CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2 days ago•4 views

EUVD-2026-39859

In the Linux kernel, the following vulnerability has been resolved: net: mana: Use pciname for debugfs directory naming Use pcinamepdev for the per-device debugfs directory instead of hardcoded "0" for PFs and pcislotnamepdev-slot for VFs. The previous approach had two issues: 1. pcislotname...

5.8AI score0.00158EPSS

EUVD•added 2 days ago•4 views

EUVD-2026-39857

5.8AI score0.00145EPSS

Cvelist•added 2 days ago•20 views

CVE-2026-53322 vfio/pci: Clean up DMABUFs before disabling function

8.8CVSS0.00145EPSS

CVE•added 2 days ago•3 views

CVE-2026-53322

8.8CVSS5.8AI score0.00145EPSS

EUVD•added 2 days ago•4 views

EUVD-2026-39888

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

5.8AI score0.00166EPSS

CVE•added 2 days ago•6 views

CVE-2026-53280

The CVE-2026-53280 issue affects the Linux kernel IOMMU path. A NULL group->domain could be dereferenced in pci_dev_reset_iommu_done() when a default domain fails to allocate during the first probe, potentially causing a crash at domain->ops->attach_dev invoked by __iommu_attach_device()...

5.8AI score0.00155EPSS

RedhatCVE•added 2 days ago•5 views

CVE-2026-53067

A flaw was found in the Linux kernel's PCI Peripheral Component Interconnect endpoint Message Signaled Interrupts MSI doorbell allocation. When MSI allocation fails, the system may attempt to free already freed memory, leading to a double-free vulnerability. This issue can result in memory...

5.5CVSS5.7AI score0.00154EPSS

RedhatCVE•added 2 days ago•6 views

CVE-2026-53051

A flaw was found in the Linux kernel. During a specific hardware reset sequence, the system attempts to access hardware registers before the PCI Express controller is fully powered on. This premature access can cause a Control Backbone CBB timeout, leading to system unresponsiveness. This issue c...

5.5CVSS5.7AI score0.00175EPSS

EUVD•added 3 days ago•3 views

EUVD-2026-39268

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer dereference PCIe errors detected by a Root Port or Downstream Port cause error recovery services to run on all subordinate devices regardless of administrative state. The .errordetected callback,...

5.7AI score0.00172EPSS

Exploits0References7

CVE•added 3 days ago•7 views

CVE-2026-53177

In the Linux kernel, the bnxt_en driver fixes a NULL pointer dereference in PCIe error handling. The vulnerability arises when PCIe errors detected by a Root Port or Downstream Port trigger error recovery on subordinate devices even if the NIC is administratively down. Specifically, the .error_de...

5.7AI score0.00172EPSS

Exploits0References7

RedhatCVE•added 3 days ago•8 views

CVE-2026-53097

A flaw was found in the Linux kernel's mt7996 Wi-Fi driver. A use-after-free vulnerability exists in the mt7996macdumpwork function due to a race condition during the detachment of the mt7996 PCI chip. This can occur when mt7996crashdata is released while a related work item is still active,...

6AI score0.00168EPSS

EUVD-2026-38980

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: pci: fix possible use-after-free caused by unfinished irqpreparebcntasklet The irqpreparebcntasklet is initialized in rtlpciinit and scheduled when RTLIMRBCNINT interrupt is triggered by hardware. But it is never...

5.7AI score0.00164EPSS

Exploits0References8

EUVD-2026-38935

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...

5.8AI score0.00154EPSS

CVE•added 4 days ago•3 views

CVE-2026-53067

In the Linux kernel PCI endpoint code, the issue was in pci_epf_alloc_doorbell(): it stored the allocated doorbell message array in epf->db_msg/epf->num_db before requesting MSI vectors. If MSI allocation failed, the array was freed but EPF state could still reference freed memory. The fix ...

5.8AI score0.00154EPSS

EUVD-2026-38921

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

5.7AI score0.00168EPSS

CVE•added 4 days ago•4 views

CVE-2026-53053

8.8CVSS5.7AI score0.00168EPSS

EUVD-2026-38919

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...

5.7AI score0.00175EPSS

CVE•added 4 days ago•8 views

CVE-2026-53042

In CVE-2026-53042, the Linux kernel vulnerability stems from an initialization order: CXL is linked before fwctl in drivers/Makefile, causing fwctl_register to run before fwctl_init, so fwctl_class isn’t registered when device_add is called. This makes class_to_subsys() return NULL, skipping knod...

5.8AI score0.00166EPSS