CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•1 views

CVE-2026-6883

GitLab has remediated an issue in GitLab EE affecting all versions from 15.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to bypass merge request approval requirements due to improper cleanup of orphaned policy records...

4.3CVSS5.5AI score0.00012EPSS

RedhatCVE•added yesterday•3 views

CVE-2026-42186

OpenBao is an open source identity-based secrets management system. Prior to 2.5.3, when OpenBao's initial namespace deletion fails, subsequent retries fail to properly remove all data before marking the namespace as deleted. This can affect any outstanding leases as well as potentially leaving...

7.5CVSS5.4AI score0.00036EPSS

RedhatCVE•added yesterday•1 views

CVE-2026-45212

Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through = 1.4.0.3...

5.3CVSS5.5AI score0.00052EPSS

RedhatCVE•added yesterday•4 views

CVE-2026-0427

Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...

4.6CVSS5.5AI score0.00017EPSS

RedhatCVE•added yesterday•2 views

CVE-2026-43888

Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a full filesystem path through trimFileAndExt, a filename helper that calls path.basename on its input when truncating. When a zip entry's...

8.7CVSS5.5AI score0.00053EPSS

OSV•added 2 days ago•4 views

RLSA-2026:21557 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...

7.5CVSS7.1AI score0.00117EPSS

Exploits0References19

SUSE CVE•added 2 days ago•5 views

SUSE CVE-2026-46264

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devmaddactionorreset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e0: i...

Tenable Nessus•added 2 days ago•6 views

Exploits0References3

Linux Distros Unpatched Vulnerability : CVE-2026-46264

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devmaddactionorreset failure the provided...

8.8CVSS5.3AI score0.00013EPSS

RedhatCVE•added 3 days ago•4 views

CVE-2026-46264

A flaw was found in the Linux kernel's drm/xe/pf component. This vulnerability arises during the initialization of the sysfs interface, where an error in devmaddactionorreset can cause a cleanup action to execute on an uninitialized kernel object. This can lead to a use-after-free condition, whic...

8.8CVSS5.9AI score0.00013EPSS

Exploits0References4

NVD•added 3 days ago•7 views

CVE-2026-46264

8.8CVSS0.00013EPSS

EUVD•added 3 days ago•5 views

EUVD-2026-34126

ATTACKERKB•added 3 days ago•3 views

CVE-2026-46264

Exploits0References3Affected Software1

CVE•added 3 days ago•5 views

CVE-2026-46264

CVE-2026-46264 addresses a Linux kernel flaw in drm/xe/pf where an error in devm_add_action_or_reset() can cause a cleanup action to run on an uninitialized kobject during sysfs initialization. This use-after-free and kobject_put() on an uninitialized object is mitigated by ensuring proper initia...

8.8CVSS5.8AI score0.00013EPSS

Cvelist•added 3 days ago•33 views

CVE-2026-46264 drm/xe/pf: Fix sysfs initialization

8.8CVSS0.00013EPSS

Tenable Nessus•added 3 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2025-71308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However,...

5.8AI score0.00024EPSS

Tenable Nessus•added 3 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - EDAC/versalnet: Fix devicenode leak in mcprobe ofparsephandle returns a devicenode reference that must be released with ofnodeput. The original code never freed...

5.9AI score0.00022EPSS

Tenable Nessus•added 3 days ago•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-46013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt...

5.8AI score0.00024EPSS

Tenable Nessus•added 3 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-46036

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its valu...

7.8CVSS5.8AI score0.00013EPSS

Positive Technologies•added 3 days ago•5 views

PT-2026-46027

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm add action or reset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e...