Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

121480 matches found

NVD
NVDadded 2026/05/01 5:16 p.m.6 views

CVE-2026-37530

AGL agl-service-can-low-level thru 17.1.12 contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3...

7.5CVSS0.00402EPSS
Exploits0References2
NVD
NVDadded 2026/05/01 3:16 p.m.2 views

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

7.8CVSS0.00129EPSS
Exploits0References8
NVD
NVDadded 2026/05/01 2:16 p.m.6 views

CVE-2026-31707

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS0.00125EPSS
Exploits0References5
NVD
NVDadded 2026/05/01 2:16 p.m.5 views

CVE-2026-31699

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

7.1CVSS0.00126EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/01 2:15 p.m.5 views

EUVD-2026-26616

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...

5.8AI score0.00122EPSS
Exploits0References6
CVE
CVEadded 2026/05/01 2:14 p.m.19 views

CVE-2026-31762

CVE-2026-31762 affects the Linux kernel iio gyro mpu3050 driver. The root cause is an IRQ resource leak: during iio_trigger_register() failure, the interrupt handler is not properly released, leading to unreleased IRQ resources. The patch adds a cleanup goto to release the handler on error. Affec...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
EUVD
EUVDadded 2026/05/01 2:14 p.m.8 views

EUVD-2026-26571

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...

5.7AI score0.00126EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/01 2:14 p.m.34 views

CVE-2026-31758 usb: usbtmc: Flush anchored URBs in usbtmc_release

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...

7.8CVSS0.00126EPSS
Exploits0References8
Debian CVE
Debian CVEadded 2026/05/01 2:14 p.m.4 views

CVE-2026-31758

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...

7.8CVSS5.7AI score0.00126EPSS
Exploits0
EUVD
EUVDadded 2026/05/01 2:14 p.m.6 views

EUVD-2026-26570

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

5.8AI score0.00121EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2026/05/01 2:14 p.m.5 views

CVE-2026-31757

In the Linux kernel, the following vulnerability has been resolved: usb: misc: usbio: Fix URB memory leak on submit failure When usbsubmiturb fails in usbioprobe, the previously allocated URB is never freed, causing a memory leak. Fix this by jumping to errfreeurb label to properly release the UR...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
CVE
CVEadded 2026/05/01 2:14 p.m.15 views

CVE-2026-31748

CVE-2026-31748 (Linux kernel, comedi me_daq) : A firmware-overrun was fixed in the me2600_xilinx_download() path used by request_firmware(). The code trusts the firmware header and reads file_length from the first 4 bytes, then copies file_length bytes from offset 16 without verifying the data st...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/01 2:14 p.m.30 views

CVE-2026-31720 usb: gadget: f_uac1_legacy: validate control request size

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

0.00129EPSS
Exploits0References8
CVE
CVEadded 2026/05/01 2:14 p.m.11 views

CVE-2026-31720

CVE-2026-31720 : In the Linux kernel, the USB gadget path f_uac1_legacy incorrectly handles control request length. Specifically, f_audio_complete() copies req->length bytes into a 4-byte stack variable (data) via memcpy, with req->length derived from host-controlled USB requests. This can ...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References8Affected Software1
EUVD
EUVDadded 2026/05/01 2:14 p.m.10 views

EUVD-2026-26533

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

5.8AI score0.00129EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/01 2:14 p.m.2 views

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy, req-buf, req-length; req-length is derived from the host-controlled USB request...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVEadded 2026/05/01 2:14 p.m.4 views

CVE-2026-31720

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fuac1legacy: validate control request size faudiocomplete copies req-length bytes into a 4-byte stack variable: u32 data = 0; memcpy&data, req-buf, req-length; req-length is derived from the host-controlled USB reque...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
EUVD
EUVDadded 2026/05/01 1:56 p.m.8 views

EUVD-2026-26516

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

5.8AI score0.00125EPSS
Exploits0References4
CVE
CVEadded 2026/05/01 1:56 p.m.17 views

CVE-2026-31707

The CVE-2026-31707 issue affects the Linux kernel ksmbd component. The overflow vulnerability in ipc_validate_msg() arises from arithmetic on attacker-controlled fields when computing per-response message sizes, allowing wraparound in three cases (RPC_REQUEST, SHARE_CONFIG_REQUEST, LOGIN_REQUEST_...

7.1CVSS5.8AI score0.00125EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2026/05/01 1:56 p.m.32 views

CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...

7.1CVSS0.00125EPSS
Exploits0References5
Rows per page
Query Builder