CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9991 matches found

CVE•added 2026/04/24 2:35 p.m.•5 views

CVE-2026-31573

The vulnerability CVE-2026-31573 affects the Linux kernel media: verisilicon hantro_vpu driver. When built as a module, incorrect use of the __initconst annotation frees data prematurely, and non-init probe code later accesses this freed data, causing a kernel panic (page fault) during hantro_pro...

5.5CVSS5.3AI score0.00017EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/04/24 2:35 p.m.•2 views

CVE-2026-31573

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Fix kernel panic due to initconst misuse Fix a kernel panic when probing the driver as a module: Unable to handle kernel paging request at virtual address ffffd9c18eb05000 offindmatchingnodeandmatch+0x5c/0x1a0...

5.5CVSS5.3AI score0.00017EPSS

Exploits0

ATTACKERKB•added 2026/04/24 2:33 p.m.•0 views

CVE-2026-31542

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info structures. Fix this by using NUMANONODE, allowing UV hub info structur...

5.4AI score0.00015EPSS

Exploits0References6Affected Software1

EUVD•added 2026/04/24 2:33 p.m.•1 views

EUVD-2026-25435

5.3AI score0.00015EPSS

Exploits0References5

Debian CVE•added 2026/04/24 2:33 p.m.•2 views

CVE-2026-31542

5.5CVSS5.2AI score0.00015EPSS

Exploits0

Cvelist•added 2026/04/24 3:27 a.m.•26 views

CVE-2026-41485 Kyverno Controller Denial of Service via forEach Mutation Panic

Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in the forEach mutation handler allows any user with permission to create a Policy or ClusterPolicy to crash the cluster-wide background controller int...

7.7CVSS0.00051EPSS

Exploits1References3

NVD•added 2026/04/24 3:16 a.m.•3 views

CVE-2026-32952

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

7.5CVSS0.0007EPSS

Exploits0References2

EUVD•added 2026/04/24 1:46 a.m.•1 views

EUVD-2026-25374

5.3CVSS5.3AI score0.0007EPSS

Exploits0References2

AlpineLinux•added 2026/04/24 1:46 a.m.•2 views

CVE-2026-32952

7.5CVSS5.8AI score0.0007EPSS

Exploits0

CVE•added 2026/04/24 1:46 a.m.•14 views

CVE-2026-32952

CVE-2026-32952 affects the Go package go-ntlmssp. Before version 0.1.1, a malformed NTLM challenge message can trigger a slice-out-of-bounds panic in ntlmssp.Negotiator when used as an HTTP transport, potentially crashing the Go process. The issue is fixed in version 0.1.1. Affected components ar...

7.5CVSS5.7AI score0.0007EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/04/24 1:46 a.m.•3 views

CVE-2026-32952

7.5CVSS5.3AI score0.0007EPSS

Exploits0

Cvelist•added 2026/04/24 1:46 a.m.•22 views

CVE-2026-32952 go-ntlmssp NTLM challenges can panic on malformed payloads

5.3CVSS0.0007EPSS

Exploits0References2

Positive Technologies•added 2026/04/24 12:0 a.m.•4 views

PT-2026-34952

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the arm64 architecture, the kernel fails to correctly handle invalid large leaf mappings. This occurs when page table entries ptes in the linear map are marked as invalid by clearing...

9.8CVSS5.9AI score0.00102EPSS

Exploits0References69

EUVD•added 2026/04/23 9:39 p.m.•5 views

EUVD-2026-25267

Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller...

7.7CVSS5.8AI score0.00054EPSS

Exploits1References2

Github Security Blog•added 2026/04/23 9:39 p.m.•6 views

Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller

Summary An unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed workflows.argoproj.io/pod-gc-strategy annotation. Because the panic occurs inside an informer goroutine outside the controller's recover scope, it...

7.7CVSS5.8AI score0.00054EPSS

Exploits1References3Affected Software2

OSV•added 2026/04/23 9:39 p.m.•4 views

GHSA-5JV8-H7QH-RF5P Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows Controller

7.7CVSS5.8AI score0.00054EPSS

Exploits1References3

OSV•added 2026/04/23 9:21 p.m.•3 views

GHSA-PJCQ-XVWQ-HHPJ go-ntlmssp NTLM challenges can panic on malformed payloads

5.3CVSS5.8AI score0.0007EPSS

Exploits0References4

Github Security Blog•added 2026/04/23 9:21 p.m.•7 views

go-ntlmssp NTLM challenges can panic on malformed payloads

7.5CVSS5.2AI score0.0007EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/04/23 6:12 p.m.•34 views

CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller

Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index in the pod informer's podGCFromPod function causes a controller-wide panic when a workflow pod carries a malformed...

7.7CVSS0.00054EPSS

Exploits1References1

Vulnrichment•added 2026/04/23 6:12 p.m.•3 views

CVE-2026-40886 Argo Workflows: Unchecked annotation parsing in pod informer crashes Argo Workflows controller

7.7CVSS5.2AI score0.00054EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by