CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 4 days ago•3 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. Version 3.10B20 of TRENDnet TEW-432BRP contains a security vulnerability. This vulnerability arises from the operation of the formPortFw function in the file/goform/formPortFw, where the parameter servername caus...

9CVSS7.7AI score0.00041EPSS

Exploits0References4

SUSE CVE•added 6 days ago•5 views

SUSE CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

RedhatCVE•added last week•3 views

CVE-2026-46192

A flaw was found in the Linux kernel's spi: microchip-core-qspi driver. This vulnerability allows the driver to transmit data during emulated read-only dual or quad operations, which are specific modes for communicating with Quad Serial Peripheral Interface QSPI devices. This unintended data...

NVD•added 2026/05/28 10:16 a.m.•3 views

Exploits0References4

CVE-2026-46192

0.00022EPSS

OSV•added 2026/05/28 10:16 a.m.•2 views

UBUNTU-CVE-2026-46192

5.7AI score0.00022EPSS

Exploits0References6

ATTACKERKB•added 2026/05/28 9:36 a.m.•3 views

CVE-2026-46192

Exploits0References4Affected Software1

EUVD•added 2026/05/28 9:36 a.m.•2 views

EUVD-2026-32819

CVE•added 2026/05/28 9:36 a.m.•9 views

CVE-2026-46192

The CVE-2026-46192 entry concerns the Linux kernel: spi: microchip-core-qspi, where transfers during emulated read-only dual/quad operations must not transmit data. The description states that the core handles reads by generating clock cycles itself, so transmitting garbage data at the driver lev...

Cvelist•added 2026/05/28 9:36 a.m.•19 views

CVE-2026-46192 spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations

0.00022EPSS

Debian CVE•added 2026/05/28 9:36 a.m.•4 views

CVE-2026-46192

5.7AI score0.00022EPSS

CNNVD•added 2026/05/28 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the spi microchip-core-qspi driver attempting to transmit junk data when simulating read-only...

Positive Technologies•added 2026/05/28 12:0 a.m.•4 views

PT-2026-44315

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Exploits0References4

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: core: Remove the lock of the OTG mode during gadget suspension/resumption to avoid deadlock. When the CONFIGUSBDWC3DUALROLE configuration is selected, and the system is triggered to enter suspension using the following...

5.5CVSS6.3AI score0.00017EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: mp: Fix for double-divider clock rate readback When support for double-divider clocks was introduced, the P-divider offset was left out of the .recalcrate readback function. This caused the clock rate to become...

5.5CVSS5.7AI score0.0002EPSS

Exploits0References2

Packet Storm News•added 2026/05/20 12:0 a.m.•5 views

VIPER-MCP: Detecting and Exploiting Taint-Style Vulnerabilities in Model Context Protocol Servers

Model Context Protocol MCP has emerged as a standard interface for connecting LLM agents to external tools. Because MCP servers expose privileged operations such as shell execution, network access, and file-system manipulation to agent-driven invocation, implementation flaws in tool handlers can...

6.4AI score

Packet Storm News•added 2026/05/20 12:0 a.m.•5 views

FuzzingBrain V2: A Multi-Agent LLM System for Automated Vulnerability Discovery and Reproduction

Software vulnerabilities pose critical security threats, with nearly 50,000 CVEs reported in 2025. While Large Language Models LLMs show promise for automated vulnerability detection, three key challenges remain. First, LLM-generated vulnerability reports suffer from high false positive rates and...

5.9AI score

Packet Storm News•added 2026/05/17 12:0 a.m.•7 views

LITE-SOC: Lightweight Security Operations Center Simulator for Cybersecurity Education

This innovative practice WIP paper describes LITE-SOC, a lightweight web-based Security Operations Center SOC simulator designed for instructor-led cybersecurity education. SOC analysts must triage large volumes of alerts, separate genuine threats from false positives, and communicate decisions...

5.8AI score

Packet Storm News•added 2026/05/13 12:0 a.m.•3 views

DCVD: Dual-Channel Cross-Modal Fusion for Joint Vulnerability Detection and Localization

Software vulnerability detection plays a critical role in ensuring system security, where real-world auditing requires not only determining whether a function is vulnerable but also pinpointing the specific lines responsible. However, existing approaches either rely on a single information source...

5.9AI score

Wallarm Lab•added 2026/05/12 4:54 p.m.•5 views

Extending Security to MCP Servers: Closing a Critical Gap

The Model Context Protocol MCP is a de facto standard for providing structured access to privileged systems for AI agents and external integrations. It acts as a USB-C port for AI, enabling faster innovation by allowing organizations to expose tools, resources, and workflows without the...

5.8AI score