CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

103 matches found

CVE-2026-40290

A flaw was found in OP-TEE Trusted Execution Environment. A local attacker could exploit a user-after-free UAF race condition in the shared memory teardown logic when OP-TEE is configured as a Secure Partition Management Controller SPMC for Secure EL0 S-EL0 Secure Partitions. This vulnerability...

7.8CVSS6AI score0.00012EPSS

Exploits1References2

RedhatCVE•added 5 days ago•6 views

CVE-2026-45702

A flaw was found in OP-TEE OS, a Trusted Execution Environment TEE for Arm Cortex-A cores. A type confusion vulnerability exists when OP-TEE OS processes an FFAMEMSHARE request from the normal world. This flaw can be exploited by a local attacker with high privileges when OP-TEE is configured as ...

5.5CVSS5.8AI score0.00011EPSS

Exploits1References2

Vulnrichment•added 5 days ago•4 views

CVE-2026-45702 OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...

4.4CVSS5.8AI score0.00011EPSS

Exploits1References1

Cvelist•added 5 days ago•27 views

CVE-2026-45702 OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic

4.4CVSS0.00011EPSS

Exploits1References1

ATTACKERKB•added 5 days ago•4 views

CVE-2026-45702

4.4CVSS5.8AI score0.00011EPSS

Exploits1References2Affected Software1

CVE•added 5 days ago•9 views

CVE-2026-40290

OP-TEE (Trusted Execution Environment) on Arm Cortex-A with TrustZone suffers a Use-After-Free race in FF-A shared-memory teardown when OP-TEE is configured as an SPMC for S-EL0 SPs (CFG_SECURE_PARTITION=y). The bug lies in sp_mem_remove() not acquiring the global sp_mem_lock before freeing entri...

7.8CVSS5.8AI score0.00012EPSS

Exploits1References1Affected Software1

Vulnrichment•added 5 days ago•6 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00012EPSS

Exploits1References1

ATTACKERKB•added 5 days ago•6 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS5.8AI score0.00012EPSS

Exploits1References2Affected Software1

Cvelist•added 5 days ago•29 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS0.00012EPSS

Exploits1References1

Positive Technologies•added 5 days ago•5 views

PT-2026-46046

Name of the Vulnerable Software and Affected Versions OP-TEE versions 4.3.0 through 4.10.x Description A type confusion occurs in OP-TEE OS when processing an 'FFA MEM SHARE' request from the normal world. This issue specifically affects configurations where OP-TEE is set as a Secure Partition...

5.5CVSS5.8AI score0.00011EPSS

Exploits1References4

Tenable Nessus•added 5 days ago•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-45702

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...

5.5CVSS5.6AI score0.00011EPSS

Exploits1References3

EUVD•added 2025/12/16 6:31 p.m.•2 views

EUVD-2025-203819

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

6.3AI score0.00015EPSS

Exploits0References3

Cvelist•added 2025/12/16 12:0 a.m.•23 views

CVE-2025-62862

0.00015EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-19710

Malware in sbrugna...

7.8CVSS7.5AI score0.0005EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views