CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/08 3:16 p.m.•5 views

CVE-2026-43399

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix reference leak in amdgpuuserqwaitioctl Drop reference to syncobj and timeline fence when aborting the ioctl due output array being too small. cherry picked from commit 68951e9c3e6bb22396bc42ef2359751c8315dd2...

5.5CVSS0.00013EPSS

OSV•added 2026/05/08 3:16 p.m.•2 views

UBUNTU-CVE-2026-43435

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix oneway spam detection The spam detection logic in TreeRange was executed before the current request was inserted into the tree. So the new request was not being factored in the spam calculation. Fix this by moving...

5.5CVSS5.7AI score0.00013EPSS

Exploits0References6

OSV•added 2026/05/08 3:16 p.m.•4 views

UBUNTU-CVE-2026-43399

5.5CVSS5.7AI score0.00013EPSS

Exploits0References6

OSV•added 2026/05/08 3:16 p.m.•1 views

UBUNTU-CVE-2026-43442

In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is used without IORINGSETUPNOSQARRAY, the boundary check for 128-byte SQE operations in ioinitreq validated the logical SQ head position...

7.1CVSS5.9AI score0.00015EPSS

Exploits0References5

UbuntuCve•added 2026/05/08 3:16 p.m.•3 views

CVE-2026-43399

CVE•added 2026/05/08 2:22 p.m.•6 views

Exploits0References5

CVE-2026-43442

The CVE-2026-43442 issue affects the Linux kernel io_uring subsystem: when IORING_SETUP_SQE_MIXED is used without IORING_SETUP_NO_SQARRAY, a flawed 128-byte SQE bounds check validates the logical SQ head instead of the physical SQE index. This can let an unprivileged local user remap a logical po...

7.1CVSS5.9AI score0.00015EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/08 2:22 p.m.•3 views

CVE-2026-43435

5.7AI score0.00013EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/08 2:22 p.m.•7 views

CVE-2026-43435

CVE-2026-43435 relates to the Linux kernel rust_binder component where the oneway spam-detection logic in TreeRange (and missing logic in ArrayRange) could allow large spamming transactions to go undetected. The fix moves the spam-check after the new range is inserted and adds an equivalent low_o...

5.5CVSS5.7AI score0.00013EPSS

Cvelist•added 2026/05/08 2:22 p.m.•24 views

CVE-2026-43433 rust_binder: avoid reading the written value in offsets array

7.8CVSS0.00012EPSS

ATTACKERKB•added 2026/05/08 2:22 p.m.•3 views

CVE-2026-43433

5.7AI score0.00012EPSS

Exploits0References4Affected Software1

Debian CVE•added 2026/05/08 2:22 p.m.•3 views

CVE-2026-43433

7.8CVSS5.7AI score0.00012EPSS

Exploits0

CVE•added 2026/05/08 2:22 p.m.•6 views

CVE-2026-43433

The CVE-2026-43433 entry refers to a Linux kernel issue in the rust_binder component: a TOCTOU opportunity where a local process that can write to its own VMA could alter the offsets array before it is read back during a transaction, potentially enabling privilege escalation to the sender. The fi...

7.8CVSS5.7AI score0.00012EPSS

CVE•added 2026/05/08 2:21 p.m.•6 views

CVE-2026-43399

CVE-2026-43399 affects the Linux kernel amdgpu driver: a reference leak in amdgpu_userq_wait_ioctl occurs when an ioctl is aborted because the output array is too small. The fix drops references to syncobj and timeline fence during abort, and is cherry-picked from commit 68951e9c3e6bb22396bc42ef2...

CVE•added 2026/05/08 1:11 p.m.•11 views

CVE-2026-43309

The CVE-2026-43309 issue affects the Linux kernel’s md raid and device-mapper (dm-raid) components. When stopping a RAID array managed by dm-raid, the system could hang because md_stop() attempted to flush the write-intent bitmap to metadata sub-devices that were already suspended. The fix preven...

Positive Technologies•added 2026/05/08 12:0 a.m.•7 views

PT-2026-39103

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io uring component where the boundary check for 128-byte Submission Queue Entry SQE operations in the io init req function validates the logical SQ head position...

7.1CVSS5.9AI score0.00015EPSS

Exploits0References5

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: nftsetpipapo: fix stack out-of-bounds read in pipapodrop pipapodrop passes rulemapi + 1.n to pipapounmap as the tooffset argument on every iteration,...

7.1CVSS5.7AI score0.00013EPSS

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-39094

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Time-of-Check to Time-of-Use TOCTOU issue exists in the rust binder component. When a transaction is sent, the offsets array is copied into the target process's virtual memory area VMA...

7.8CVSS5.8AI score0.00012EPSS

Exploits0References6

Positive Technologies•added 2026/05/08 12:0 a.m.•6 views

PT-2026-39114

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10 through 6.19 Description A stack out-of-bounds read exists in the nftables pipapo set backend within the pipapo drop function. The issue occurs because the function passes rulemapi + 1.n to pipapo unmap as the to...

7.1CVSS5.8AI score0.00013EPSS

Exploits0References21

CNNVD•added 2026/05/08 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that when the dm-raid module is used to stop an RAID array, the metadata devices become...