CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/06 7:40 a.m.•4 views

CVE-2026-43101

The CVE-2026-43101 entry refers to a Linux kernel IPv6 IOAM issue: __ioam6_fill_trace_data() could dereference NULL if __in6_dev_get() returns NULL. The fix replaces skb_dst_dev() with skb_dst_dev_rcu() and adds two missing READ_ONCE() checks; it also enforces that @dev cannot be NULL. Patches ar...

7.5CVSS5.7AI score0.00058EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/06 7:40 a.m.•24 views

CVE-2026-43101 ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()

7.5CVSS0.00058EPSS

ATTACKERKB•added 2026/05/06 7:40 a.m.•2 views

CVE-2026-43101

5.7AI score0.00058EPSS

Exploits0References4Affected Software1

SUSE CVE•added 2026/05/06 1:43 a.m.•3 views

SUSE CVE-2026-31759

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix double free in ulpiregisterinterface error path When deviceregister fails, ulpiregister calls putdevice on ulpi-dev. The device release callback ulpidevrelease drops the OF node reference and frees ulpi, but the...

7.8CVSS5.7AI score0.00015EPSS

Exploits0References4

SUSE CVE•added 2026/05/06 1:41 a.m.•2 views

SUSE CVE-2026-43018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...

8.8CVSS5.7AI score0.00032EPSS

CNNVD•added 2026/05/06 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from skipping the dev-iotlb refresh for inaccessible PCIe devices in non-extensible mode, potentially...

5.5CVSS5.8AI score0.00013EPSS

Tenable Nessus•added 2026/05/06 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-43183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: cx25821: Fix a resource leak in cx25821devsetup Add releasememregion if ioremap fails to release the memory region obtained by cx25821getresources...

5.5CVSS5.8AI score0.00013EPSS

CNNVD•added 2026/05/06 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the icmpbuildprobe function. In this function, ipv6stub-ipv6devfind may return ERRPTR, leading to...

7.5CVSS5.8AI score0.00081EPSS

SUSE CVE•added 2026/05/05 1:46 a.m.•1 views

SUSE CVE-2026-31740

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rzmtu3channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter drive...

5.5CVSS5.8AI score0.00015EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

CVE-2026-7611

A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...

8.1CVSS5AI score0.00034EPSS

Exploits1References1

Vulnrichment•added 2026/05/04 2:45 a.m.•2 views

CVE-2026-7724 PrefectHQ prefect Webhook/Notification validate_restricted_url toctou

A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validaterestrictedurl of the component Webhook/Notification. The manipulation leads to time-of-check time-of-use. It is possible to initiate the attack remotely. The attack is...

5CVSS5.1AI score0.00026EPSS

Exploits0References9

OSSF Malicious Packages•added 2026/05/04 1:43 a.m.•5 views

Malicious code in temhe-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3c9e5d48f36a9f7f2fd80c126d14811be70cc210a382e9edc85d3bc1c4c62968 The package temhe-dev was found to contain malicious code. Source: ghsa-malware 117ca92e4f6c30bab5d2538e054b527cadbd72387d055860a3baf428e279c116 Any...

5.8AI score

OSV•added 2026/05/04 1:43 a.m.•1 views

MAL-2026-3283 Malicious code in temhe-dev (npm)

5.8AI score

Snyk•added 2026/05/04 1:43 a.m.•0 views

Malicious Package

Overview temhe-dev is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem is that lan9303 is...

4.7CVSS7.7AI score0.00008EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•10 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: Fix NULL pointer dereferencing Commit 71f642833284 “ACPI: utils: Fix reference counting in foreachacpidevmatch” began handling the situation where “acpidevput” was called on a pointer that might be NULL. This approach fails...

5.5CVSS6AI score0.00015EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.15

rpmsgvirtioaddctrldev in drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel before 5.18.4 has a double free...

5.5CVSS7.2AI score0.00059EPSS