CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4119 matches found

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-46037

In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: validate reply type before using icmppointers Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range covered by icmppointers, which only describes the traditional ICMP...

8.2CVSS5.6AI score0.0007EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 12:56 p.m.•4 views

CVE-2026-46037

8.2CVSS5.7AI score0.0007EPSS

Exploits0References8Affected Software1

CVE•added 2026/05/27 12:56 p.m.•16 views

CVE-2026-46037

The CVE-2026-46037 issue affects the Linux kernel IPv4 ICMP component. Extended echo replies could use ICMP_EXT_ECHOREPLY outside the icmp_pointers[] range; the fix avoids icmp_pointers[] lookups for out-of-range types and uses array_index_nospec() for in-range lookups. Multiple OS feeds report p...

8.2CVSS5.7AI score0.0007EPSS

Exploits0References7

OSV•added 2026/05/27 9:20 a.m.•2 views

ECHO-516B-9033-DC39

Bulletin has no description...

5.1CVSS5.7AI score0.00025EPSS

Exploits0References1

OSV•added 2026/05/27 9:15 a.m.•2 views

ECHO-B6FA-1BCF-5451 Serialized SSL context tampering is documented behavior; callers must protect serialized data. https://security-tracker.debian.org/tracker/CVE-2026-34877

Bulletin has no description...

9.8CVSS5.7AI score0.00231EPSS

Exploits0References1

OSV•added 2026/05/27 9:15 a.m.•2 views

ECHO-D2FF-7E29-2B4B

Bulletin has no description...

9.8CVSS5.7AI score0.0006EPSS

Exploits0References1

OSV•added 2026/05/27 9:11 a.m.•2 views

ECHO-2B14-D1FE-8A7A

Bulletin has no description...

7.5CVSS5.7AI score0.00021EPSS

Exploits0References1

OSV•added 2026/05/27 1:34 a.m.•4 views

ECHO-3A6D-E839-9D06

Bulletin has no description...

5.7AI score0.00032EPSS

Exploits0References1

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipv4: icmp: validate reply type before using icmppointers Extended echo replies use ICMPEXTECHOREPLY as the outbound reply type. That value is outside the range...

8.2CVSS5.5AI score0.0007EPSS

Exploits0References4

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-43904

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the IPv4 ICMP implementation where the system fails to validate the reply type before accessing the icmp...

9.8CVSS6AI score0.00254EPSS

Exploits12References283

OSV•added 2026/05/26 10:9 p.m.•2 views

ECHO-8127-8787-DF33

Bulletin has no description...

6.5CVSS5.7AI score0.00069EPSS

Exploits0References1

OSV•added 2026/05/26 10:9 p.m.•3 views

ECHO-E406-9590-08F0

Bulletin has no description...

9.8CVSS5.7AI score0.01022EPSS

Exploits0References1