CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/29 7:30 p.m.•25 views

CVE-2026-45151

NanoMQ (0.24.8 and earlier) contains a NULL substream pointer dereference in quic_stream_recv when a substream is reopening. The vulnerable code finishes AIO with an error but does not return before locking c->mtx, indicating a potential NULL dereference and an unlocked/locked state issue in t...

6.3CVSS5.9AI score0.00227EPSS

EUVD•added 2026/05/29 7:30 p.m.•10 views

EUVD-2026-33429

6.3CVSS5.9AI score0.00227EPSS

NVD•added 2026/05/28 10:16 a.m.•10 views

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

5.5CVSS0.00128EPSS

NVD•added 2026/05/28 10:16 a.m.•9 views

CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

0.00168EPSS

Exploits0References5

EUVD•added 2026/05/28 9:40 a.m.•11 views

EUVD-2026-32829

6AI score0.00128EPSS

Cvelist•added 2026/05/28 9:40 a.m.•29 views

CVE-2026-46202 HID: appletb-kbd: run inactivity autodim from workqueues

0.00128EPSS

EUVD•added 2026/05/28 9:36 a.m.•12 views

EUVD-2026-32784

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger Currently the runtime.oss.trigger field may be accessed concurrently without protection, which may lead to the data race. And, in this case, it may lead to more sever...

5.7AI score0.00107EPSS

SUSE CVE•added 2026/05/28 3:54 a.m.•9 views

SUSE CVE-2026-46008

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: fix damoswalk vs kdamondfn exit race When kdamondfn main loop is finished, the function cancels remaining damoswalk request and unset the damonctx-kdamond so that API callers and API functions themselves can show t...

5.5CVSS5.7AI score0.00077EPSS

SUSE CVE•added 2026/05/28 3:53 a.m.•9 views

SUSE CVE-2026-46036

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...

5.5CVSS5.8AI score0.00125EPSS

Positive Technologies•added 2026/05/28 12:0 a.m.•19 views

PT-2026-44280

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A data race exists in the ALSA PCM OSS component when accessing the runtime.oss.trigger field. Because this field is a bit field, concurrent access without protection can cause writes to...

7.8CVSS5.9AI score0.00107EPSS

Exploits0

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-46036

7.8CVSS0.00125EPSS

NVD•added 2026/05/27 2:17 p.m.•12 views

CVE-2026-45949

In the Linux kernel, the following vulnerability has been resolved: hwrng: core - use RCU and workstruct to fix race condition Currently, hwrngfill is not cleared until the hwrngfillfn thread exits. Since hwrngunregister reads hwrngfill outside the rngmutex lock, a concurrent hwrngunregister may...

4.7CVSS0.00088EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•11 views

PT-2026-43816

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hardware random number generator hwrng core. The hwrng fill pointer is not cleared until the hwrng fillfn thread exits. Because hwrng unregister reads hwrn...

4.7CVSS5.5AI score0.00088EPSS

Exploits0References14

Positive Technologies•added 2026/05/27 12:0 a.m.•14 views

PT-2026-43903

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A use-after-free issue exists in the vfio/cdx component. The function vfio cdx set msi trigger reads vdev-config msi and operates on the vdev-cdx irqs array without proper serialization...

9.8CVSS5.9AI score0.01582EPSS

Exploits14References280

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fixed atomic context locking issue The ncmsetalt function was holding a mutex to prevent race conditions with configfs. This function invokes the mightsleep function within an atomic context. The struct pointer...

5.5CVSS5.7AI score0.00091EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec – Do not sleep when in softirq When the kunpeng920 encryption driver is used to deencrypt and decrypt packets during softirq, it is not allowed to use a mutex lock. The kernel will report the following error...

5.5CVSS5.9AI score0.00128EPSS

EUVD•added 2026/05/08 3:31 p.m.•8 views

EUVD-2026-28729

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix atomic context locking issue The ncmsetalt function was holding a mutex to protect against races with configfs, which invokes the might-sleep function inside an atomic context. Remove the struct netdevice...

5.8AI score0.00091EPSS