CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00013EPSS

Exploits0References4

CVE-2026-46025

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

0.00022EPSS

CVE-2026-45998

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...

CVE-2026-45988

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix re-decryption of RESPONSE packets If a RESPONSE packet gets a temporary failure during processing, it may end up in a partially decrypted state - and then get requeued for a retry. Fix this by just discarding the packe...

9.8CVSS0.0006EPSS

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-45988

9.8CVSS5.7AI score0.0006EPSS

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-46010

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it should just return that rather than continuing on for anything else, it...

8.1CVSS5.7AI score0.00053EPSS

Cvelist•added 2026/05/27 12:58 p.m.•37 views

CVE-2026-46089 zram: do not forget to endio for partial discard requests

In the Linux kernel, the following vulnerability has been resolved: zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k /dev/zram0 takes literally forever to complete. zram doesn't support...

ATTACKERKB•added 2026/05/27 12:58 p.m.•10 views

CVE-2026-46083

In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...

Exploits0References6Affected Software1

Debian CVE•added 2026/05/27 12:58 p.m.•6 views

CVE-2026-46076

7.9CVSS5.7AI score0.00013EPSS

Exploits0

EUVD•added 2026/05/27 12:56 p.m.•6 views

EUVD-2026-32406

5.7AI score0.00022EPSS

Debian CVE•added 2026/05/27 12:56 p.m.•7 views

CVE-2026-46025

5.7AI score0.00022EPSS

Exploits0

Cvelist•added 2026/05/27 12:56 p.m.•33 views

CVE-2026-46025 mm/damon/core: fix damon_call() vs kdamond_fn() exit race

0.00022EPSS

CVE•added 2026/05/27 12:55 p.m.•8 views

CVE-2026-46000

The CVE-2026-46000 issue concerns the Linux kernel’s rxrpc conn-level packet handling. A security operation decrypts bits of a RESPONSE packet in place, but the sk_buff might be shared with a packet sniffer, causing the sniffer to observe a seemingly corrupt (actually decrypted) packet. The fix c...

Cvelist•added 2026/05/27 12:55 p.m.•31 views

CVE-2026-46000 rxrpc: Fix conn-level packet handling to unshare RESPONSE packets

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

EUVD•added 2026/05/27 12:55 p.m.•7 views

EUVD-2026-32294

Cvelist•added 2026/05/27 12:55 p.m.•29 views

CVE-2026-45998 rxrpc: Fix potential UAF after skb_unshare() failure

CVE•added 2026/05/27 12:55 p.m.•12 views

CVE-2026-45998

CVE-2026-45998 (Linux kernel, rxrpc): A UAF risk occurs when skb_unshare() fails to unshare a packet in rxrpc_input_packet(); the skb pointer in the parent rxrpc_io_thread() can be NULL’d, likely causing trace_rxrpc_rx_done() to oops. The fix moves the unsharing to where rxrpc_input_call_event() ...

CVE•added 2026/05/27 12:55 p.m.•10 views

CVE-2026-45988

The CVE-2026-45988 issue affects the Linux kernel rxrpc subsystem: a RESPONSE packet that experiences a temporary failure could end up partially decrypted and be retried, risking communication disruption or resource exhaustion. The published fix discards the problematic packet and triggers a new ...

9.8CVSS5.8AI score0.0006EPSS

Debian CVE•added 2026/05/27 12:18 p.m.•4 views

CVE-2026-45964

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix gssauth kref leak in gssallocmsg error path Commit 5940d1cf9f42 "SUNRPC: Rebalance a kref in authgss.c" added a krefget&gssauth-kref call to balance the gssputauth done in gssreleasemsg, but forgot to add a...

5.7AI score0.00032EPSS

Exploits0

Cvelist•added 2026/05/27 12:16 p.m.•30 views

CVE-2026-45887 af_unix: Fix memleak of newsk in unix_stream_connect().

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

0.00022EPSS