Lucene search
+L

408984 matches found

OSV
OSV
added 2026/05/28 9:40 a.m.3 views

CVE-2026-46201 drm/xe: Fix dma-buf attachment leak in xe_gem_prime_import()

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach before returning the error. Note: we cannot use goto outerr here becaus...

7.8CVSS6.5AI score0.00138EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/28 9:36 a.m.39 views

CVE-2026-46172 ipv6: xfrm6: release dst on error in xfrm6_rcv_encap()

In the Linux kernel, the following vulnerability has been resolved: ipv6: xfrm6: release dst on error in xfrm6rcvencap xfrm6rcvencap performs an IPv6 route lookup when the skb does not already have a dst attached. ip6routeinputlookup returns a referenced dst entry even when the lookup resolves to...

0.00128EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:36 a.m.28 views

CVE-2026-46172

** CWE-XXXX**: CVE-2026-46172 affects the Linux kernel IPv6 xfrm6 path. The issue occurs in xfrm6_rcv_encap() during an IPv6 route lookup when a dst is not yet attached; ip6_route_input_lookup() can return a dst with an error, and if dst->error is set, the skb is dropped without attaching/rele...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.38 views

CVE-2026-46118 pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle()

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 "papr-hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE", changed the create handle to FDPREPARE, but it caused kernel null-ptr-deref...

0.00121EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 9:35 a.m.3 views

CVE-2026-46118 pseries/papr-hvpipe: Fix null ptr deref in papr_hvpipe_dev_create_handle()

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 "papr-hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE", changed the create handle to FDPREPARE, but it caused kernel null-ptr-deref...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References6
CVE
CVE
added 2026/05/28 9:35 a.m.49 views

CVE-2026-46115

In the Linux kernel block subsystem, CVE-2026-46115 was addressed by adding a check so that zone_device_pages_have_same_pgmap() prevents merging bvec segments that span different dev_pagemaps in biovec_phys_mergeable. Root cause: biovec_phys_mergeable() did not verify that two physically contiguo...

9.8CVSS5.7AI score0.00491EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/05/28 9:35 a.m.21 views

CVE-2026-46105

CVE-2026-46105 affects the Linux kernel mpt3sas SCSI driver. The driver allocates a fixed 4K PRP list buffer, which caps the maximum NVMe I/O transfer size at 2 MiB. The HBA firmware reports NVMe MDTS, but the mismatch with the 2 MiB limit can lead to oversized I/O requests and potentially a kern...

7.8CVSS5.9AI score0.00127EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/28 5:0 a.m.10 views

CVE-2026-9673

Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can inject formulas into CSV files, which execute when the files are opened in spreadsheet applications...

7CVSS5.9AI score0.00166EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/28 5:0 a.m.42 views

CVE-2026-9673

Versions of the package json-2-csv from 3.15.0 and before 5.5.11 are vulnerable to CSV Injection via the preventCsvInjection option which can be bypassed. An attacker can inject formulas into CSV files, which execute when the files are opened in spreadsheet applications...

7CVSS0.00166EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.13 views

SUSE CVE-2026-45848

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

5.5CVSS5.7AI score0.0016EPSS
Exploits0References9
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.13 views

SUSE CVE-2026-45854

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - unregister only available algorithm EIP93 has an options register. This register indicates which crypto algorithms are implemented in silicon. Supported algorithms are registered on this basis...

5.8AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:57 a.m.15 views

SUSE CVE-2026-45859

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: do shared-unconfirmed check before segmentation Ulrich reports a regression with nfqueue: If an application did not set the 'FGSO' capability flag and a gso packet with an unconfirmed nfconn entry is...

5.8AI score0.00595EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32330

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...

5.8AI score0.00156EPSS
Exploits0References8
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-46085

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARNONONCE so that it can't be remotely trigger...

7.5CVSS0.00441EPSS
Exploits0References5
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-45969

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for inputffcreatememless The psgamepadcreate function calls inputffcreatememless without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects ar...

5.5CVSS0.00123EPSS
Exploits0References7
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45924

In the Linux kernel, the following vulnerability has been resolved: ksmbd: call ksmbdvfskernpathendremoving on some error paths There are two places where ksmbdvfskernpathendremoving needs to be called in order to balance what the corresponding successful call to ksmbdvfskernpathstartremoving has...

5.5CVSS0.0012EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.21 views

UBUNTU-CVE-2026-46004

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: Handle probe errors properly The probe procedure of setupcard in caiaq driver doesn't treat the error cases gracefully, e.g. the error from sndcardregister calls sndcardfree but continues. This would lead to a UAF fo...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-46008

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the damonctx-kdamond so that API callers and API functions themselves can show t...

4.7CVSS5.7AI score0.00079EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 2:16 p.m.8 views

UBUNTU-CVE-2026-45864

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent infinite loops caused by the next valid being the same When processing valid within the range valid : pos, if valid cannot be retrieved correctly, for example, if the retrieved valid value is always the same, th...

7.1CVSS5.7AI score0.00156EPSS
Exploits0References11
CVE
CVE
added 2026/05/27 12:56 p.m.27 views

CVE-2026-46025

CVE-2026-46025 relates to a kernel race between damon_call()/damos_walk() and kdamond termination that could leak memory or deadlock. The connected openSUSE advisory confirms openSUSE Tumbleweed users should upgrade to kernel-devel-7.0.11-1.1 (and mentions the CVE in their 2026-10954 advisory). T...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder