Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

344 matches found

Tenable Nessus
Tenable Nessusadded 2 days ago5 views

Xen: Use after free of paging structures in EPT (XSA-480)

The Intel EPT paging code uses an optimization to defer flushing of any cached EPT state until the p2m lock is dropped, so that multiple modifications done under the same locked region only issue a single flush. Freeing of paging structures however is not deferred until the flushing is done, and...

7.8CVSS5.6AI score0.00005EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 3 days ago3 views

kernel: iommu: disable SVA when CONFIG_X86 is set

A security vulnerability was found in the Linux kernel's IOMMU Shared Virtual Addressing SVA implementation on x86 architecture. When SVA is enabled, the IOMMU caches kernel page table entries. Since the kernel lacks a mechanism to notify the IOMMU when kernel page table pages are freed and...

7.8CVSS5.9AI score0.00011EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2026/05/29 1:17 a.m.6 views

SUSE CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00013EPSS
Exploits0References4
SUSE CVE
SUSE CVEadded 2026/05/29 1:16 a.m.7 views

SUSE CVE-2026-46131

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

5.5CVSS5.8AI score0.00024EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This...

8.8CVSS5.8AI score0.00013EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 9:12 p.m.8 views

CVE-2026-46131

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 virtualization module. An incorrect check for nested EPT/NPT Nested Extended Page Tables/Nested Nested Page Tables in slow flush hypercalls could lead to improper handling of L2 guests. This vulnerability arises because t...

5.5CVSS5.8AI score0.00024EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/05/28 8:22 p.m.10 views

CVE-2026-46113

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 shadow paging mechanism. This use-after-free vulnerability arises from incorrect handling of Guest Frame Numbers GFNs when guest page tables are modified. A local attacker with control over a guest virtual machine could...

8.8CVSS5.7AI score0.00013EPSS
Exploits0References4
NVD
NVDadded 2026/05/28 10:16 a.m.7 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS0.00013EPSS
Exploits0References6
OSV
OSVadded 2026/05/28 10:16 a.m.4 views

UBUNTU-CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00013EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/28 9:35 a.m.5 views

CVE-2026-46131

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

5.7AI score0.00024EPSS
Exploits0
EUVD
EUVDadded 2026/05/28 9:35 a.m.6 views

EUVD-2026-32890

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

5.8AI score0.00024EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.24 views

CVE-2026-46131 KVM: x86: check for nEPT/nNPT in slow flush hypercalls

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

0.00024EPSS
Exploits0References5
CVE
CVEadded 2026/05/28 9:35 a.m.14 views

CVE-2026-46113

CVE-2026-46113 (Linux kernel KVM x86 shadow paging use-after-free) is a resolved vulnerability in the KVM shadow paging path. The issue arises when the shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index and guest page-table modifications between VM entries can c...

8.8CVSS5.7AI score0.00013EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:35 a.m.4 views

CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00013EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.26 views

CVE-2026-46113 KVM: x86: Fix shadow paging use-after-free due to unexpected GFN

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS0.00013EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.7 views

PT-2026-44254

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the KVM x86 component regarding slow flush hypercalls. The use of the is guest modevcpu function is incorrect because translate nested gpa is only valid when an L2 guest ...

9.8CVSS5.8AI score0.00254EPSS
Exploits12References281
Positive Technologies
Positive Technologiesadded 2026/05/28 12:0 a.m.8 views

PT-2026-44236

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the KVM x86 shadow paging mechanism. The shadow MMU calculates Guest Frame Numbers GFNs for direct shadow pages by adding the SPTE index to sp-gfn. This...

9.8CVSS5.9AI score0.00254EPSS
Exploits12References282
NVD
NVDadded 2026/05/27 2:17 p.m.7 views

CVE-2026-46017

In the Linux kernel, the following vulnerability has been resolved: mm: fix deferred split queue races during migration migratefoliomove records the deferred split queue state from src and replays it on dst. Replaying it after removemigrationptessrc, dst, 0 makes dst visible before it is requeued...

0.00024EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2026/05/26 6:6 a.m.8 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

5.5CVSS5.8AI score0.00011EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/20 11:40 p.m.5 views

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

5.5CVSS5.8AI score0.00011EPSS
Exploits0References5
Rows per page
Query Builder