Lucene search
+L

1335 matches found

NVD
NVD
added 3 hours ago6 views

CVE-2026-64147

In the Linux kernel, the following vulnerability has been resolved: pdscore: fix debugfslookup dentry leak and error handling debugfslookup returns a dentry with an elevated reference count that must be released with dput. The current code discards the returned dentry without calling dput, causin...

Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 hours ago2 views

CVE-2026-64108

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix busy dentry used after unmounting Since commit 340cea84f691c "cifs: open files should not hold ref on superblock", cifs file only holds the dentry refcnt, the cifs file close workcfile-deferred could be executed after...

5.2AI score
Exploits0References7Affected Software1
CVE
CVE
added 4 hours ago4 views

CVE-2026-64044

In Linux kernel networking code related to the OpenVPN (ovpn) subsystem, CVE-2026-64044 fixes a race where ovpn_nl_peer_new_doit() released a peer directly via ovpn_peer_release() instead of using ovpn_peer_put(), bypassing the kref refcount mechanism. This allowed a concurrent caller holding a p...

5.3AI score
Exploits0References3
EUVD
EUVD
added 4 hours ago3 views

EUVD-2026-45617

In the Linux kernel, the following vulnerability has been resolved: ovpn: respect peer refcount in CMDNEWPEER error path ovpnnlpeernewdoit's error path calls ovpnpeerrelease directly rather than ovpnpeerput, bypassing the kref. The accompanying comment "peer was not yet hashed, thus it is not use...

5.3AI score
Exploits0References3
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-45752

In the Linux kernel, the following vulnerability has been resolved: net/handshake: hand off the pinned file reference to acceptdoit handshakereqnext removes the request from the per-net pending list and drops hnlock before handshakenlacceptdoit reads req-hrsk-sksocket and dereferences sock-file...

5.4AI score
Exploits0References2
CVE
CVE
added 5 hours ago3 views

CVE-2026-63946

CVE-2026-63946 describes a Linux kernel Bluetooth ISO UAF in iso_recv_frame. The bug occurs when iso_recv_frame reads conn->sk under iso_conn_lock but releases the lock before using sk, with no reference held, allowing a concurrent iso_sock_kill() to free sk and cause a use-after-free on sk-&g...

5.4AI score
Exploits0References6
CVE
CVE
added 5 hours ago5 views

CVE-2026-63918

CVE-2026-63918 affects the Linux kernel l2tp subsystem: l2tp_session_get_by_ifname previously returned a pointer to a session whose refcount could already be zero due to a race with l2tp_session_free()/kfree_rcu. The code used refcount_inc() in this getter, while other getters (l2tp_v2_session_ge...

5.3AI score
Exploits0References4
EUVD
EUVD
added 5 hours ago5 views

EUVD-2026-45691

In the Linux kernel, the following vulnerability has been resolved: l2tp: use refcountincnotzero in l2tpsessiongetbyifname A reader in l2tpsessiongetbyifname can return a pointer to a session whose refcount has reached zero. The getter takes its reference with plain refcountinc, but every other...

5.3AI score
Exploits0References4
CVE
CVE
added 7 hours ago6 views

CVE-2026-63827

The CVE-2026-63827 issue is a Linux kernel AppArmor use-after-free in the rawdata dedup loop within aa_replace_profiles. The root cause was a refcount handling change: aa_get_profile_loaddata() performed plain kref_get() on pcount, allowing a 0-refcount entry to be dereferenced. The fix introduce...

5.5AI score
Exploits0References6
EUVD
EUVD
added 7 hours ago6 views

EUVD-2026-45493

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix use-after-free in rawdata dedup loop aareplaceprofiles walks ns-rawdatalist to dedup the incoming policy blob against entries already attached to existing profiles. Per the kernel-doc on struct aaloaddata, list...

5.4AI score
Exploits0References6
Cvelist
Cvelist
added 7 hours ago5 views

CVE-2026-63823 keys: Pin request_key_auth payload in instantiate paths

In the Linux kernel, the following vulnerability has been resolved: keys: Pin requestkeyauth payload in instantiate paths A: requestkey B: KEYCTLINSTANTIATEIOV ================ ========================= create auth key store rka in auth key wait for helper get auth key load rka from auth key copy...

Exploits0References8
Cvelist
Cvelist
added 7 hours ago6 views

CVE-2026-63795 9p: avoid putting oldfid in p9_client_walk() error path

In the Linux kernel, the following vulnerability has been resolved: 9p: avoid putting oldfid in p9clientwalk error path When p9clientwalk is called with clone set to false, fid aliases oldfid. If the walk subsequently fails after the request has been sent, the error path jumps to clunkfid, which...

Exploits0References6
ATTACKERKB
ATTACKERKB
added 7 hours ago4 views

CVE-2026-63795

In the Linux kernel, the following vulnerability has been resolved: 9p: avoid putting oldfid in p9clientwalk error path When p9clientwalk is called with clone set to false, fid aliases oldfid. If the walk subsequently fails after the request has been sent, the error path jumps to clunkfid, which...

5.4AI score
Exploits0References7Affected Software1
CVE
CVE
added 9 hours ago8 views

CVE-2026-53378

Summary: CVE-2026-53378 affects the Linux kernel DRM colorop path. The issue is memory leaks in blob property handling during state lifecycle (duplication, destruction, reset) due to not releasing blob references and improper destruction of old state. What’s affected: drm/colorop code in the Linu...

5.4AI score
Exploits0References2
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-45451

In the Linux kernel, the following vulnerability has been resolved: drm/colorop: Fix blob property reference tracking in state lifecycle The colorop state blob property handling had memory leaks during state duplication, destruction, and reset operations. The implementation failed to follow the...

5.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 20 hours ago4 views

PT-2026-61296

In the Linux kernel, the following vulnerability has been resolved: net/handshake: hand off the pinned file reference to accept doit handshake req next removes the request from the per-net pending list and drops hn lock before handshake nl accept doit reads req-hr sk-sk socket and dereferences...

5.4AI score
Exploits0References3
NVD
NVD
added 2 days ago4 views

CVE-2026-49834

sigstore-go is a Go library for Sigstore signing and verification. Prior to 1.2.0, a verifier configured with WithTransparencyLogN1 or WithSignedCertificateTimestampsN1 counts verified witnesses per entry or per validation path rather than per log authority, allowing a single compromised...

5.9CVSS0.00169EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 3 days ago7 views

Oracle Linux 10 : glibc (ELSA-2026-500006)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-500006 advisory. - resolv: Check hostname for validity CVE-2026-4438 - resolv: Count records correctly CVE-2026-4437 Tenable has extracted the preceding description...

7.5CVSS5.1AI score0.00325EPSS
Exploits2References3
Snyk
Snyk
added 2026/07/09 11:20 p.m.7 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to improper validation in the threshold counting process. An attacker can bypass multi-log threshold requirements by compromising a single log and forging multiple entries or...

8.2CVSS6.1AI score0.00169EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/07/09 8:2 a.m.38 views

netfilter: synproxy: add mutex to guard hook reference counting

...

5.5CVSS6.1AI score0.00119EPSS
Exploits0
Rows per page
Query Builder