CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

336678 matches found

CVE-2026-46303

A flaw was found in the Linux kernel's isofs filesystem. This vulnerability allows a local attacker, by mounting a specially crafted ISO image, to read data beyond the boundaries of the intended ISO 9660 volume. This out-of-bounds read could lead to information disclosure, potentially exposing...

8.2CVSS5.8AI score0.00278EPSS

Exploits0References4

ATTACKERKB•added 2 days ago•3 views

CVE-2026-10658

A missing length validation in the Zephyr Bluetooth Host ISO receive path can be triggered by malformed HCI ISO data. In btisorecv subsys/bluetooth/host/iso.c, when processing PB=START/SINGLE fragments, the code pulls a TS SDU header 8 bytes, ts=1 or a non-TS SDU header 4 bytes, ts=0 without firs...

7.1CVSS5.9AI score0.0017EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•4 views

CVE-2026-10651

A malformed Bluetooth Classic SDP attribute can trigger a reachable assertion in Zephyr's SDP parser. In subsys/bluetooth/host/classic/sdp.c, btsdpparseattribute accepts an input buffer once it contains the 1-byte attribute type and 2-byte attribute id, but then unconditionally pulls an additiona...

7.1CVSS6AI score0.0017EPSS

Exploits0References2

CVE•added 2 days ago•11 views

CVE-2026-10651

The CVE-2026-10651 affects Zephyr’s Bluetooth Classic SDP parser (subsys/bluetooth/host/classic/sdp.c) where bt_sdp_parse_attribute() reads a 3-byte attribute (1-byte type, 2-byte id) but then unconditionally pulls an extra value type byte without verifying remaining length. A truncated 3-byte at...

7.1CVSS6AI score0.0017EPSS

Exploits0References1

NVD•added 2 days ago•6 views

CVE-2026-53923

vLLM is an inference and serving engine for large language models LLMs. From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels csrc/quantization/gguf/ggufkernel.cu causes partial tensor processing. The output tensor is allocated at full size via...

5.3CVSS0.00321EPSS

Exploits0References3

Cvelist•added 2 days ago•18 views

CVE-2026-53923 vLLM GGUF Kernels: int64_t to int truncation of tensor dimensions causes GPU buffer overflow

5.3CVSS0.00321EPSS

Exploits0References3

NVD•added 2 days ago•6 views

CVE-2026-44727

Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyterserver render user-authored notebook HTML under the Jupyter origin without a sandbox directive in their Content-Security-Policy. Combined with nbconvert.HTMLExporter's default...

9.3CVSS0.00239EPSS

Exploits0References2

Cvelist•added 2 days ago•17 views

CVE-2026-44727 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP

9.3CVSS0.00239EPSS

Exploits0References2

CVE•added 2 days ago•15 views

CVE-2026-44727

Jupyter Server (prior to 2.20) is affected by a stored XSS in the nbconvert HTML export path. The nbconvert HTTP handlers NbconvertFileHandler and NbconvertPostHandler render notebook HTML under the Jupyter origin without a sandbox directive in Content-Security-Policy, and NbconvertHTMLExporter’s...

9.3CVSS5.9AI score0.00239EPSS

Exploits0References2

RedhatCVE•added 2 days ago•5 views

CVE-2026-52911

A flaw was found in the ksmbd component of the Linux kernel. This vulnerability allows an attacker to gain unauthorized access to session information or resources by exploiting an improper scope in the session binding mechanism. This could potentially compromise the integrity or confidentiality o...

5.8AI score0.00176EPSS

Exploits0References4

RedhatCVE•added 2 days ago•8 views

CVE-2026-52909

A flaw was found in the Linux kernel, specifically within the IPv6 Virtual Tunnel Interface ip6vti component. This vulnerability occurs because a critical flag, netnsimmutable, is not properly set on a specific network device ip6vti0 when it is initialized. This oversight could allow the device t...

5.5CVSS5.8AI score0.00155EPSS

Exploits0References4

RedhatCVE•added 2 days ago•7 views

CVE-2026-52908

A flaw was found in the Linux kernel. This vulnerability occurs during the re-registration of a Remote Direct Memory Access RDMA memory region. If the memory's access permissions are changed from read-only to read-write, the system may fail to properly update and secure the underlying user memory...

7CVSS5.8AI score0.00168EPSS

Exploits0References4

RedhatCVE•added 2 days ago•7 views

CVE-2026-52910

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF reuseport mechanism. When a cBPF program is detached from a reuseport group, it is freed immediately without waiting for Read-Copy-Update RCU readers to complete. This can lead to a use-after-free condition, resulting in memory...

7CVSS5.8AI score0.00165EPSS

Exploits0References4