CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 2026/02/14 3:9 p.m.•1 views

CVE-2026-23120

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

5.5CVSS5.2AI score0.00114EPSS

Exploits0

Cvelist•added 2026/02/14 3:9 p.m.•24 views

CVE-2026-23120 l2tp: avoid one data-race in l2tp_tunnel_del_work()

0.00114EPSS

Exploits0References7

OSV•added 2026/02/14 3:9 p.m.•3 views

CVE-2026-23120 l2tp: avoid one data-race in l2tp_tunnel_del_work()

5.5CVSS5.2AI score0.00114EPSS

Exploits0References10

Metasploit•added 2026/02/13 6:59 p.m.•435 views

FreeBSD rtsold/rtsol DNSSL Command Injection

This module exploits a command injection vulnerability CVE-2025-14558 in FreeBSD's rtsol8 and rtsold8 programs. These programs do not validate the domain search list options provided in IPv6 Router Advertisement messages; the option body is passed to resolvconf8 unmodified. resolvconf8 is a shell...

7.2CVSS5.5AI score0.06272EPSS

Exploits7

RedhatCVE•added 2026/02/04 7:27 p.m.•3 views

CVE-2026-0620

When configured as L2TP/IPSec VPN server, Archer AXE75 V1 may accept connections using L2TP without IPSec protection, even when IPSec is enabled. This allows VPN sessions without encryption, exposing data in transit and compromising confidentiality...

Cvelist•added 2026/02/04 4:7 p.m.•28 views

Exploits0References1

CVE-2026-23072 l2tp: Fix memleak in l2tp_udp_encap_recv().

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

0.00121EPSS

NVD•added 2026/02/03 7:16 p.m.•7 views

CVE-2026-0620

6CVSS0.00247EPSS

Cvelist•added 2026/02/03 6:5 p.m.•25 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

6CVSS0.00247EPSS

ATTACKERKB•added 2026/02/03 6:5 p.m.•2 views

CVE-2026-0620

EUVD•added 2026/02/03 6:5 p.m.•5 views

EUVD-2026-5210

Vulnrichment•added 2026/02/03 6:5 p.m.•3 views

CVE-2026-0620 L2TP over IPSec Encryption Failure on ArcherAXE75

CNNVD•added 2026/02/03 12:0 a.m.•4 views

TP-LINK Archer AXE75 安全漏洞

The TP-LINK Archer AXE75 is a wireless router produced by TP-LINK Corporation. The TP-Link Archer AXE75 V1 has a security vulnerability. This vulnerability arises when it is configured as a L2TP/IPSec VPN server. Even if IPSec is enabled, it may still accept L2TP connections that are not protecte...

6CVSS5.8AI score0.00247EPSS

Positive Technologies•added 2026/02/03 12:0 a.m.•3 views

PT-2026-6013

6CVSS5.4AI score0.00247EPSS

Tenable Nessus•added 2026/01/16 12:0 a.m.•2 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001479 advisory. u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility ...

6.5CVSS6.3AI score0.00343EPSS

OSV•added 2026/01/15 9:16 p.m.•1 views

CVE-2026-21911

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon l2cpd of Juniper Networks Junos OS Evolved allows an unauthenticated network-adjacent attacker flapping the management interface to cause the learning of new MACs over label-switched interfaces LSI to stop while...

6.5CVSS5.8AI score

Exploits0References2

Vulnrichment•added 2026/01/15 8:23 p.m.•3 views

CVE-2026-21911 Junos OS Evolved: Flapping management interface causes MAC learning on label-switched interfaces to stop

7.1CVSS6.4AI score0.00225EPSS

Exploits0References2

EUVD•added 2026/01/15 8:23 p.m.•8 views

EUVD-2026-2699

7.1CVSS6.3AI score0.00225EPSS