CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/27 12:59 p.m.•7 views

EUVD-2026-32485

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...

5.8AI score0.00068EPSS

Cvelist•added 2026/05/27 12:59 p.m.•39 views

CVE-2026-46102 net: strparser: fix skb_head leak in strp_abort_strp()

7.5CVSS0.00068EPSS

ATTACKERKB•added 2026/05/27 12:59 p.m.•7 views

CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

Exploits0References9Affected Software1

EUVD•added 2026/05/27 12:59 p.m.•8 views

EUVD-2026-32484

ATTACKERKB•added 2026/05/27 12:59 p.m.•6 views

CVE-2026-46100

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...

5.8AI score0.00013EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/27 12:59 p.m.•37 views

CVE-2026-46099 net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to dstcachesetip6 invoking dsthold unconditionally. On PREEMPTRT, ksoftirqd is...

8.1CVSS0.00072EPSS

Exploits0References7

EUVD•added 2026/05/27 12:59 p.m.•7 views

EUVD-2026-32482

5.8AI score0.00072EPSS

CVE•added 2026/05/27 12:59 p.m.•17 views

CVE-2026-46099

The CVE-2026-46099 entry describes a use-after-free race in Linux kernel IPv6 handling for seg6 and rpl lightweight tunnels. A NOREF destination cached during ip6_route_input() can be freed by a concurrent FIB lookup on a shared nexthop under PREEMPT_RT, leading to a WARN or potential instability...

8.1CVSS5.8AI score0.00072EPSS

Exploits0References7

CVE•added 2026/05/27 12:59 p.m.•13 views

CVE-2026-46098

CVE-2026-46098 affects the Linux kernel’s CAIF net subsystem. The issue arises when caif_connect() tears down a client via caif_disconnect_client() and caif_free_client(), where caif_free_client() releases the service layer pointer (adap_layer->dn) but leaves the pointer stale. If the socket i...

Cvelist•added 2026/05/27 12:59 p.m.•36 views

CVE-2026-46098 net: caif: clear client service pointer on teardown

In the Linux kernel, the following vulnerability has been resolved: net: caif: clear client service pointer on teardown caifconnect can tear down an existing client after remote shutdown by calling caifdisconnectclient followed by caiffreeclient. caiffreeclient releases the service layer referenc...

0.00032EPSS

ATTACKERKB•added 2026/05/27 12:59 p.m.•4 views

CVE-2026-46098

5.7AI score0.00032EPSS

Exploits0References9Affected Software1

EUVD•added 2026/05/27 12:59 p.m.•8 views

EUVD-2026-32481

EUVD•added 2026/05/27 12:58 p.m.•11 views

EUVD-2026-32480

In the Linux kernel, the following vulnerability has been resolved: Input: edt-ft5x06 - fix use-after-free in debugfs teardown The commit 68743c500c6e "Input: edt-ft5x06 - use per-client debugfs directory" removed the manual debugfs teardown, relying on the I2C core to handle it. However, this...

5.8AI score0.00022EPSS

ATTACKERKB•added 2026/05/27 12:58 p.m.•5 views

CVE-2026-46097

5.7AI score0.00022EPSS

Exploits0References4Affected Software1

EUVD•added 2026/05/27 12:58 p.m.•6 views

EUVD-2026-32479

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

5.9AI score0.00022EPSS

CVE•added 2026/05/27 12:58 p.m.•12 views

CVE-2026-46096

The CVE affects the Linux kernel’s tpm2-sessions code, specifically tpm2_read_public(). It leaks a page allocation due to missing tpm_buf_destroy() on two exit paths: (1) when name_size() returns an error, the function returns without destroying the buffer; (2) on the success path, the buffer is ...

5.9AI score0.00022EPSS

EUVD•added 2026/05/27 12:58 p.m.•8 views

EUVD-2026-32478

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmapstatemachine in both llbitmapstartwrite and llbitmapstartdiscard. This ensures the barrier is in place before a...

5.8AI score0.00022EPSS

CVE•added 2026/05/27 12:58 p.m.•13 views

CVE-2026-46095

CVE-2026-46095 refers to a Linux kernel issue in the md/md-llbitmap area. The vulnerability was mitigated by moving the barrier raise operation to occur before any state transitions, ensuring the barrier is in place prior to calling llbitmap_state_machine() in both llbitmap_start_write() and llbi...

5.8AI score0.00022EPSS

Cvelist•added 2026/05/27 12:58 p.m.•33 views

CVE-2026-46095 md/md-llbitmap: raise barrier before state machine transition

0.00022EPSS