CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 5 days ago•34 views

CVE-2026-45683 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

3.8CVSS0.00012EPSS

Vulnrichment•added 5 days ago•7 views

CVE-2026-45683 OpenTelemetry eBPF Instrumentation: Java TLS ioctl kprobe allows kernel memory disclosure

EUVD•added 5 days ago•8 views

EUVD-2026-33956

ATTACKERKB•added 5 days ago•6 views

CVE-2026-45683

Exploits1References3Affected Software1

CVE•added 5 days ago•10 views

CVE-2026-45683

OpenTelemetry eBPF Instrumentation (Java TLS ioctl) is affected prior to version 0.9.0. The vulnerability stems from the probe reading user-supplied ioctl pointers with bpf_probe_read instead of bpf_probe_read_user, enabling a local attacker to cause the kernel memory pointed to by user space to ...

Exploits1References2Affected Software1

SUSE CVE•added 2026/05/31 1:32 a.m.•15 views

SUSE CVE-2026-46242

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix epremove struct eventpoll / struct file UAF epremove via epremovefile cleared file-fep under file-flock but then kept using @file inside the critical section isfileepoll, hlistdelrcu through the head, spinunlock. A...

5.5CVSS5.8AI score0.00013EPSS

Cvelist•added 2026/05/30 12:13 p.m.•37 views

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF

7.8CVSS0.00013EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-46229

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED...

5.8AI score0.00024EPSS

RedhatCVE•added 2026/05/28 9:12 p.m.•11 views

CVE-2026-46122

A flaw was found in the Linux kernel's b43 Wi-Fi driver. A remote attacker could exploit this vulnerability by providing a specially crafted firmware key index that exceeds the allocated array size in the b43rx function. This out-of-bounds read could lead to information disclosure, potentially...

5.8AI score0.00032EPSS

RedhatCVE•added 2026/05/28 9:8 p.m.•6 views

CVE-2026-46232

A flaw was found in the Linux kernel's Human Interface Device HID PlayStation driver. A malicious device could provide an excessively large number of touch reports, leading to an out-of-bounds read in the dualshock4parsereport function. This could allow an attacker to read up to 2 KiB of kernel...

8.1CVSS5.7AI score0.00021EPSS

RedhatCVE•added 2026/05/28 8:21 p.m.•9 views

CVE-2026-46114

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access subsystem, specifically within the rxe driver. A remote attacker could exploit this vulnerability by sending a specially crafted ATOMICWRITE request with a zero-byte payload. This improper handling of non-8-byte ATOMICWRITE...

7.5CVSS5.8AI score0.00057EPSS

RedhatCVE•added 2026/05/28 6:11 p.m.•8 views

CVE-2026-46155

A flaw was found in the Linux kernel's Server Message Block SMB client. A remote attacker, acting as a malicious SMB server, could send a specially crafted, truncated response with an oversized buffer length. This could lead to an out-of-bounds read in the smb2compoundop function, allowing the...

9.1CVSS5.9AI score0.0006EPSS

RedhatCVE•added 2026/05/28 5:34 p.m.•6 views

CVE-2026-46159

A flaw was found in the btrfs filesystem within the Linux kernel. A Time-of-check to time-of-use TOCTOU race condition in the btrfsioctlspaceinfo function allows a local attacker to exploit a timing window. This occurs when the system counts entries for allocation size and then fills a buffer, bu...

5.5CVSS5.8AI score0.00024EPSS

RedhatCVE•added 2026/05/28 5:15 p.m.•7 views

CVE-2026-46182

A flaw was found in the Linux kernel, specifically within the pseries/papr-hvpipe module. This vulnerability could allow a local user to gain access to uninitialized kernel stack memory. The issue arises because certain padding bytes in a data structure are not cleared before being sent to...

5.5CVSS5.8AI score0.00022EPSS

OSV•added 2026/05/28 10:16 a.m.•2 views

UBUNTU-CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References8

OSV•added 2026/05/28 10:16 a.m.•2 views

UBUNTU-CVE-2026-46233

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadvblapurgeclaims goes through the list of claims, it is only traversing the hash list with an rcureadlock. Due to a potential parallel batadvclaimput, it can happen that it...

5.7AI score0.00032EPSS

Exploits0References8

Cvelist•added 2026/05/28 9:36 a.m.•23 views

CVE-2026-46182 pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved paddi...

0.00022EPSS