Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Do not expire a session when a binding attempt fails. When a multichannel session binding request fails e.g., due to an incorrect password, the error path unconditionally sets sess-state to SMB2SESSIONEXPIRED. However,...

8.2CVSS5.8AI score0.00499EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/22 1:54 p.m.3 views

CVE-2026-31476

In the Linux kernel, the following vulnerability has been resolved: ksmbd: do not expire session on binding failure When a multichannel session binding request fails e.g. wrong password, the error path unconditionally sets sess-state = SMB2SESSIONEXPIRED. However, during binding, sess points to t...

5.5AI score0.00499EPSS
Exploits0References7Affected Software1
RedhatCVE
RedhatCVEadded 2026/04/06 11:57 a.m.2 views

CVE-2026-31409

A flaw was found in ksmbd, a component of the Linux kernel. This vulnerability occurs when a multichannel Server Message Block SMB2 session setup request, specifically one with a binding flag, fails. Due to an error in handling this failure, ksmbd incorrectly retains a binding state for the...

8.8CVSS5.9AI score0.00454EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/04/06 7:38 a.m.26 views

CVE-2026-31409 ksmbd: unset conn->binding on failed binding request

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

8.8CVSS0.00454EPSS
Exploits0References7
ATTACKERKB
ATTACKERKBadded 2026/04/06 7:38 a.m.1 views

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

5.7AI score0.00454EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2026/04/06 7:38 a.m.16 views

CVE-2026-31409

CVE-2026-31409 affects the Linux kernel ksmbd component. A multichannel SMB2_SESSION_SETUP with SMB2_SESSION_REQ_FLAG_BINDING could fail, but ksmbd did not clear conn->binding on the error path, leaving the connection in a binding state. This caused ksmbd_session_lookup_all() to fall back to t...

8.8CVSS5.7AI score0.00454EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologiesadded 2025/03/22 12:0 a.m.5 views

PT-2025-16681

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue can occur in the Linux kernel's ksmbd component, specifically in the ksmbd sessions deregister function. This issue arises in multichannel mode when the second...

8.8CVSS7.7AI score0.00564EPSS
Exploits0
OSV
OSVadded 2019/04/25 8:34 a.m.12 views

SUSE-SU-2019:14030-1 Security update for openssh

This update for openssh fixes the following issues: Security vulnerabilities addressed: - CVE-2019-6109: Fixed an character encoding issue in the progress display of the scp client that could be used to manipulate client output, allowing for spoofing during file transfers bsc1121816. -...

6.8CVSS6.7AI score0.58204EPSS
Exploits9References9
Rows per page
Query Builder