CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/28 9:36 a.m.•7 views

CVE-2026-46193

In the Linux kernel, the following vulnerability has been resolved: xfrm: ah: account for ESN high bits in async callbacks AH allocates its temporary auth/ICV layout differently when ESN is enabled: the async ahash setup appends a 4-byte seqhi slot before the ICV or authdata area, but the async...

Exploits0References6Affected Software1

ATTACKERKB•added 2026/05/28 9:36 a.m.•5 views

CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

Exploits0References4Affected Software1

EUVD•added 2026/05/28 9:36 a.m.•7 views

EUVD-2026-32819

CVE•added 2026/05/28 9:36 a.m.•14 views

Exploits0References3

CVE-2026-46192

CVE-2026-46192 concerns the Linux kernel spi: microchip-core-qspi driver, where transmitting garbage data during emulated read-only dual/quad operations could brick the QSPI transfer. The issue was resolved in the kernel, with reads handled by the core via clock cycles, removing the need to emit ...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/28 9:36 a.m.•27 views

CVE-2026-46192 spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations

0.00013EPSS

Exploits0References3

CVE•added 2026/05/28 9:36 a.m.•16 views

CVE-2026-46191

CVE-2026-46191 concerns the Linux kernel fbcon component: when console rotation fails during fbcon_rotate_font(), the font buffer may overflow due to an OOB access. The fix clears the font buffer if the reallocation during console rotation fails and ensures the rotated buffer does not overflow. D...

7.1CVSS6AI score0.00017EPSS

ATTACKERKB•added 2026/05/28 9:36 a.m.•5 views

CVE-2026-46191

In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbconrotatefont. The putcs implementations for the rotated buffer will return early in this case. S...

6AI score0.00017EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/05/28 9:36 a.m.•32 views

CVE-2026-46190 mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show()

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed to spinorprintflags using sizeofsnorfnames. Since snorfnames is an arr...

7.1CVSS0.00013EPSS

Cvelist•added 2026/05/28 9:36 a.m.•24 views

CVE-2026-46191 fbcon: Avoid OOB font access if console rotation fails

0.00017EPSS

ATTACKERKB•added 2026/05/28 9:36 a.m.•8 views

CVE-2026-46190

Exploits0References6Affected Software1

EUVD•added 2026/05/28 9:36 a.m.•7 views

EUVD-2026-32817

CVE•added 2026/05/28 9:36 a.m.•13 views

CVE-2026-46190

Summary (CVE-2026-46190) : A Linux kernel vulnerability in the MTD SPI-NOR debugfs code caused an out-of-bounds read in spi_nor_params_show() due to passing an array of pointers to spi_nor_print_flags() with sizeof(snor_f_names). Since sizeof on a pointer array yields bytes, not element count, th...

7.1CVSS5.8AI score0.00013EPSS

Debian CVE•added 2026/05/28 9:36 a.m.•8 views

CVE-2026-46189

In the Linux kernel, the following vulnerability has been resolved: RDMA/vmwpvrdma: Fix double free on pvrdmaallocucontext error path Sashiko points out that pvrdmauarfree is already called within pvrdmadeallocucontext, so calling it before triggers a double free...

7.8CVSS5.7AI score0.00013EPSS

Exploits0

CVE•added 2026/05/28 9:36 a.m.•15 views

CVE-2026-46189

CVE-2026-46189 affects the Linux kernel RDMA pvrdma component (pvrdma_alloc_ucontext). The issue is a double free: pvrdma_uar_free() is invoked in pvrdma_dealloc_ucontext() and is erroneously called before, creating a double free condition. Concrete fixes exist in OSV entries for multiple distrib...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References8Affected Software1

Cvelist•added 2026/05/28 9:36 a.m.•27 views

CVE-2026-46189 RDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path

0.00013EPSS

Exploits0References8

ATTACKERKB•added 2026/05/28 9:36 a.m.•5 views

CVE-2026-46189

Exploits0References9Affected Software1

EUVD•added 2026/05/28 9:36 a.m.•6 views

EUVD-2026-32816

ATTACKERKB•added 2026/05/28 9:36 a.m.•8 views

CVE-2026-46188

In the Linux kernel, the following vulnerability has been resolved: octeonepvf: add NULL check for napibuildskb napibuildskb can return NULL on allocation failure. In octepvfoqprocessrx, the result is used directly without a NULL check in both the single-buffer and multi-fragment paths, leading t...