Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2026/04/21 1:22 a.m.1 views

CVE-2026-29648

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation control...

8.8CVSS5.8AI score0.00048EPSS
Exploits0References1
EUVD
EUVDadded 2026/04/20 9:31 p.m.1 views

EUVD-2026-23962

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation control...

5.8AI score0.00048EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/20 9:31 p.m.1 views

EUVD-2026-23944

NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg7:4 CBIE/CBCFE/CBZE-related fields is incorrectly masked/updated based on menvcfg7:4, so a machine-mode write to menvcfg can implicitly modify the hypervisor's environment configuration. This can lead to...

5.7AI score0.00026EPSS
Exploits0References5
CVE
CVEadded 2026/04/20 12:0 a.m.3 views

CVE-2026-29649

The CVE concerns NEMU’s RISC-V Hypervisor CSR handling. Specifically, henvcfg[7:4] (CBIE/CBCFE/CBZE fields) is incorrectly masked/updated by menvcfg[7:4], so a machine-mode write to menvcfg can implicitly modify the hypervisor environment configuration. This can cause incorrect enforcement of vir...

9.8CVSS5.7AI score0.00026EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/04/20 12:0 a.m.0 views

CVE-2026-29648

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation control...

5.8AI score0.00048EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/20 12:0 a.m.4 views

NEMU 安全漏洞

NEMU is an open-source teaching system simulator developed by XiangShan. NEMU has a security vulnerability. This vulnerability arises when Smstateen is enabled, and the clearing of mstateen0.ENVCFG fails to properly restrict access to henvcfg and senvcfg. This may allow low-privilege code to bypa...

8.8CVSS5.9AI score0.00048EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/20 12:0 a.m.2 views

CVE-2026-29648

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG does not correctly restrict access to henvcfg and senvcfg. As a result, less-privileged code may read or write these CSRs without the required exception, potentially bypassing intended state-enable based isolation control...

5.8AI score0.00048EPSS
Exploits0References4
CVE
CVEadded 2026/04/20 12:0 a.m.2 views

CVE-2026-29648

In OpenXiangShan NEMU, when Smstateen is enabled, clearing mstateen0.ENVCFG fails to restrict access to henvcfg and senvcfg. This allows less-privileged code to read or write these CSRs without the required exception, potentially bypassing state-enable based isolation in virtualized or multi-priv...

8.8CVSS5.8AI score0.00048EPSS
Exploits0References3
Rows per page
Query Builder