CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 12:18 p.m.•27 views

CVE-2026-45965 apparmor: fix invalid deref of rawdata when export_binary is unset

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix invalid deref of rawdata when exportbinary is unset If the exportbinary parameter is disabled on runtime, profiles that were loaded before that will still have their rawdata stored in apparmorfs, with a symbolic lin...

Cvelist•added 2026/05/27 12:17 p.m.•28 views

CVE-2026-45943 erofs: fix inline data read failure for ztailpacking pclusters

In the Linux kernel, the following vulnerability has been resolved: erofs: fix inline data read failure for ztailpacking pclusters Compressed folios for ztailpacking pclusters must be valid before adding these pclusters to I/O chains. Otherwise, zerofsdecompresspcluster may assume they are alread...

0.00023EPSS

Cvelist•added 2026/05/27 12:17 p.m.•27 views

CVE-2026-45911 usb: cdns3: fix role switching during resume

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix role switching during resume If the role change while we are suspended, the cdns3 driver switches to the new mode during resume. However, switching to host mode in this context causes a NULL pointer dereference. T...

CVE•added 2026/05/27 12:17 p.m.•8 views

Exploits0References7

CVE-2026-45911

The CVE-2026-45911 issue affects the Linux kernel’s usb: cdns3 driver. When a role switch occurs during suspend/resume, the host mode path can dereference an unprobed xhci-hcd device during resume, leading to a NULL pointer dereference. The described fix skips the resume operation for the new rol...

5.8AI score0.00032EPSS

Exploits0References7

Cvelist•added 2026/05/27 12:16 p.m.•32 views

CVE-2026-45877 HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: fix NULL-ptr-deref in ishtpbusremoveallclients During a warm reset flow, the cl-device pointer may be NULL if the reset occurs while clients are still being enumerated. Accessing cl-device-referencecount witho...

0.00023EPSS

Debian CVE•added 2026/05/27 12:16 p.m.•3 views

CVE-2026-45877

5.7AI score0.00023EPSS

Cvelist•added 2026/05/27 12:15 p.m.•31 views

CVE-2026-45874 phy: freescale: imx8qm-hsio: fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...

0.00023EPSS

Debian CVE•added 2026/05/27 12:15 p.m.•4 views

CVE-2026-45874

5.7AI score0.00023EPSS

CVE•added 2026/05/27 12:15 p.m.•10 views

CVE-2026-45874

The CVE-2026-45874 entry concerns the Linux kernel component for Freescale IMX8QM HSIO. The vulnerability arises when probing the driver: the refclk_pad pointer may be NULL if the device tree property fsl,refclk-pad-mode is not defined, yet imx_hsio_configure_clk_pad() uses this pointer unconditi...

5.8AI score0.00023EPSS

Cvelist•added 2026/05/27 12:15 p.m.•34 views

CVE-2026-45869 power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed()

In the Linux kernel, the following vulnerability has been resolved: power: supply: wm97xx: Fix NULL pointer dereference in powersupplychanged In probe, requestirq is called before allocating/registering a powersupply handle. If an interrupt is fired between the call to requestirq and...

Debian CVE•added 2026/05/27 12:15 p.m.•5 views

CVE-2026-45869

5.7AI score0.00032EPSS

CVE•added 2026/05/27 12:15 p.m.•9 views

CVE-2026-45869

CVE-2026-45869 relates to the Linux kernel driver wm97xx power supply. The race condition occurs in probe(): IRQ is requested before the power_supply handle is registered, allowing an interrupt to fire and trigger power_supply_changed() while the handle is uninitialized, causing a NULL pointer de...

5.8AI score0.00032EPSS

Cvelist•added 2026/05/27 12:15 p.m.•29 views

CVE-2026-45857 scsi: csiostor: Fix dereference of null pointer rn

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

CVE•added 2026/05/27 12:15 p.m.•9 views

CVE-2026-45857

Affected software: Linux kernel (scsi: csiostor). Issue: dereferencing a null pointer rn in the error path when rn is NULL due to macro CSIO_INC_STATS. Root cause: missing safe control flow after macro usage. Impact: potential null-pointer dereference in the SCSI path; no exploitation details pro...

5.8AI score0.00032EPSS

Debian CVE•added 2026/05/27 12:15 p.m.•3 views

CVE-2026-45857

5.7AI score0.00032EPSS

Cvelist•added 2026/05/27 12:15 p.m.•27 views

CVE-2026-45848 apparmor: fix NULL sock in aa_sock_file_perm

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix NULL sock in aasockfileperm Deal with the potential that sock and sock-sk can be NULL during socket setup or teardown. This could lead to an oops. The fix for NULL pointer dereference in unixneedsrevalidation shows...

Debian CVE•added 2026/05/27 12:15 p.m.•5 views

CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.7AI score0.00024EPSS