CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

SUSE CVE•added 2026/04/20 11:26 p.m.•2 views

SUSE CVE-2026-31430

In the Linux kernel, the following vulnerability has been resolved: X.509: Fix out-of-bounds access when parsing extensions Leo reports an out-of-bounds access when parsing a certificate with empty Basic Constraints or Key Usage extension because the first byte of the extension is read before...

5.6AI score0.00013EPSS

Exploits0References3

NVD•added 2026/04/20 10:16 a.m.•0 views

CVE-2026-31430

7.1CVSS0.00013EPSS

Exploits0References5

Cvelist•added 2026/04/20 9:43 a.m.•27 views

CVE-2026-31430 X.509: Fix out-of-bounds access when parsing extensions

0.00013EPSS

Exploits0References5

Positive Technologies•added 2026/04/20 12:0 a.m.•0 views

PT-2026-33747

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs when parsing X.509 certificates containing empty Basic Constraints or Key Usage extensions. This happens because the first byte of the extension is read...

7.1CVSS5.2AI score0.00013EPSS

Exploits0References16

RedhatCVE•added 2026/04/13 5:35 p.m.•1 views

CVE-2026-40097

A flaw was found in Step CA, an online certificate authority. A remote attacker can trigger a Denial of Service DoS by sending a specially crafted attestation key AK certificate with an empty Extended Key Usage EKU extension during Trusted Platform Module TPM device attestation. This causes an...

3.7CVSS5.7AI score0.00052EPSS

Exploits0References2

NVD•added 2026/04/10 5:17 p.m.•4 views

CVE-2026-40097

Step CA is an online certificate authority for secure, automated certificate management for DevOps. From 0.24.0 to before 0.30.0-rc3, an attacker can trigger an index out-of-bounds panic in Step CA by sending a crafted attestation key AK certificate with an empty Extended Key Usage EKU extension...

3.7CVSS0.00052EPSS

Exploits0References4