CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

UBUNTU-CVE-2026-45960

In the Linux kernel, the following vulnerability has been resolved: hfsplus: return error when node already exists in hfsbnodecreate When hfsbnodecreate finds that a node is already hashed which should not happen in normal operation, it currently returns the existing node without incrementing its...

5.7AI score0.00032EPSS

UBUNTU-CVE-2026-46003

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the total number of nodes Currently, the nameserver doesn't limit the number of nodes it handles. This can be an attack vector if a malicious client starts registering random nodes, leading to memory...

5.7AI score0.00024EPSS

NVD•added 2026/05/27 2:17 p.m.•4 views

CVE-2026-45868

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix refcount leak in pcsaddgpiofunc ofparsephandlewithargs returns a devicenode pointer with refcount incremented in gpiospec.np. The loop iterates through all phandles but never releases the reference, causing a...

0.00032EPSS

Exploits0References8

UBUNTU-CVE-2026-45868

5.8AI score0.00032EPSS

UBUNTU-CVE-2026-45990

In the Linux kernel, the following vulnerability has been resolved: slub: fix data loss and overflow in krealloc Commit 2cd8231796b5 "mm/slub: allow to set node and align in kvrealloc" introduced the ability to force a reallocation if the original object does not satisfy new alignment or NUMA nod...

5.9AI score0.00022EPSS

OSV•added 2026/05/27 2:17 p.m.•2 views

UBUNTU-CVE-2026-45925

In the Linux kernel, the following vulnerability has been resolved: thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanup attribute to automatically release the node and fix the leak. rjw:...

5.7AI score0.00023EPSS

Vulnrichment•added 2026/05/27 2:13 p.m.•6 views

CVE-2026-48922

Jenkins Credentials Binding Plugin 720.v3f6decef43ea and earlier does not properly sanitize file names for file and zip file credentials, allowing attackers able to provide credentials to a job to write files to arbitrary locations on the node filesystem, which can lead to remote code execution i...

6.5AI score0.01768EPSS

EUVD•added 2026/05/27 2:13 p.m.•10 views

EUVD-2026-32513

7.5CVSS6.5AI score0.01768EPSS

Cvelist•added 2026/05/27 2:13 p.m.•35 views

CVE-2026-48922

0.01768EPSS

AlpineLinux•added 2026/05/27 2:13 p.m.•9 views

CVE-2026-48922

7.5CVSS6.5AI score0.01768EPSS

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46067

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: validate damosquotagoal-nid for nodememcgused,freebp Users can set damosquotagoal-nid with arbitrary value for nodememcgused,freebp. But DAMON core is using those for NODE-DATA without a validation of the value. Th...

Exploits0References3Affected Software1

EUVD•added 2026/05/27 12:57 p.m.•3 views

EUVD-2026-32449

Cvelist•added 2026/05/27 12:57 p.m.•30 views

Exploits0References2

CVE-2026-46067 mm/damon/core: validate damos_quota_goal->nid for node_memcg_{used,free}_bp

0.00024EPSS

Exploits0References2

CVE•added 2026/05/27 12:57 p.m.•9 views

CVE-2026-46067

In the Linux kernel, CVE-2026-46067 concerns the DAMON subsystem. The mm/damon/core validates damos_quota_goal->nid for node_memcg_{used,free}_bp, but before the fix it allowed arbitrary values, enabling use of these IDs in NODE-DATA() without validation and risking out-of-bounds memory access...

Debian CVE•added 2026/05/27 12:57 p.m.•4 views

Exploits0References2

CVE-2026-46067