CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

250 matches found

CVE-2026-56113

dhcpcd through 10.3.2, fixed in commit 5733d3c, contains a heap use-after-free vulnerability that allows unauthenticated same-link attackers to crash the daemon by sending a crafted DHCPv6 RENEW reply with RFC6603 OPTIONPDEXCLUDE and both preferred and valid lifetimes set to zero. Attackers actin...

6.5CVSS0.00175EPSS

Exploits0References2

NVD•added 5 days ago•5 views

CVE-2026-56115

Bootimus through 0.1.70 contains a broken access control vulnerability that allows authenticated low-privileged users to perform administrative actions by exploiting missing role enforcement in the JWTMiddleware function in internal/auth/auth.go, which validates JWT tokens and account status but...

8.8CVSS0.00303EPSS

Exploits1References2

Vulnrichment•added 5 days ago•4 views

CVE-2026-56115 Bootimus 0.1.70 Broken Access Control via JWTMiddleware Authorization Bypass

8.8CVSS5.9AI score0.00303EPSS

Exploits1References2

CVE•added 5 days ago•10 views

CVE-2026-56114

CVE-2026-56114 affects dhcpcd up to 10.3.2; the issue is a one-byte stack out-of-bounds write in dhcp6_makemessage() caused by serializing an oversized RFC6603 OPTION_PD_EXCLUDE body in a crafted DHCPv6 ADVERTISE with IA_PD IAPREFIX /0. The vulnerability can allow an unauthenticated same-link att...

6.5CVSS6.1AI score0.00175EPSS

Exploits0References2Affected Software1

Cvelist•added 5 days ago•33 views

CVE-2026-56114 dhcpcd Stack Out-of-Bounds Write in dhcp6_makemessage()

dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6makemessage in src/dhcp6.c that allows unauthenticated same-link attackers to write beyond a fixed local buffer by serializing an oversized RFC6603 OPTIONPDEXCLUDE option body...

6CVSS0.00175EPSS

Exploits0References2

EUVD•added 5 days ago•6 views

EUVD-2026-38492

6CVSS6.1AI score0.00175EPSS

Exploits0References2

CVE•added 5 days ago•9 views

CVE-2026-56113

Summary of CVE-2026-56113 : The dhcpcd project (up to version 10.3.2) contains a heap use-after-free vulnerability in the DHCPv6 path. Specifically, in dhcp6_deprecateaddrs(), when processing a crafted DHCPv6 RENEW reply (using RFC6603 OPTION_PD_EXCLUDE) with both the preferred and valid lifetime...

6.5CVSS5.9AI score0.00175EPSS

Exploits0References2Affected Software1

Cvelist•added 5 days ago•30 views

CVE-2026-56113 dhcpcd Heap Use-After-Free in dhcp6_deprecateaddrs via DHCPv6 RENEW

6CVSS0.00175EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: The parent reference count is dropped after pdfreefn is called. Some cgroup policies will access the parent PD through the child PD even after pdofflinefn is called. If pdfreefn for the parent is called before that fo...

5.7AI score0.00156EPSS

Exploits0References1

vulnersOsv•added 2026/05/29 7:32 p.m.•6 views

apache-airflow-providers-amazon (>=9.7.0 <=9.8.0rc1), arrow-pd-parser (>=1.0.0 <=1.0.4) +43 more potentially affected by CVE-2026-8838 via redshift-connector (>=2.0.888 <=2.1.13)

redshift-connector PYPI version =2.0.888, =9.7.0, =1.0.0, =0.1.1, =2.0.0, =0.1.7, =0.31.6, =0.1.17, =2.3.0.dev3, =1.0.0a2, =0.4.0, =0.0.1, =0.3.64, =6.1.2, =0.5.2, =1.5.0, =1.9.1 and more Source cves: CVE-2026-8838 Source advisory: OSV:GHSA-29H4-R29X-HCHV...

9.8CVSS5.4AI score0.00808EPSS

Exploits1

Microsoft CVE•added 2026/05/29 8:5 a.m.•6 views

RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdma_copy_pd_uresp()

...

5.5CVSS5.4AI score0.00128EPSS

Exploits0

CVE•added 2026/05/28 9:35 a.m.•21 views

CVE-2026-46127

CVE-2026-46127 affects the Linux kernel RDMA/ocrdma; the bug is a NULL dereference in ocrdma_copy_pd_uresp() when uctx is uninitialized, potentially causing a crash. Connected sources indicate patches exist in multiple OSV entries (Root:rootio-linux for Ubuntu 24.04 and Debian 11/12, OpenSUSE/ope...

5.5CVSS5.8AI score0.00128EPSS

Exploits0References8Affected Software1

SUSE CVE•added 2026/05/07 2:18 a.m.•9 views

SUSE CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

5.8AI score0.00114EPSS

Exploits0References3

Tenable Nessus•added 2026/05/07 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43108

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's...

5.5CVSS5.8AI score0.00114EPSS

Exploits0References2

EUVD•added 2026/05/06 12:30 p.m.•15 views

EUVD-2026-27626

5.8AI score0.00114EPSS

Exploits0References5

NVD•added 2026/05/06 10:16 a.m.•14 views

CVE-2026-43108

5.5CVSS0.00114EPSS

Exploits0References4

ATTACKERKB•added 2026/05/06 7:40 a.m.•8 views

CVE-2026-43108

5.7AI score0.00114EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/06 7:40 a.m.•28 views

CVE-2026-43108 soc: qcom: pd-mapper: Fix element length in servreg_loc_pfr_req_ei

0.00114EPSS

Exploits0References4

Debian CVE•added 2026/05/06 7:40 a.m.•7 views

CVE-2026-43108

5.5CVSS5.7AI score0.00114EPSS

Exploits0

Positive Technologies•added 2026/05/06 12:0 a.m.•7 views

PT-2026-37418

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreg loc pfr req ei It looks element length declared in servreg loc pfr req ei for reason not matching servreg loc pfr req's reason field due which we could observe decoding error on...

5.8AI score0.00114EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by