CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/27 6:40 p.m.•12 views

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

5.5CVSS5.9AI score0.00022EPSS

OSV•added 2026/05/27 6:18 p.m.•6 views

JLSEC-2026-564 In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized...

In GnuPG before 2.5.17, a crafted CMS S/MIME EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that...

8.1CVSS6.6AI score0.00227EPSS

Exploits1References4

RedhatCVE•added 2026/05/27 5:27 p.m.•7 views

CVE-2026-46088

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...

5.5CVSS5.9AI score0.00032EPSS

RedhatCVE•added 2026/05/27 5:0 p.m.•7 views

CVE-2026-46097

A flaw was found in the Linux kernel's edt-ft5x06 input driver. This vulnerability, a use-after-free, arises during the debugfs teardown, allowing debugfs files to be accessed after an associated buffer has been released. This could enable a local attacker to cause system instability or potential...

5.8AI score0.00022EPSS

RedhatCVE•added 2026/05/27 5:0 p.m.•9 views

CVE-2026-46096

A flaw was found in the Linux kernel's tpm2-sessions component. The tpm2readpublic function fails to properly destroy a buffer on certain exit paths, leading to a page allocation leak. This resource exhaustion could allow a local attacker to cause a Denial of Service DoS...

6AI score0.00022EPSS

OSV•added 2026/05/27 4:46 p.m.•2 views

SUSE-SU-2026:21854-1 Security update for localsearch

This update for localsearch fixes the following issues: - CVE-2026-1764: Fixed a heap buffer overflow leads to denial of service or information disclosure when parsing MP3 files. bsc1257606 - CVE-2026-1765: Fixed a Denial of Service and potential information disclosure via crafted MP3 files...

5.9AI score

Exploits1References9

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32286

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

6AI score0.00022EPSS

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2026-32269

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

5.9AI score0.00013EPSS

Exploits0References9

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2026-32387

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: Fix memory leak in mtdparsertplinksafeloaderparse The function mtdparsertplinksafeloaderparse allocates buf via mtdparsertplinksafeloaderreadtable. If the allocation for partsidx.name fails inside the loop, the code...

5.9AI score0.00024EPSS

Exploits0References6

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32374

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memory for sg and internal sg table structures, but it fails to free them if subsequent operations sgalloctablefrompages or dmamapsgtable fail...

5.8AI score0.00022EPSS

EUVD•added 2026/05/27 3:33 p.m.•7 views

EUVD-2026-32350

In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid per-cpu hold underflow in aagetbuffer When aagetbuffer pulls from the per-cpu list it unconditionally decrements cache-hold. If hold reaches 0 while count is still non-zero, the unsigned decrement wraps to UINTMAX...

5.8AI score0.00023EPSS

Exploits0References5

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32355

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

5.8AI score0.00022EPSS

NVD•added 2026/05/27 3:16 p.m.•10 views

CVE-2026-44988

LibVNCClient is a library for easy implementation of a VNC client. In 0.9.15 and earlier, LibVNCClient's Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter, but it does not reject Tight rectangles whose width is larger than 2048 pixels. A malicious VNC serve...

8.8CVSS0.00042EPSS

OSV•added 2026/05/27 3:16 p.m.•6 views

UBUNTU-CVE-2026-44988

Cvelist•added 2026/05/27 2:26 p.m.•42 views

CVE-2026-44988 LibVNCClient Tight Gradient decoding allows malicious server-triggered heap/stack OOB writes

8.8CVSS0.00042EPSS

CVE•added 2026/05/27 2:26 p.m.•13 views

CVE-2026-44988

CVE-2026-44988 concerns LibVNCClient (0.9.15 and earlier) where the Tight encoding decoder uses fixed-size 2048-pixel scratch buffers for the Gradient filter and does not reject Wide Tight rectangles. A malicious VNC server can send a FramebufferUpdate rectangle encoded with Tight (NoZlib | Expli...

EUVD•added 2026/05/27 2:26 p.m.•7 views

EUVD-2026-32525

ATTACKERKB•added 2026/05/27 2:26 p.m.•8 views

CVE-2026-44988