CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

312 matches found

CVE-2026-42577

Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections that receive a RST after being half-closed, leading to stale channels that are never cleaned up and, in some code paths, a 100...

7.5CVSS6.9AI score0.00051EPSS

Exploits0References1

OSV•added 6 days ago•4 views

ROOT-APP-MAVEN-CVE-2026-42577 CVE-2026-42577 in io.root.io.netty:netty-transport-native-epoll - Patched by Root

Root has patched CVE-2026-42577 in the io.root.io.netty:netty-transport-native-epoll package for Root:Maven. Multiple fixed versions available...

7.5CVSS5.8AI score0.00051EPSS

Exploits0

CVE•added 2026/05/30 12:13 p.m.•56 views

CVE-2026-46242

Summary (CVE-2026-46242) : The Linux kernel contains a fix for a UAF in eventpoll related to ep_remove. The bug arose when ep_remove_file() cleared file->f_ep under file->f_lock but continued using @file inside the critical section, allowing a concurrent path to reach freed memory via f_op-...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2026/05/30 12:13 p.m.•8 views

EUVD-2026-33459

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

5.8AI score0.00013EPSS

Exploits0References3

Positive Technologies•added 2026/05/30 12:0 a.m.•8 views

PT-2026-45095

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A Use-After-Free UAF issue exists in the eventpoll component. The ep remove function via ep remove file clears file-f ep under file-f lock but continues to use the file variable within t...

9.8CVSS5.8AI score0.00254EPSS

Exploits8References285

RedhatCVE•added 2026/05/28 8:50 p.m.•8 views

CVE-2026-46015

A flaw was found in the Linux kernel's TCP networking subsystem. When an established network connection is migrated between listener sockets within the same SOREUSEPORT group, applications waiting for new connections may not be properly notified. This can cause poll, epollwait, and blocking accep...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References4

EUVD•added 2026/05/27 12:56 p.m.•8 views

EUVD-2026-32396

In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...

5.8AI score0.00013EPSS

Exploits0References5

Tenable Nessus•added 2026/05/27 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46015

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References4

CNNVD•added 2026/05/27 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the tcp listener to call skdataready after migration, potentially causing poll/epo...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References5

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fixed semi-unbounded recursion. It must be ensured that epoll instances never form a graph with more than EPMAXNESTS + 1 links. Currently, eploopcheckproc ensures that the graph is free of loops and performs some...

5.5CVSS6.7AI score0.00034EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Binder: Signals for epoll threads that handle self-work tasks In epoll mode, threads often rely on I/O events to determine when data is ready for consumption. Within binder, a thread may initiate a command via BINDERWRITEREAD...

5.5CVSS6.1AI score0.00013EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: Fixed an infinite busy loop after the timeout period has expired. After the commit 0a65bc27bd64 “eventpoll: Sets the epoll timeout if it’s in the future”, the following program would immediately enter an infinite bu...

5.5CVSS5.2AI score0.00074EPSS

Exploits0References2

Tenable Nessus•added 2026/05/14 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-42577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP...

7.5CVSS7AI score0.00051EPSS

Exploits0References3