Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

302522 matches found

CVE
CVEadded 2026/05/28 9:36 a.m.8 views

CVE-2026-46151

The CVE-2026-46151 issue affects the Linux kernel usb: usblp driver. A vulnerable path in usblp_ctrl_msg() discards the actual bytes transferred, enabling a short GET_DEVICE_ID transfer to be misinterpreted. The cache_device_id_string() reads a 2-byte big-endian length from the response and trust...

5.8AI score0.00032EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/28 9:36 a.m.7 views

EUVD-2026-32776

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

5.7AI score0.00013EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/28 9:36 a.m.26 views

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS0.00013EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:36 a.m.7 views

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

7.1CVSS5.7AI score0.00013EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2026/05/28 9:36 a.m.11 views

CVE-2026-46149

Summary: CVE-2026-46149 affects the Linux kernel SCSI target subsystem, specifically the configfs path in tg_pt_gp_members_show(). The function formats LUN paths with snprintf() into a 256-byte stack buffer and then copies cur_len bytes via memcpy(), but snprintf() may return a length that exceed...

7.1CVSS5.7AI score0.00013EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/28 9:35 a.m.9 views

CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

5.7AI score0.00023EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.26 views

CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

0.00023EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/28 9:35 a.m.8 views

EUVD-2026-32767

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

5.8AI score0.00023EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/28 9:35 a.m.6 views

EUVD-2026-32763

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...

5.8AI score0.00032EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/28 9:35 a.m.7 views

EUVD-2026-32887

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00032EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.25 views

CVE-2026-46128 ipmi: Check event message buffer response for bad data

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

0.00032EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:35 a.m.5 views

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00032EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2026/05/28 9:35 a.m.12 views

CVE-2026-46128

The CVE covers a Linux kernel IPMI issue where event message buffer data size was only validated later in processing instead of immediately after the response. Some BMCs may return an empty message rather than signaling an error when fetching events. The available connected documents indicate thi...

5.8AI score0.00032EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/28 9:35 a.m.6 views

CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.8AI score0.00032EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/28 9:35 a.m.7 views

CVE-2026-46123

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

7.7CVSS5.9AI score0.00016EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/28 9:35 a.m.26 views

CVE-2026-46123 Bluetooth: virtio_bt: clamp rx length before skb_put

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

7.7CVSS0.00016EPSS
Exploits0References7
EUVD
EUVDadded 2026/05/28 9:35 a.m.12 views

EUVD-2026-32882

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

5.9AI score0.00016EPSS
Exploits0References5
OSV
OSVadded 2026/05/28 8:59 a.m.6 views

OSEC-2026-09 Albatross-console memory exhaustion

Albatross-console doesn't properly terminate when looping over the ringbuffer. This leads to denial of service and memory exhaustion. Scenario A user that has access to albatross-console either via the unix domain socket requires root:albatross by default or via albatross-tls-endpoint requires a...

7.1CVSS5.9AI score
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/05/28 8:47 a.m.19 views

kernel: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

6.1AI score0.00064EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/05/28 8:12 a.m.8 views

CVE-2026-8834

IBM HTTP Server 8.5, and 9.0 contains a buffer overflow vulnerability. A privileged user, authenticated to the Administration Server, could exploit this vulnerability to execute remote code or cause a denial of service...

8CVSS6.4AI score0.00007EPSS
Exploits0References1
Rows per page
Query Builder