CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Added missing error handling inside the getcanonicaldevpath function. Inside the getcanonicaldevpath function, we call dpath to obtain the final device path. However, dpath may return an error. In such cases, the next call...

5.5CVSS6.2AI score0.00073EPSS

SUSE CVE•added 2026/04/24 1:34 a.m.•1 views

SUSE CVE-2026-6862

A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4 bytes, which is the minimum size for an EFI Extensible Firmware Interface device path node header. A local user could exploit this...

EUVD•added 2026/04/22 3:31 p.m.•1 views

EUVD-2026-24957

NVD•added 2026/04/22 2:17 p.m.•4 views

CVE-2026-6862

5.5CVSS0.00019EPSS

UbuntuCve•added 2026/04/22 2:17 p.m.•4 views

CVE-2026-6862

OSV•added 2026/04/22 2:17 p.m.•3 views

Exploits0References1

UBUNTU-CVE-2026-6862

5.5CVSS5.3AI score0.00019EPSS

ATTACKERKB•added 2026/04/22 1:45 p.m.•1 views

CVE-2026-6862

CVE•added 2026/04/22 1:45 p.m.•4 views

CVE-2026-6862

CVE-2026-6862: A flaw in libefiboot (part of efivar) affects the device path node parser, which does not validate that each node’s Length is at least 4 bytes (EFI node header minimum). A crafted device path node could trigger infinite recursion, stack exhaustion, and a DoS via a process crash. Do...

Exploits0References2Affected Software1

Cvelist•added 2026/04/22 1:45 p.m.•25 views

CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing

5.5CVSS0.00019EPSS

Debian CVE•added 2026/04/22 1:45 p.m.•2 views

CVE-2026-6862

5.5CVSS5.3AI score0.00019EPSS

Exploits0

Vulnrichment•added 2026/04/22 1:45 p.m.•2 views

CVE-2026-6862 Efivar: efivar: denial of service due to stack overflow in device path node parsing

RedhatCVE•added 2026/04/22 1:45 p.m.•2 views

CVE-2026-6862

5.5CVSS5.9AI score0.00019EPSS

Tenable Nessus•added 2026/04/22 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-6862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's Length field is at least 4...

5.5CVSS5.8AI score0.00019EPSS

CNNVD•added 2026/04/22 12:0 a.m.•3 views

Red Hat Enterprise Linux 10 安全漏洞

Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. There is a security vulnerability in Red Hat Enterprise Linux 10. This vulnerability stems from the fact that the device path node resolver does not verify that the Length field ...

5.5CVSS5.8AI score0.00019EPSS

Exploits0References1

Positive Technologies•added 2026/04/22 12:0 a.m.•0 views

PT-2026-34450

NVD•added 2026/01/12 11:15 p.m.•2 views

CVE-2026-22213

RIOT OS versions up to and including 2026.01-devel-317 contain a stack-based buffer overflow vulnerability in the tapslip6 utility. The vulnerability is caused by unsafe string concatenation in the devopen function, which constructs a device path using unbounded user-controlled input. The utility...

9.8CVSS0.00067EPSS

Exploits1References4

NVD•added 2026/01/12 11:15 p.m.•1 views

CVE-2026-22212

TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy and strcat functions when constructing device paths during automatic device discovery. A local attacker can exploit this by...

4.8CVSS0.00029EPSS