CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-53237

A flaw was found in the Linux kernel's Marvell EBU mvebu General Purpose Input/Output GPIO driver. During system suspend and resume operations, the mvebupwmsuspend and mvebupwmresume functions are called for all GPIO banks. However, not all banks have Pulse Width Modulation PWM functionality,...

5.8AI score0.00175EPSS

RedhatCVE•added 2 days ago•9 views

CVE-2026-53213

A flaw was found in the Linux kernel's drm/vc4 component. This vulnerability occurs due to incorrect handling of the krealloc function's return value. If krealloc fails and returns a null value, the original pointer to allocated memory is overwritten without proper validation, leading to a memory...

5.8AI score0.0018EPSS

RedhatCVE•added 2 days ago•4 views

CVE-2026-53152

A flaw was found in the Linux kernel's dwmmc-rockchip driver. This vulnerability occurs because older controllers such as rk2928, rk3066, and rk3188 lack necessary private data. When the system attempts to access this missing data, it results in a NULL-pointer dereference. This can lead to system...

5.8AI score0.00168EPSS

NVD•added 2 days ago•8 views

CVE-2026-57873

An unauthenticated NULL pointer dereference vulnerability exists in IEEE8021xupload.cgi in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of multipart upload headers when processing certificate-related upload fields. A remote attacker may...

7.5CVSS0.00206EPSS

NVD•added 2 days ago•7 views

CVE-2026-57875

An unauthenticated NULL pointer dereference vulnerability exists in the HTTP request parsing logic of multiple CGI components in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by improper validation of required HTTP request metadata before it is used by the...

7.5CVSS0.01266EPSS

SUSE Linux•added 2 days ago•5 views

Security update for apache-commons-configuration2, apache-commons-text

This update for apache-commons-configuration2, apache-commons-text fixes the following issues CVE-2026-45205: uncontrolled recursion leads to StackOverflowError when processing specially crafted configuration files bsc1265299. Changes for apache-commons-configuration2: Upgrade to version 2.15.0:...

8.7CVSS6.2AI score0.02164EPSS

OSV•added 2 days ago•2 views

SUSE-SU-2026:2642-1 Security update for apache-commons-configuration2, apache-commons-text

This update for apache-commons-configuration2, apache-commons-text fixes the following issues - CVE-2026-45205: uncontrolled recursion leads to StackOverflowError when processing specially crafted configuration files bsc1265299. Changes for apache-commons-configuration2: - Upgrade to version...

5.3CVSS5.5AI score0.00487EPSS

Exploits0References3

5.5CVSS5.8AI score0.00166EPSS

CVE-2026-53142

A flaw was found in the Linux kernel's drm/xe/display driver. When the display is disabled via fuses, the driver can attempt to access uninitialized mode configuration during suspend or shutdown operations. This can lead to a NULL pointer dereference, resulting in a system crash and a denial of...

7.5CVSS5.7AI score0.0018EPSS

CVE-2026-53165

A flaw was found in the Linux kernel's iomap subsystem. A race condition can occur during buffered read error reporting, specifically in the iomapfinishfolioread function. This allows a separate process to clear a folio's mapping while an error is being reported, leading to a null pointer...

7.8CVSS5.7AI score0.00162EPSS

CVE-2026-53174

A flaw was found in the Linux kernel's overlay filesystem ovl component. Specifically, an issue in the ovliteratemerged function incorrectly stores an error pointer even after a successful cache operation. This can lead to the function returning a misleading non-zero error, potentially causing...

5.5CVSS5.8AI score0.00175EPSS

CVE-2026-53251

A flaw was found in the Linux kernel's Bluetooth subsystem. The hcigetroute function, used in the ISO Isochronous Stream connection handling, fails to release a reference-counted hcidev pointer. This resource leak could lead to a Denial of Service DoS condition...

RedhatCVE•added 2 days ago•5 views

CVE-2026-53166

A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...

5.5CVSS5.7AI score0.00173EPSS

CVE•added 2 days ago•8 views

CVE-2026-57875

GeoVision GV-LPC2011 and GV-LPC2211 components (GV-LPC2011/LPC2211 V1.12 and earlier) contain an unauthenticated NULL pointer dereference in the HTTP request parsing logic. The root cause is improper validation of required HTTP request metadata before use by the affected CGI components, allowing ...

Cvelist•added 2 days ago•36 views

CVE-2026-57875 GV-LPC2011/LPC2211 - unauthorized null pointer dereference vulnerability in packet parsing

7.5CVSS0.01266EPSS

EUVD•added 2 days ago•7 views

EUVD-2026-39631

Vulnrichment•added 2 days ago•4 views

CVE-2026-57875 GV-LPC2011/LPC2211 - unauthorized null pointer dereference vulnerability in packet parsing

ATTACKERKB•added 2 days ago•4 views

CVE-2026-57875

Exploits0References2Affected Software1

Cvelist•added 2 days ago•38 views

CVE-2026-57873 GV-LPC2011/LPC2211 - unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)

7.5CVSS0.00206EPSS

CVE•added 2 days ago•9 views

CVE-2026-57873

GeoVision GV-LPC2011 and GV-LPC2211 (V1.12 and earlier) are affected by CVE-2026-57873 due to an unauthenticated NULL pointer dereference in the IEEE8021x_upload.cgi handler. The root cause is improper validation of multipart upload headers when processing certificate-related upload fields, which...

7.5CVSS5.8AI score0.00206EPSS