CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

205 matches found

SUSE CVE-2026-46131

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

5.8AI score0.00018EPSS

Exploits0References2

RedhatCVE•added last week•5 views

CVE-2026-46131

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine x86 virtualization module. An incorrect check for nested EPT/NPT Nested Extended Page Tables/Nested Nested Page Tables in slow flush hypercalls could lead to improper handling of L2 guests. This vulnerability arises because t...

5.5CVSS5.8AI score0.00018EPSS

Exploits0References4

NVD•added last week•3 views

CVE-2026-46131

0.00018EPSS

Exploits0References5

OSV•added last week•1 views

UBUNTU-CVE-2026-46131

5.7AI score0.00018EPSS

Exploits0References8

CVE•added last week•10 views

CVE-2026-46131

The CVE-2026-46131 entry concerns the Linux kernel KVM/x86 hypervisor path. It states a vulnerability in the slow flush hypercalls where the is_guest_mode(vcpu) check is incorrect; translate_nested_gpa() is only valid if an L2 guest is running with nested EPT/NPT enabled. The fix uses the same co...

5.8AI score0.00018EPSS

Exploits0References5

Debian CVE•added last week•3 views

CVE-2026-46131

5.7AI score0.00018EPSS

Exploits0

Cvelist•added last week•22 views

CVE-2026-46131 KVM: x86: check for nEPT/nNPT in slow flush hypercalls

0.00018EPSS

Exploits0References5

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-43943

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nested svm l2 tlb flush enabled is true, and the hypercall is somethi...

5.8AI score0.00013EPSS

Exploits0References5

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: KVM: x86: Reject Hyper-V’s SENDIPI hypercalls if the local APIC is not part of the kernel. Advertise support for Hyper-V’s SENDIPI and SENDIPIEX hypercalls only if the local API is emulated/virtualized by KVM. Explicitly rejec...

5.5CVSS6.5AI score0.00019EPSS

Exploits0References2

RedhatCVE•added 2026/03/25 12:17 p.m.•0 views

CVE-2026-31788

A flaw was found in the Linux kernel's Xen privcmd driver. This vulnerability allows a root user process within an unprivileged guest domU to issue arbitrary hypercalls. Such an action could enable the process to modify the kernel's memory, thereby undermining the secure boot feature designed to...

6.7CVSS5.8AI score0.00019EPSS

Exploits0References4

NVD•added 2026/03/25 11:16 a.m.•1 views

CVE-2026-31788

In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: restrict usage in unprivileged domU The Xen privcmd driver allows to issue arbitrary hypercalls from user space processes. This is normally no problem, as access is usually limited to root and the hypervisor will den...

8.2CVSS0.00019EPSS

Exploits0References14

OSV•added 2026/03/25 11:16 a.m.•2 views

UBUNTU-CVE-2026-31788

8.2CVSS5.8AI score0.00019EPSS

Exploits0References10

CNNVD•added 2026/02/18 12:0 a.m.•3 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from hypercalls disrupting the register state, potentially leading to page faults...

5.5CVSS6AI score0.00017EPSS

Exploits0References3

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-21779)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21779 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Reject Hyper-V's SENDIPI...

5.5CVSS6AI score0.00019EPSS

Exploits0References2

Tenable Nessus•added 2025/11/09 12:0 a.m.•2 views

Fedora 42 : xen (2025-ec271ef07b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-ec271ef07b advisory. Incorrect removal of permissions on PCI device unplug XSA-476, CVE-2025-58149 ---- x86: Incorrect input sanitisation in Viridian hypercalls XSA-475,...

7.5CVSS5.9AI score0.00057EPSS

Exploits0References4

RedhatCVE•added 2025/11/07 7:58 p.m.•1 views

CVE-2025-58147

A flaw was found in Xen. Hypercalls using the HVVPSET Sparse format can cause vpmaskset to write out of bounds when converting the bitmap to Xen's format. A buggy or malicious guest can cause Denial of Service DoS affecting the entire host, information leaks, or elevation of privilege...

7.5CVSS6.1AI score0.00031EPSS

Exploits0References2

EUVD•added 2025/10/31 12:30 p.m.•2 views

EUVD-2025-37344

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause...

7.5CVSS6.4AI score0.00031EPSS

Exploits0References2

OSV•added 2025/10/31 12:15 p.m.•1 views

ALPINE-CVE-2025-58148

7.5CVSS7AI score0.00031EPSS

Exploits0References1

NVD•added 2025/10/31 12:15 p.m.•1 views

CVE-2025-58148

7.5CVSS0.00031EPSS

Exploits0References3

NVD•added 2025/10/31 12:15 p.m.•1 views

CVE-2025-58147