CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/05/06 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The...

5.5CVSS5.8AI score0.00093EPSS

Exploits0References3

Github Security Blog•added 2026/05/05 8:30 p.m.•10 views

parse-server: MFA SMS one-time password accepted twice under concurrent login

Impact A race condition in the MFA SMS one-time password OTP login path allows two concurrent /login requests carrying the same OTP to both succeed and both receive valid session tokens, breaking the single-use property of the OTP. The vulnerability requires the attacker to already possess the...

5.9CVSS5.7AI score0.00236EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/05/05 12:0 a.m.•9 views

PT-2026-37307

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.76 Parse Server versions prior to 9.9.0-alpha.2 Description A race condition exists in the MFA SMS one-time password OTP login path. This allows two concurrent requests to the '/login' endpoint using the same...

2.1CVSS5.9AI score0.00236EPSS

Exploits0References7

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed recursive locking of directmutex in ftracemodifydirectcaller Naveen reported recursive locking of directmutex with the sample ftrace-direct-modify.ko file: 74.762406 WARNING: Possible recursive locking detected...

5.5AI score0.00155EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: BPF: Fixed a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element during updates, before locking the target hash table bucket. Immediately afterwards, the maps attempt to lock the bucke...

5.2AI score0.00157EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: “aoe”: avoided potential deadlock at “setcapacity”. “setcapacity” has been moved outside of the section protected by &d-lock. This prevents possible unsafe locking scenarios due to interrupts. Here’s the sequence of events: 1...

5.5CVSS5.3AI score0.00183EPSS

5.5CVSS5.1AI score0.0024EPSS

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Protection was added to the device queue against concurrent access. In the dasdprofilestart function, the number of requests on the device queue is counted. However, access to the device queue is not protected against...

5.5CVSS6AI score0.00187EPSS

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ocfs2: dlmfs: Fixed error handling for userdlmdestroyLock. When userdlmdestroyLock fails, it does not clean up the flags it set before exiting. For the USERLOCKINTEARDOWN condition, if this function fails because the lock is...

7.8CVSS6.6AI score0.00256EPSS

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: blk-cgroup: fixed a UAF vulnerability by acquiring the blkcg lock before destroying the blkg. KASAN reports a use-after-free issue during the fuzz test: 693354.104835...

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: interconnect: Fixed locking issues related to runpm vs. reclaim. For cases where iccbwset can be called in callbaths that may lead to deadlocks with shrinker/reclaim, such as during runpm resume, we need to separate the icc...

5.4AI score0.00163EPSS

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: ISO: Fixed issues related to locking and validity checks for isoconn. sk-skstate indicates whether isopisk-conn is valid. Operations that check or update skstate and access conn should hold locksock; otherwise, they...

5.4AI score0.00166EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: powerpc/pci: Fixed the locking behavior of getphbnumber. The recent change to getphbnumber causes a DEBUGATOMICSLEEP warning on some systems: - Bug: A sleeping function is called from an invalid context at...

5.5CVSS5.5AI score0.00119EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: btrfs: Lock the inode in shared mode before starting fiemap. Currently, fiemap does not lock the inode itself VFS lock; instead, it only locks a file range within the inode’s io tree. However, this can lead to a deadlock if there...

5.5CVSS6AI score0.00212EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: - rxrpc: Fixed the locking mechanism in rxrpc’s sendmsg function. - Three bugs were fixed in the implementation of rxrpc’s sendmsg function: 1 The rxrpcnewclientcall function should release the socket lock when returning an...

5.5CVSS6.4AI score0.0015EPSS