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has a regression starting from 6.18-rc1. There is an issue in cephmdsauthmatch if fsname is NULL: c const char fsname =...

5.5CVSS5.7AI score0.00017EPSS

5.5CVSS6.2AI score0.00013EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: requires CAPNETADMIN to attach NGSM0710 ldisc Any unprivileged user can attach to NGSM0710 ldisc, but it still requires CAPNETADMIN to create a GSM network. Additionally, requiring CAPNETADMIN for the initial namespace...

Exploits1References2

5.5CVSS6.6AI score0.00016EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: netfilter: nftables: Unregistering flowtable hooks upon netns exit. Unregistering flowtable hooks before they are released via nftablesflowtabledestroy. Otherwise, the hook code may report a Use-After-Free error. BUG: KASAN:...

8.3CVSS6.7AI score0.85239EPSS

Astra Linux - уязвимость в linux

A heap out-of-bounds write that affects Linux since v2.6.19-rc1 was discovered in net/netfilter/xtables.c. This vulnerability allows an attacker to gain privileges or cause a Denial-of-Service attack through heap memory corruption by manipulating the user name space...

Exploits21References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: devlink: fixed the netns refcount leak in devlinknlcmdreload. While preparing my patch series that includes netns refcount tracking, I discovered bugs in devlinknlcmdreload. Some error paths failed to release the refcount for a...

5.5CVSS5.8AI score0.00018EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: nvmet: Fixed a crash that occurs when a namespace is disabled. The percpu counter in the namespace is responsible for handling pending I/O operations. We can safely disable the namespace only after the counter drops to zero...

5.5CVSS5.9AI score0.00019EPSS

5.5CVSS6.2AI score0.00023EPSS

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fixed a possible leak of the pernet namespace in smcinit. In smcinit, registerpernetsubsys&smcnetstatops is called without any error handling. If this call fails, the registration of &smcnetops will not be reversed...

7.5CVSS6AI score0.0001EPSS

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Always remove the class from the active list before deleting it in etsqdiscchange. The vulnerability is a race condition between etsqdiscdequeue and etsqdiscchange. This causes a Use-After-Freeze UAF error on the...