CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 12:58 p.m.•36 views

CVE-2026-46072 ntfs3: add buffer boundary checks to run_unpack()

In the Linux kernel, the following vulnerability has been resolved: ntfs3: add buffer boundary checks to rununpack rununpack checks runbuf runlast at the top of the while loop but then reads sizesize and offsetsize bytes via rununpacks64 without verifying they fit within the remaining buffer. A...

0.00032EPSS

Exploits0References7

ATTACKERKB•added 2026/05/27 12:58 p.m.•5 views

CVE-2026-46072

Exploits0References8Affected Software1

CVE•added 2026/05/27 12:58 p.m.•14 views

CVE-2026-46072

CVE-2026-46072 affects the Linux kernel ntfs3 code path. The vulnerability arises in run_unpack(), where a loop checks run_buf

Debian CVE•added 2026/05/27 12:58 p.m.•8 views

Exploits0References7

CVE-2026-46072

EUVD•added 2026/05/27 12:57 p.m.•8 views

Exploits0

EUVD-2026-32450

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

5.9AI score0.00024EPSS

CVE•added 2026/05/27 12:57 p.m.•13 views

CVE-2026-46068

The CVE-2026-46068 entry documents a Linux kernel crypto issue in the nx subsystem (nx842_crypto_alloc_ctx/nx842_crypto_free_ctx). Root cause: bounce buffers allocated with __get_free_pages() using BOUNCE_BUFFER_ORDER (order 2, 4 pages) were freed with free_page() instead of matching free_pages()...

5.9AI score0.00024EPSS

Cvelist•added 2026/05/27 12:57 p.m.•38 views

CVE-2026-46068 crypto: nx - fix bounce buffer leaks in nx842_crypto_{alloc,free}_ctx

0.00024EPSS

Debian CVE•added 2026/05/27 12:57 p.m.•7 views

CVE-2026-46068

5.8AI score0.00024EPSS

Exploits0

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46066

In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...

5.8AI score0.00022EPSS

Exploits0References4Affected Software1

EUVD•added 2026/05/27 12:57 p.m.•9 views

EUVD-2026-32448

5.8AI score0.00022EPSS

Exploits0References3

SUSE CVE•added 2026/05/27 12:57 p.m.•8 views

SUSE CVE-2026-45840

In the Linux kernel, the following vulnerability has been resolved: openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... but serialize the full upcall PID array via ovsvportgetupcallportids...

5.9AI score0.00032EPSS

Exploits0References3

EUVD•added 2026/05/27 12:57 p.m.•6 views

EUVD-2026-32443

In the Linux kernel, the following vulnerability has been resolved: jbd2: fix deadlock in jbd2journalcancelrevoke Commit f76d4c28a46a "fs/jbd2: use sleeping version of findgetblock" changed jbd2journalcancelrevoke to use findgetblocknonatomic which holds the folio lock instead of iprivatelock. Th...

5.7AI score0.00023EPSS

CVE•added 2026/05/27 12:57 p.m.•10 views

CVE-2026-46061

The CVE-2026-46061 entry is about the Linux kernel jbd2 deadlock in jbd2_journal_cancel_revoke. The root cause is a change to use __find_get_block_nonatomic() which holds the folio lock instead of i_private_lock, breaking lock ordering (folio -> buffer) and enabling ABBA deadlocks when filesys...

5.7AI score0.00023EPSS

Cvelist•added 2026/05/27 12:57 p.m.•36 views

CVE-2026-46061 jbd2: fix deadlock in jbd2_journal_cancel_revoke()

0.00023EPSS

SUSE CVE•added 2026/05/27 12:57 p.m.•8 views

SUSE CVE-2026-49014

In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversized geometry...

7.4CVSS6.7AI score0.00014EPSS

Exploits0References3

EUVD•added 2026/05/27 12:56 p.m.•8 views

EUVD-2026-32422

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: fix sleep in atomic context in hdlctxframes hdlcappend calls usleeprange to wait for circular buffer space, but it is called with txproducerlock a spinlock held via hdlctxframes -...

5.9AI score0.00023EPSS

CVE•added 2026/05/27 12:56 p.m.•14 views

CVE-2026-46041

CVE-2026-46041 concerns the Linux kernel patch for greybus gb-beagleplay where sleeping in atomic context was fixed. The vulnerability arose because hdlc_append() invoked usleep_range() while holding tx_producer_lock in hdlc_tx_frames(), violating the rule against sleeping under a spinlock and ri...

5.9AI score0.00023EPSS

EUVD•added 2026/05/27 12:56 p.m.•10 views

EUVD-2026-32400

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmelaesbuffcleanup atmelaesbuffinit allocates 4 pages using getfreepages with ATMELAESBUFFERORDER, but atmelaesbuffcleanup frees only the first page using freepage, leaking the...