CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1034941 matches found

ATTACKERKB•added 2026/05/27 3:44 p.m.•5 views

CVE-2026-44324

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/ueId/servingPlmnId/ee-subscriptions/subsId/amf-subscriptions handler panics on a single authenticated request against a fresh UDR instance when the supplied ueId does n...

6.5CVSS6AI score0.00067EPSS

Exploits1References5Affected Software1

ATTACKERKB•added 2026/05/27 3:35 p.m.•6 views

CVE-2026-44318

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's BSF PUT /nbsf-management/v1/subscriptions/subId handler has an unsynchronized write on the global Subscriptions map. The handler first reads the map under RLock via BSFContext.GetSubscriptionsubId, but if t...

6.5CVSS5.9AI score0.00041EPSS

Exploits1References5Affected Software1

NVD•added 2026/05/27 3:16 p.m.•11 views

CVE-2026-42184

Tauri is a framework for building binaries for all major desktop platforms. From 2.0 to 2.11.0, a flaw in Tauri's islocalurl function causes it to incorrectly classify remote URLs as trusted local origins on Windows and Android. On these systems, Tauri maps custom URI scheme protocols to...

8.8CVSS0.00041EPSS

Exploits1References1

RedHat Linux•added 2026/05/27 2:42 p.m.•9 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

9.8CVSS6.8AI score0.0008EPSS

Exploits8References15

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-46035

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even when the lock is already held. As a result, allocfrozenpagesnolock calle...

0.00022EPSS

Exploits0References3

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-45990

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

0.00022EPSS

Exploits0References3

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-45967

In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non-zero offsets in insn array The mapdirectvalueaddr function of the instruction array map incorrectly adds offset to the resulting address. This is a bug, because later the resolvepseudoldimm64...

0.00024EPSS

Exploits0References2

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-45956

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...

7.8CVSS0.00013EPSS

Exploits0References7

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-45983

In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request compound arg decoding, some ops e.g. SETATTR can trigger idmap lookup upcalls. When those upcall responses get delayed beyond the allowed time limit, cachecheck wil...

5.7AI score0.00032EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-45967

5.7AI score0.00024EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-45905

In the Linux kernel, the following vulnerability has been resolved: xfrm: fix iprtbug race in icmproutelookup reverse path icmproutelookup performs multiple route lookups to find a suitable route for sending ICMP error messages, with special handling for XFRM IPsec policies. The lookup sequence i...

5.7AI score0.00032EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-45896

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtdinteldg.c:750:15 index 0 is o...

5.7AI score0.00022EPSS

Exploits0References3

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-45871

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

0.00032EPSS

Exploits0References8

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-46079

In the Linux kernel, the following vulnerability has been resolved: rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after deviceadd succeeds, the error path calls rbdfreedisk directly and then later...

5.7AI score0.00032EPSS

Exploits0References3

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46055

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...

7.1CVSS5.8AI score0.00015EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:58 p.m.•39 views

CVE-2026-46089 zram: do not forget to endio for partial discard requests

In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k /dev/zram0 takes literally forever to complete. zram doesn't support...

0.00024EPSS

Exploits0References5

Cvelist•added 2026/05/27 12:58 p.m.•36 views

CVE-2026-46081 crypto: acomp - fix wrong pointer stored by acomp_save_req()

In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - fix wrong pointer stored by acompsavereq acompsavereq stores &req-chain in req-base.data. When acompreqchaindone is invoked on asynchronous completion, it receives &req-chain as the data argument but casts it...

7.8CVSS0.00015EPSS

Exploits0References3

Debian CVE•added 2026/05/27 12:58 p.m.•7 views

CVE-2026-46081

7.8CVSS5.7AI score0.00015EPSS

Exploits0

Debian CVE•added 2026/05/27 12:57 p.m.•8 views

CVE-2026-46059

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

5.7AI score0.00022EPSS

Exploits0

SUSE CVE•added 2026/05/27 12:57 p.m.•15 views

SUSE CVE-2026-48961

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

7.3CVSS5.8AI score0.00048EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by