CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2 days ago•5 views

SUSE CVE-2026-53292

In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...

5.8AI score0.00155EPSS

SUSE CVE•added 2 days ago•5 views

SUSE CVE-2026-53297

In the Linux kernel, the following vulnerability has been resolved: net: mana: Guard manaremove against double invocation If PM resume fails e.g., manaattach returns an error, manaprobe calls manaremove, which tears down the device and sets gd-gdmacontext = NULL and gd-driverdata = NULL. However,...

CVE•added 4 days ago•6 views

CVE-2026-53302

The CVE concerns the Linux kernel’s crypto/eip93 path. Specifically, eip93_hmac_setkey() creates a temporary ahash transform using a driver name (e.g., sha256-eip93) but passes CRYPTO_ALG_ASYNC as the mask, which excludes async algorithms. Since EIP93 hash algorithms are inherently async, the loo...

5.9AI score0.00166EPSS

EUVD•added 4 days ago•5 views

EUVD-2026-39837

In the Linux kernel, the following vulnerability has been resolved: crypto: eip93 - fix hmac setkey algo selection eip93hmacsetkey allocates a temporary ahash transform for computing HMAC ipad/opad key material. The allocation uses the driver-specific cradrivername e.g. "sha256-eip93" but passes...

5.9AI score0.00166EPSS

EUVD•added 4 days ago•5 views

EUVD-2026-39902

CVE•added 4 days ago•8 views

CVE-2026-53297

The CVE-2026-53297 issue in the Linux kernel relates to the mana driver path (net: mana) where mana_remove() could be invoked twice: first during mana_probe() teardown and a second time if a resumed PM callback subsequently fails, leading to a NULL dereference when gc == NULL and a kernel panic. ...

RedhatCVE•added 4 days ago•9 views

CVE-2026-53024

A flaw was found in the Linux kernel's Greybus raw subsystem. A local user could trigger a use-after-free vulnerability by attempting to write to a character device chardev after it has been disconnected. This can lead to a kernel panic, resulting in a Denial of Service DoS for the system...

7.8CVSS5.7AI score0.00129EPSS

RedhatCVE•added 4 days ago•10 views

CVE-2026-53025

A flaw was found in the Linux kernel's Greybus raw subsystem. A local user application could trigger a use-after-free vulnerability by disconnecting a Greybus raw bundle while its associated character device was still open. When the application subsequently attempts to release the character devic...

7.8CVSS5.8AI score0.00129EPSS

RedhatCVE•added 4 days ago•7 views

CVE-2026-53242

A flaw was found in the Advanced Linux Sound Architecture ALSA Pulse-Code Modulation PCM component of the Linux kernel. This vulnerability involves a corruption of wait queue lists within the sndpcmdrain function when processing linked streams. An attacker could exploit this issue to trigger a...

7.8CVSS5.8AI score0.00138EPSS

Positive Technologies•added 4 days ago•6 views

PT-2026-52941

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the eip93 hmac setkey function where it incorrectly uses the CRYPTO ALG ASYNC mask when allocating a temporary ahash transform. Because EIP93 hash algorithms are...

RedhatCVE•added 5 days ago•6 views

Exploits0References5

CVE-2026-53039

A flaw was found in the OCFS2 Oracle Cluster File System 2 component of the Linux kernel. A local user could exploit an input validation vulnerability in the OCFS2IOCGROUPADD ioctl. This flaw allows an attacker to trigger a kernel panic, resulting in a denial of service DoS for the affected syste...

5.8AI score0.00176EPSS

RedhatCVE•added 5 days ago•4 views

CVE-2026-53105

A flaw was found in the Linux kernel's Wi-Fi subsystem, specifically within the mt76: mt7925 driver. This vulnerability occurs due to a missing check for a NULL 'vif' Virtual Interface before it is accessed. An attacker could potentially trigger a kernel panic by exploiting scenarios where the...

5.5CVSS5.8AI score0.00168EPSS

OSV•added 5 days ago•2 views

UBUNTU-CVE-2026-53144

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix NULL dereference in getqueueids When usrqueueidarray is NULL and numqueues is non-zero, getqueueids returns NULL. The callers check only ISERR on the return value; since ISERRNULL == false the check passes, and...

6.8CVSS5.8AI score0.00168EPSS

Exploits0References8

EUVD•added 5 days ago•4 views

EUVD-2026-39193

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

5.8AI score0.00138EPSS

Exploits0References7

EUVD•added 5 days ago•3 views

EUVD-2026-39235

5.7AI score0.00168EPSS

Exploits0References5

CVE•added 5 days ago•6 views

CVE-2026-53144

The CVE-2026-53144 issue affects the Linux kernel drm/amdkfd path. If usr_queue_id_array is NULL and num_queues is non-zero, get_queue_ids() can return NULL, and callers that only check IS_ERR() miss this, allowing suspend_queues() to call q_array_invalidate() and dereference NULL during iteratio...

5.7AI score0.00168EPSS

Exploits0References5

Tenable Nessus•added 5 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-53024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - greybus: raw: fix use-after-free if write is called after disconnect If a user writes to the chardev after disconnect has been called, the kernel panics with th...

7.8CVSS5.7AI score0.00129EPSS