CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD-2026-32451

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...

5.7AI score0.00168EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•7 views

CVE-2026-46069

5.7AI score0.00168EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/27 12:57 p.m.•13 views

CVE-2026-46068

The CVE-2026-46068 entry documents a Linux kernel crypto issue in the nx subsystem (nx842_crypto_alloc_ctx/nx842_crypto_free_ctx). Root cause: bounce buffers allocated with __get_free_pages() using BOUNCE_BUFFER_ORDER (order 2, 4 pages) were freed with free_page() instead of matching free_pages()...

5.9AI score0.00168EPSS

EUVD-2026-32450

In the Linux kernel, the following vulnerability has been resolved: crypto: nx - fix bounce buffer leaks in nx842cryptoalloc,freectx The bounce buffers are allocated with getfreepages using BOUNCEBUFFERORDER order 2 = 4 pages, but both the allocation error path and nx842cryptofreectx release the...

5.9AI score0.00168EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46068

5.9AI score0.00168EPSS

Exploits0References6Affected Software1

Cvelist•added 2026/05/27 12:57 p.m.•35 views

CVE-2026-46067 mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

0.00155EPSS

Exploits0References2

ATTACKERKB•added 2026/05/27 12:57 p.m.•7 views

EUVD-2026-32449

5.9AI score0.00155EPSS

Exploits0References2

CVE-2026-46067

5.9AI score0.00155EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/27 12:57 p.m.•37 views

CVE-2026-46066 ceph: fix num_ops off-by-one when crypto allocation fails

In the Linux kernel, the following vulnerability has been resolved: ceph: fix numops off-by-one when crypto allocation fails movedirtyfolioinpagearray may fail if the file is encrypted, the dirty folio is not the first in the batch, and it fails to allocate a bounce buffer to hold the ciphertext...

0.00166EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46066

5.8AI score0.00166EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/27 12:57 p.m.•39 views

CVE-2026-46065 fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping...

7.8CVSS0.00128EPSS

CVE•added 2026/05/27 12:57 p.m.•11 views

CVE-2026-46065

CVE-2026-46065 affects the Linux kernel framebuffer (fbdev) defio mechanism. The issue arises from disconnecting deferred I/O from the lifetime of struct fb_info, by holding state in struct fb_deferred_io_state and freeing the instance only after the final mapping closes. If fb_info/defio are fre...

7.8CVSS5.8AI score0.00128EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•6 views

CVE-2026-46065

5.8AI score0.00128EPSS

Exploits0References6Affected Software1

ATTACKERKB•added 2026/05/27 12:57 p.m.•6 views

CVE-2026-46064

In the Linux kernel, the following vulnerability has been resolved: ibmasm: fix heap over-read in ibmasmsendi2omessage The ibmasmsendi2omessage function uses getdotcommandsize to compute the byte count for memcpytoio, but this value is derived from user-controlled fields in the dotcommandheader...

5.8AI score0.00176EPSS

Exploits0References9Affected Software1

SUSE CVE•added 2026/05/27 12:57 p.m.•7 views

SUSE CVE-2026-45838

In the Linux kernel, the following vulnerability has been resolved: bpf: fix end-of-list detection in cgroupstoragegetnextkey listnextentry never returns NULL -- when the current element is the last entry it wraps to the list head via containerof. The subsequent NULL check is therefore dead code...

5.5CVSS5.8AI score0.00164EPSS

SUSE CVE•added 2026/05/27 12:57 p.m.•7 views

SUSE CVE-2026-45839

In the Linux kernel, the following vulnerability has been resolved: bpf: reject negative CO-RE accessor indices in bpfcoreparsespec CO-RE accessor strings are colon-separated indices that describe a path from a root BTF type to a target field, e.g. "0:1:2" walks through nested struct members...

5.5CVSS5.8AI score0.00161EPSS

CVE•added 2026/05/27 12:57 p.m.•18 views

CVE-2026-46063

The CVE-2026-46063 issue affects the Linux kernel with x86 shadow stack (shstk) handling of sigreturn. Root cause: during a shadow-stack sigframe read, the kernel previously held the mmap lock while verifying VMA flags to distinguish shadow stack memory. A page fault during this read could trigge...

5.5CVSS5.8AI score0.00094EPSS

Exploits0References5Affected Software1

EUVD-2026-32444

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in rununpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use...

5.8AI score0.00144EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46062

7.8CVSS5.8AI score0.00144EPSS

Exploits0References8Affected Software1

SUSE CVE•added 2026/05/27 12:57 p.m.•7 views

SUSE CVE-2026-45841

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkosf: fix divide-by-zero in OSFWSSMODULO nfosfmatchone computes ctx-window % f-wss.val in the OSFWSSMODULO branch with no guard for f-wss.val == 0. A CAPNETADMIN user can add such a fingerprint via nfnetlink; a...

5.9CVSS5.8AI score0.00164EPSS