CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 12:56 p.m.•36 views

CVE-2026-46025 mm/damon/core: fix damon_call() vs kdamond_fn() exit race

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoncall vs kdamondfn exit race Patch series "mm/damon/core: fix damoncall/damoswalk vs kdmond exit race". damoncall and damoswalk can leak memory and/or deadlock when they race with kdamond terminations. Fix...

0.00022EPSS

Exploits0References3

ATTACKERKB•added 2026/05/27 12:56 p.m.•6 views

CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

7.5CVSS5.6AI score0.0007EPSS

Exploits0References6Affected Software1

CVE•added 2026/05/27 12:56 p.m.•11 views

CVE-2026-46023

The CVE describes a Linux kernel dm-mirror issue in create_dirty_log(): the arg count is computed as 2 + param_count before argc is validated, allowing an unsigned overflow when param_count approaches UINT_MAX. This can bypass the argc

EUVD-2026-32404

In the Linux kernel, the following vulnerability has been resolved: dm mirror: fix integer overflow in createdirtylog The argument count calculation in createdirtylog performs argsused = 2 + paramcount before validating against argc. When a user provides a paramcount close to UINTMAX via the devi...

CVE•added 2026/05/27 12:56 p.m.•13 views

CVE-2026-46022

The CVE-2026-46022 entry documents a Linux kernel vulnerability in misc: ibmasm, where ibmasm_handle_mouse_interrupt() performs an out-of-bounds MMIO read when hardware queue indices exceed REMOTE_QUEUE_SIZE (60). The root cause is that get_queue_reader()/get_queue_writer() return raw readl() val...

EUVD-2026-32403

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

Cvelist•added 2026/05/27 12:56 p.m.•36 views

CVE-2026-46021 thermal: core: Fix thermal zone governor cleanup issues

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If thermalzonedeviceregisterwithtrips fails after adding a thermal governor to the thermal zone being registered, the governor is not removed from it as appropriate which ma...

0.00024EPSS

EUVD•added 2026/05/27 12:56 p.m.•9 views

EUVD-2026-32400

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-aes - Fix 3-page memory leak in atmelaesbuffcleanup atmelaesbuffinit allocates 4 pages using getfreepages with ATMELAESBUFFERORDER, but atmelaesbuffcleanup frees only the first page using freepage, leaking the...

EUVD•added 2026/05/27 12:56 p.m.•13 views

EUVD-2026-32401

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememused,freebp Patch series "mm/damon/core: validate damosquotagoal-nid". nodememcgused,freebp DAMOS quota goals receive the node id. The node id is used for simeminfonode and...

5.9AI score0.00022EPSS

Exploits0References3

CVE•added 2026/05/27 12:56 p.m.•12 views

CVE-2026-46018

In the Linux kernel ALSA USB audio path, the vulnerability arises from parse_uac2_sample_rate_range() capping the number of enumerated UAC2 sample rates at MAX_NR_RATES but only exiting the inner loop. A malformed UAC2 RANGE response with extra triplets can continue parsing, causing repeated "inv...

5.8AI score0.00037EPSS

Cvelist•added 2026/05/27 12:56 p.m.•39 views

CVE-2026-46018 ALSA: usb-audio: stop parsing UAC2 rates at MAX_NR_RATES

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

0.00037EPSS

EUVD•added 2026/05/27 12:56 p.m.•7 views

EUVD-2026-32399

5.8AI score0.00037EPSS

EUVD•added 2026/05/27 12:56 p.m.•7 views

EUVD-2026-32398

In the Linux kernel, the following vulnerability has been resolved: mm: fix deferred split queue races during migration migratefoliomove records the deferred split queue state from src and replays it on dst. Replaying it after removemigrationptessrc, dst, 0 makes dst visible before it is requeued...

5.8AI score0.00024EPSS

Exploits0References2

EUVD-2026-32397

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

5.9AI score0.00024EPSS

EUVD-2026-32396

In the Linux kernel, the following vulnerability has been resolved: tcp: call skdataready after listener migration When inetcsklistenstop migrates an established child socket from a closing listener to another socket in the same SOREUSEPORT group, the target listener gets a new accept-queue entry...

5.8AI score0.00013EPSS

Cvelist•added 2026/05/27 12:56 p.m.•36 views

CVE-2026-46016 remoteproc: xlnx: Only access buffer information if IPI is buffered

0.00024EPSS