CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-46032

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Triple fault if restore host CR3 fails on nested VMEXIT If loading L1's CR3 fails on a nested VMEXIT, nestedsvmvmexit returns an error code that is ignored by most callers, and continues to run L1 with corrupted state....

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-46071

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Avoid clearing VMCBLBR in vmcb12 svmcopylbrs always marks VMCBLBR dirty in the destination VMCB. However, nestedsvmvmexit uses it to copy LBRs to vmcb12, and clearing clean bits in vmcb12 is not architecturally defined...

Cvelist•added 2026/05/27 12:58 p.m.•39 views

CVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

7.9CVSS0.00013EPSS

Exploits0References4

ATTACKERKB•added 2026/05/27 12:58 p.m.•4 views

CVE-2026-46076

5.8AI score0.00013EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/27 12:58 p.m.•10 views

CVE-2026-46076

The CVE-2026-46076 entry concerns the Linux kernel KVM nSVM, where an unhandled VMMCALL can produce an Undefined Opcode (#UD) when L2 is active, L1 does not intercept, nested_svm_l2_tlb_flush_enabled() is true, and the hypercall is not among the supported Hyper-V hypercalls. The vulnerability ari...

7.9CVSS5.8AI score0.00013EPSS

Exploits0References4

EUVD•added 2026/05/27 12:58 p.m.•7 views

EUVD-2026-32458

5.8AI score0.00013EPSS

Exploits0References4

Cvelist•added 2026/05/27 12:57 p.m.•34 views

CVE-2026-46071 KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12

0.00022EPSS

EUVD•added 2026/05/27 12:57 p.m.•6 views

EUVD-2026-32453

5.8AI score0.00022EPSS

Debian CVE•added 2026/05/27 12:57 p.m.•8 views

CVE-2026-46071

CVE•added 2026/05/27 12:57 p.m.•12 views

Exploits0

CVE-2026-46071

The CVE concerns the Linux kernel KVM nSVM path where svm_copy_lbrs() always marks VMCB_LBR dirty in the destination VMCB, while nested_svm_vmexit() copies LBRs to vmcb12 and clearing clean bits in vmcb12 is not architecturally defined. The fix moves vmcb_mark_dirty() to the call sites and drops ...

5.8AI score0.00022EPSS

EUVD•added 2026/05/27 12:57 p.m.•7 views

EUVD-2026-32441

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN For guests with NRIPS disabled, L1 does not provide NextRIP when running an L2 with an injected soft interrupt, instead it advances the current RIP before...

CVE•added 2026/05/27 12:57 p.m.•14 views

CVE-2026-46059

CVE-2026-46059 (Linux kernel, KVM nSVM) : The issue concerns how NextRIP is chosen for vmcb02 after an L2 VMRUN when NRIPS is disabled. Affected code uses the current RIP as NextRIP to emulate a CPU without NRIPS, but after the first L2 run NextRIP can be updated by the CPU/KVM, making the curren...

Debian CVE•added 2026/05/27 12:56 p.m.•6 views

CVE-2026-46032

CVE•added 2026/05/27 12:56 p.m.•12 views

Exploits0

CVE-2026-46032

CVE-2026-46032 concerns the Linux kernel KVM/nSVM path. When restoring host CR3 fails during a nested #VMEXIT, nested_svm_vmexit() returns an error code that can be ignored, allowing L1 to run with corrupted state. The documented mitigation is to inject a triple fault and avoid returning early fr...

EUVD•added 2026/05/27 12:56 p.m.•5 views

Exploits0References2

EUVD-2026-32413