CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 6 days ago•12 views

CVE-2026-48983

pamusb provides hardware authentication for Linux using ordinary removable media. In versions prior to 0.9.2, a symlink race condition exists in per-device and per-user pad directory creation. pamusb uses a check-then-act pattern: it calls lstat to test for existence and then calls mkdir separate...

5.8CVSS0.00084EPSS

Cvelist•added 6 days ago•14 views

CVE-2026-48983 pam_usb: TOCTOU race condition in pad directory creation allows symlink substitution

5.8CVSS0.00084EPSS

CVE•added 6 days ago•15 views

CVE-2026-48983

CVE-2026-48983 affects pam_usb prior to version 0.9.2, where a TOCTOU race in per-device and per-user pad directory creation can be exploited via a symlink substitution. pam_usb performs a check-then-act using lstat() followed by mkdir(), allowing a local attacker to replace the target path with ...

5.8CVSS5.3AI score0.00084EPSS

CVE•added 6 days ago•12 views

CVE-2026-48982

CVE-2026-48982 affects pam_usb prior to version 0.9.2, where updating a one-time pad file creates a temporary file with open() lacking O_EXCL, enabling a race between concurrent processes to update the same pad. This non-atomicity can cause the stored pad to diverge from expectations, potentially...

5.8CVSS5.3AI score0.00088EPSS

Cvelist•added 6 days ago•14 views

CVE-2026-48982 pam_usb: Missing O_EXCL on pad temp file creation allows concurrent update race

5.8CVSS0.00088EPSS

NVD•added 6 days ago•9 views

CVE-2026-48984

pamusb provides hardware authentication for Linux using ordinary removable media. In versions 0.9.1 and below, the xfree memory release helper in calls free without first zeroing the buffer contents, releasing heap-allocated buffers containing sensitive data — including one-time pad bytes read fr...

4.7CVSS0.00109EPSS

Cvelist•added 6 days ago•14 views

CVE-2026-48984 pam_usb: xfree() does not call explicit_bzero — sensitive cryptographic material may linger in freed heap

4.7CVSS0.00109EPSS

CVE•added 6 days ago•9 views

CVE-2026-48984

pam_usb for Linux (affected: v0.9.1 and earlier) has a memory handling flaw where xfree() frees buffers without zeroing contents, potentially leaving sensitive data (including one-time pad bytes) in freed heap memory. On systems with use-after-free or heap inspection capabilities, this could perm...

4.7CVSS5.6AI score0.00109EPSS

RedhatCVE•added 2026/06/05 7:21 p.m.•6 views

CVE-2026-47272

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, the pusbpadcompare function in src/pad.c only verified that the user-side pad /.pamusb/device.pad could be read, but did not enforce that the system-side pad the pad file on the USB device was also...

7.1CVSS5.5AI score0.00119EPSS

Tenable Nessus•added 2026/06/03 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45874

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not...

5.8AI score0.002EPSS

Microsoft CVE•added 2026/05/28 8:7 a.m.•6 views

RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv

...

9.1CVSS5.4AI score0.00514EPSS

Exploits0

SUSE CVE•added 2026/05/28 3:57 a.m.•6 views

SUSE CVE-2026-45874

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...

5.8AI score0.002EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:53 a.m.•10 views

SUSE CVE-2026-46043

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv rxercv currently checks only that the incoming packet is at least headersizepkt bytes long before payloadsize is used. However, payloadsize subtracts both the...

7.5CVSS5.8AI score0.00514EPSS

Exploits0References19

RedhatCVE•added 2026/05/28 3:39 a.m.•14 views

CVE-2026-45874

A flaw was found in the Linux kernel, within the phy: freescale: imx8qm-hsio component. This vulnerability occurs when a specific pointer, refclkpad, is not properly initialized and is later used without validation. This can lead to a NULL pointer dereference, which may cause the system to crash...

5.8AI score0.002EPSS

Exploits0References4

ATTACKERKB•added 2026/05/27 8:18 p.m.•8 views

CVE-2026-44711

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7...

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/27 8:18 p.m.•8 views

CVE-2026-44711 pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption

EUVD•added 2026/05/27 8:18 p.m.•6 views

EUVD-2026-32659

CVE•added 2026/05/27 8:18 p.m.•13 views

CVE-2026-44711

The CVE concerns the pam_usb project for Linux. Affected: pam_usb versions prior to 0.8.7. Root cause: symlink attacks on the pad directory and pad files. Impact: authentication bypass and potential root file corruption. The issue is fixed in version 0.8.7. There is no explicit exploitation statu...

Cvelist•added 2026/05/27 8:18 p.m.•38 views

CVE-2026-44711 pam_usb: Symlink attacks on pad directory and pad files enable authentication bypass and root file corruption

7.9CVSS0.00166EPSS