CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/06/11 11:46 a.m.•4 views

kernel: net: openvswitch: Avoid releasing netdev before teardown completes

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdevdestroy...

7.8CVSS5.4AI score0.00129EPSS

RedHat Linux•added 2026/06/11 11:46 a.m.•5 views

kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...

9.1CVSS5.4AI score0.00514EPSS

RedHat Linux•added 2026/06/11 11:39 a.m.•6 views

kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service

A flaw was found in the Linux kernel's bonding driver. A local attacker with low privileges could exploit a use-after-free vulnerability in the bondxmitbroadcast function. This occurs due to a race condition during concurrent slave enslave/release operations, which can lead to the original socket...

7.8CVSS5.6AI score0.00117EPSS

7.8CVSS5.5AI score0.00116EPSS

kernel: net: mana: fix use-after-free in add_adev() error path

A flaw was found in the Linux kernel's mana network driver. An issue in the error handling of the addadev function can lead to a use-after-free vulnerability. This occurs when memory is released prematurely but then accessed again, which could allow a local attacker to cause a system crash denial...

9.8CVSS6.2AI score0.00542EPSS

kernel: dlm: validate length in dlm_search_rsb_tree

A flaw was found in the Linux kernel's Distributed Lock Manager dlm module. An attacker could send specially crafted network messages with an oversized length parameter to the dlmdumprsbname function. This lack of validation can lead to an out-of-bounds write in the dlmsearchrsbtree function,...

7.8CVSS5.4AI score0.00117EPSS

kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count()

RedHat Linux•added 2026/06/11 11:39 a.m.•6 views

kernel: net: openvswitch: Avoid releasing netdev before teardown completes

7.8CVSS5.4AI score0.00129EPSS

7.8CVSS5.4AI score0.00136EPSS

kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()

A flaw was found in the Linux kernel's RDMA/mlx4 component. This vulnerability arises from the incorrect use of Read-Copy Update RCU in the mlx4srqevent function. An attacker could potentially trigger an event before the srq object is fully initialized, leading to a system crash. This could resul...

Cvelist•added 2026/06/11 11:30 a.m.•24 views

CVE-2026-11956 TwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attribute

A vulnerability was determined in TwiN gatus 5.36.0. Impacted is the function setSessionCookie of the file security/oidc.go of the component OIDC Session Cookie Handler. Executing a manipulation can lead to sensitive cookie without secure attribute. The attack can be launched remotely. This attac...

6.3CVSS0.00278EPSS

Vulnrichment•added 2026/06/11 11:30 a.m.•7 views

CVE-2026-11956 TwiN gatus OIDC Session Cookie oidc.go setSessionCookie missing secure attribute

6.3CVSS5AI score0.00278EPSS

EUVD•added 2026/06/11 11:30 a.m.•7 views

EUVD-2026-36236

6.3CVSS4.9AI score0.00278EPSS

CVE•added 2026/06/11 11:30 a.m.•16 views

CVE-2026-11956

CVE-2026-11956 affects TwiN gatus 5.36.0, specifically the OIDC Session Cookie Handler (setSessionCookie). The issue is a missing Secure attribute on the session cookie, enabling potential exposure of sensitive cookie data via remote manipulation. The description indicates high attack complexity ...

6.3CVSS4.9AI score0.00278EPSS