CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 5 days ago•3 views

UBUNTU-CVE-2026-52924

9.8CVSS5.6AI score0.00393EPSS

Exploits0References11

Debian CVE•added 5 days ago•5 views

CVE-2026-52924

9.8CVSS5.7AI score0.00393EPSS

Exploits0

Cvelist•added 5 days ago•28 views

CVE-2026-52924 sctp: purge outqueue on stale COOKIE-ECHO handling

9.8CVSS0.00393EPSS

EUVD•added 5 days ago•8 views

EUVD-2026-38727

5.8AI score0.00393EPSS

CVE•added 5 days ago•11 views

CVE-2026-52924

The CVE-2026-52924 entry describes a Linux kernel SCTP use-after-free vulnerability triggered during Stale COOKIE-ECHO handling. In COOKIE_WAIT transitions, sctp_stream_update() can leave a stale out_curr pointer after rolling back from COOKIE_ECHOED to COOKIE_WAIT, so scheduler paths (FCFS/RR/PR...

9.8CVSS5.8AI score0.00393EPSS

Tenable Nessus•added 5 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-52924

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: purge outqueue on stale COOKIE-ECHO handling sctpstreamupdate is only invoked when the association is moved into COOKIEWAIT during association...

9.8CVSS5.7AI score0.00393EPSS

Exploits0References4

NVD•added 2026/06/22 2:17 p.m.•11 views

CVE-2026-56450

AIL did not restrict repeated failed attempts to verify a two-factor authentication OTP code. An attacker who had reached the 2FA verification step, such as after successfully completing the password-authentication stage, could submit an unlimited number of OTP guesses. This could enable...

5.1CVSS0.0033EPSS

CVE•added 2026/06/22 1:2 p.m.•12 views

CVE-2026-56450

CVE-2026-56450 relates to the AIL Framework where the OTP (2FA) verification lacked rate-limiting, allowing unlimited OTP attempts after reaching the 2FA step. Root cause: no per-user throttling on failed OTPs. Impact: potential brute-force of OTPs enabling unauthorized access. The patch adds per...

5.1CVSS5.9AI score0.0033EPSS

ATTACKERKB•added 2026/06/22 1:2 p.m.•3 views

CVE-2026-56450

5.1CVSS5.9AI score0.0033EPSS

EUVD•added 2026/06/22 1:2 p.m.•7 views

EUVD-2026-38239

5.1CVSS5.9AI score0.0033EPSS

Cvelist•added 2026/06/22 1:2 p.m.•35 views

CVE-2026-56450 AIL Framework - Missing Rate Limiting Enables Brute-Force Attacks Against Two-Factor Authentication Codes

5.1CVSS0.0033EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net, neigh: Fixed the null-ptr-deref in neightableclear. When the IPv6 module is initialized, an error occurs in the middle. This results in a kernel panic with the following error message: KASAN: Nullptrderef in range...

5.5CVSS5.7AI score0.0016EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: wifi: rtw88: Use ieee80211purgetxqueue to purge TX skb. When removing kernel modules using rmmod rtw888723cs rtw888703b rtw888723x rtw88sdio rtw88core, the driver uses skbqueuepurge to purge TX skb, but does not report the TX...

7.8CVSS6.5AI score0.00223EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the net: stream module, the purge skerrorqueue operation in skstreamkillqueues has been fixed. Changheon Lee reported TCP socket leaks, with a detailed reproduction guide. It appears that we encounter TCP socket leaks in the...

5.4AI score0.00239EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: use old 'nbands' while purging unused classes Shuang reported schets test-case 1 crashing in etsclassqlennotify after recent changes from Lion 2. The problem is: in etsqdiscchange we purge unused DWRR queues; the...

5.5CVSS6.8AI score0.0016EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop, the packets from vif’s txq could still be processed. Indeed, another concurrent call to scheduleandwaketxq from vif could cause those packets to be dequeued...

5.5CVSS6.2AI score0.00157EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/tests: shmem: Hold the reservation lock during the purge operation. The tests now correctly acquire and release the reservation lock associated with the GEM object’s purge operation. The tests use drmgemshmempurgelocked, whic...

5.5CVSS5.7AI score0.00121EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Purge error queues in socket destructors When TX timestamping is enabled via SOTIMESTAMPING, SKBs may be queued into skerrorqueue and will remain there until they are consumed. If userspace never gets to read the...

5.5CVSS5.7AI score0.00121EPSS