Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

39 matches found

SUSE CVE
SUSE CVEadded 2026/05/28 3:53 a.m.6 views

SUSE CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00014EPSS
Exploits0References3
NVD
NVDadded 2026/05/27 2:17 p.m.6 views

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS0.00014EPSS
Exploits0References2
OSV
OSVadded 2026/05/27 2:17 p.m.1 views

UBUNTU-CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00014EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/05/27 12:57 p.m.6 views

CVE-2026-46054

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS5.8AI score0.00014EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/05/27 12:57 p.m.9 views

CVE-2026-46054

CVE-2026-46054 affects the Linux kernel SELinux overlayfs access checks for mmap() and mprotect(). The issue arises from insufficient enforcement of backing-file access between the user file and backing file, potentially bypassing policies. A patch introduces security_mmap_backing_file() to enfor...

7.1CVSS5.8AI score0.00014EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/27 12:57 p.m.5 views

EUVD-2026-32436

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.8AI score0.00014EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/27 12:57 p.m.31 views

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

7.1CVSS0.00014EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2026/05/27 12:0 a.m.4 views

PT-2026-43921

In the Linux kernel, the following vulnerability has been resolved: selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to access the top level file the "user" file and the mounter's credentials ar...

5.8AI score0.00014EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2026/05/27 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46054

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: fix overlayfs mmap and mprotect access checks The existing SELinux security model for overlayfs is to allow access if the current task is able to acces...

7.1CVSS5.9AI score0.00014EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2026/04/24 10:9 p.m.1 views

CVE-2026-31654

A flaw was found in the Linux kernel. When a shared memory mapping is created for /dev/zero, a memory leak can occur if the virtual memory area VMA allocation fails. This happens because a newly allocated file, intended to back the mapping, is not properly released in the error path, leading to...

5.5CVSS5.3AI score0.00017EPSS
Exploits0References4
Microsoft CVE
Microsoft CVEadded 2026/02/25 9:3 a.m.3 views

Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

...

10CVSS5.9AI score0.00055EPSS
Exploits1
Vulnrichment
Vulnrichmentadded 2026/02/21 5:36 a.m.1 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.5AI score0.00055EPSS
Exploits1References7
Cvelist
Cvelistadded 2026/02/21 5:36 a.m.18 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS0.00055EPSS
Exploits1References7
OSV
OSVadded 2026/02/21 5:36 a.m.4 views

CVE-2026-27211 Cloud Hypervisor: Host File Exfiltration via QCOW Backing File Abuse

Cloud Hypervisor is a Virtual Machine Monitor for Cloud workloads. Versions 34.0 through 50.0 arevulnerable to arbitrary host file exfiltration constrained by process privileges when using virtio-block devices backed by raw images. A malicious guest can overwrite its disk header with a crafted...

9.1CVSS5.7AI score0.00055EPSS
Exploits1References9
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-2544

Malware in sbrugna...

5.6CVSS6.9AI score0.00088EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2024-40767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing...

6.5CVSS6.5AI score0.00835EPSS
Exploits1References2
RedHat Linux
RedHat Linuxadded 2024/08/08 7:27 a.m.4 views

openstack-nova: Regression VMDK/qcow arbitrary file access

An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...

6.5CVSS5.8AI score0.00835EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2024/08/07 4:12 p.m.0 views

openstack-nova: Regression VMDK/qcow arbitrary file access

An arbitrary file access flaw was found in Nova. By supplying a RAW format image, a specially crafted QCOW2 image with a backing file path, or a VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced file’s contents from the...

6.5CVSS5.8AI score0.00835EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2024/07/02 4:47 p.m.3 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00214EPSS
Exploits0References6
RedHat Linux
RedHat Linuxadded 2024/07/02 4:47 p.m.2 views

OpenStack: malicious qcow2/vmdk images

An input validation flaw was discovered in how multiple OpenStack services validate images with backing file references. An authenticated attacker could provide a malicious image via upload, or by creating and modifying an image from an existing volume. Validation of images can be triggered durin...

6.5CVSS6AI score0.00214EPSS
Exploits0References6
Rows per page
Query Builder