Lucene search
+L

1179 matches found

Microsoft CVE
Microsoft CVE
added 2026/05/28 8:8 a.m.9 views

inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

...

5.5CVSS5.4AI score0.00123EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/28 4:37 a.m.14 views

CVE-2026-9798

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...

4.3CVSS5.7AI score0.00206EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/28 3:53 a.m.11 views

Authentication Bypass by Primary Weakness

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the Client-Initiated Backchannel Authentication CIBA flow. An...

4.3CVSS5.9AI score0.00206EPSS
Exploits0References2
OSV
OSV
added 2026/05/27 2:17 p.m.8 views

UBUNTU-CVE-2026-46049

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/27 12:57 p.m.7 views

CVE-2026-46049

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...

5.7AI score0.00123EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/27 12:56 p.m.42 views

CVE-2026-46040

CVE-2026-46040: In the Linux kernel inotify path, when fsnotify_add_inode_mark_locked() fails during inotify_new_watch(), the error path did not call dec_inotify_watches(), leaking a watch count and potentially exhausting max_user_watches (-ENOSPC) even with no active watches. The fix introduces ...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:56 p.m.45 views

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

0.00123EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.5CVSS6AI score0.00123EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.23 views

PT-2026-43916

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ALSA ctxfi component where the spdif passthru playback get resources function uses atc-pll rate as the Reference Sample Rate RSR for the Master Sample Rate MSR...

5.5CVSS5.9AI score0.00123EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: EROFs: Avoid linking hooked chains to prevent loops in deduplicated compressed images. After subjecting EROFS to heavy stress using several images that included a handcrafted image with repeated patterns for over 46 days, I...

5.8AI score0.00174EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevents underflow of lockedvm via exec When a vfio container is preserved during execution, the task does not change. Instead, a new memory page is allocated with lockedvm=0, and the counter from existing DMA mapping...

5.5CVSS6.1AI score0.00145EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path occurs before igetfailed in btrfsreadlocked inode. In btrfsreadlocked inode, if we fail to look up the inode, we jump to the ‘out’ label with a path that has a read-locked leaf. Then, we call igetfailed...

5.8AI score0.00194EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fixed the issue of “not skipping locked entries when scanning entries”. The commit 6be3e21d25ca “fs/dax: not skipping locked entries when scanning entries” introduced a new function, waitentryunlockedexclusive, which wait...

5.5CVSS5.9AI score0.00105EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fixed the unconditional use of the securitylockeddown function. Currently, the lockdown state is queried unconditionally, even though its result is only used if the PERFSAMPLEREGSINTR bit is set in attr.sampletype. Whi...

3.3CVSS6.4AI score0.0023EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: The release path was called before initializing the extent tree in btrfsreadlocked inode. In btrfsreadlocked inode, we call btrfsinitfileextenttree while holding a lock on a read-locked leaf of the subvolume tree...

5.5CVSS6AI score0.001EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 1:10 a.m.10 views

CLSA-2026-1779153000 golang: Fix of CVE-2026-32283

CVE-2026-32283: fix TLS 1.3 deadlock in crypto/tls handleKeyUpdate when a peer sends multiple key update messages requesting a response in a single record by adding a locked flag to setReadTrafficSecret so it calls sendAlertLocked instead of re-locking the connection mutex...

7.5CVSS7.1AI score0.00621EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/18 9:44 a.m.8 views

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the API-level authorization process. An attacker can create issues or attach comments to a locked group by sending direct API requests as a member of multiple groups. Remediation Upgrade...

5.3CVSS5.8AI score0.00152EPSS
Exploits0References2
NVD
NVD
added 2026/05/18 8:16 a.m.13 views

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/18 7:5 a.m.10 views

CVE-2026-6341

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

4.3CVSS5.8AI score0.00152EPSS
Exploits0References2
CVE
CVE
added 2026/05/18 7:5 a.m.30 views

CVE-2026-6341

Mattermost advisories describe a vulnerability in Mattermost Plugins affecting versions

4.3CVSS5.8AI score0.00152EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder