CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/28 10:16 a.m.•7 views

CVE-2026-46125

8.8CVSS0.00021EPSS

Debian CVE•added 2026/05/28 9:35 a.m.•4 views

CVE-2026-46125

8.8CVSS5.7AI score0.00021EPSS

Exploits0

CVE•added 2026/05/28 9:35 a.m.•8 views

CVE-2026-46125

CVE-2026-46125 describes a Linux kernel issue in the wifi mac80211 path where, if Multi-Link Operation (MLO) connection preparation fails, the associated station may not be removed correctly. The advisory states that the interface is reset to non-MLD and the station linked to the vif should be de...

8.8CVSS5.8AI score0.00021EPSS

Cvelist•added 2026/05/28 9:35 a.m.•24 views

CVE-2026-46125 wifi: mac80211: remove station if connection prep fails

8.8CVSS0.00021EPSS

CNNVD•added 2026/05/28 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the connection preparation in the mac80211 module. This failure results in the site not...

8.8CVSS5.8AI score0.00021EPSS

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-46100

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...

7.8CVSS0.00013EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43754

In the Linux kernel, the following vulnerability has been resolved: af unix: Fix memleak of newsk in unix stream connect. When prepare peercred fails in unix stream connect, unix release sock is not called for newsk, and the memory is leaked. Let's move prepare peercred before unix create1...

5.8AI score0.00022EPSS

Exploits0References4

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iouring: A filename leak was addressed in ioopenatprep. The ioopenatprep function allocates a struct filename using getname. However, if the file is installed in the fixed file table and the OCLOEXEC flag is set, the function...

5.8AI score0.00068EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clonesetctl only applies to the flushed set Syzbot, using fault injection, triggered a failing memory allocation with GFPKERNEL, resulting in a WARN message: iter.err WARNING: net/netfilter/nftablesapi.c:845 ...

5.5CVSS5.8AI score0.00017EPSS

CNNVD•added 2026/05/20 12:0 a.m.•3 views

WordPress plugin Infility Global SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.9AI score0.00011EPSS

SUSE CVE•added 2026/05/09 2:39 a.m.•8 views

SUSE CVE-2026-43279

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At silencing the playback URB packets in the implicit fb mode before the actual playback, we blindly assume that the received packets fit with the buffer size. But whe...

7.8CVSS5.8AI score0.00013EPSS

Cvelist•added 2026/05/08 2:22 p.m.•23 views

CVE-2026-43455 mctp: route: hold key->lock in mctp_flow_prepare_output()

In the Linux kernel, the following vulnerability has been resolved: mctp: route: hold key-lock in mctpflowprepareoutput mctpflowprepareoutput checks key-dev and may call mctpdevsetkey, but it does not hold key-lock while doing so. mctpdevsetkey and mctpdevreleasekey are annotated with...

0.00013EPSS

Exploits0References6

EUVD•added 2026/05/06 12:30 p.m.•1 views

EUVD-2026-27548

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

7.5CVSS5.9AI score0.00084EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: media: cx88: A null-ptr-deref bug was fixed in bufferprepare. When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in an empty buffer and a null-ptr-deref later in bufferqueue. The...

5.5CVSS5.9AI score0.00016EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в mariadb-10.3

MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fixfieldsifneeded under mysqlderivedprepare when derived is not yet prepared, leading to a findfieldintable crash...

4.9CVSS6.4AI score0.0002EPSS

Exploits0References2

RedhatCVE•added 2026/05/01 7:33 p.m.•1 views

CVE-2026-31696

A flaw was found in the Linux kernel's rxrpc component. An unprivileged user can exploit this by providing an excessively large ticket length during key preparsing. This improper validation leads to an oversized token calculation when the key is subsequently read, triggering a system warning and...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References4

CNNVD•added 2026/04/16 12:0 a.m.•5 views

WordPress plugin Accessibility Suite by Ability, Inc 安全漏洞

6.5CVSS5.9AI score0.00012EPSS

CNNVD•added 2026/04/16 12:0 a.m.•5 views

WordPress plugin DirectoryPress – Business Directory And Classified Ad Listing 安全漏洞

7.5CVSS5.9AI score0.00035EPSS