CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

620 matches found

[SECURITY] Fedora 43 Update: python-urllib3-2.7.0-2.fc43

urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings many critical features that are missing from the Python standard libraries: =E2=80=A2 Thread safety. =E2=80=A2 Connection pooling. =E2=80=A2 Client-side SSL/TLS verification. =E2=80=A2 File uploads with multipart encoding...

5.8AI score

Exploits0

SUSE CVE•added 6 days ago•8 views

SUSE CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

9.8CVSS5.8AI score0.0006EPSS

Exploits0References3

Hacker One•added last week•5 views

curl: Proxy CONNECT response poisoning via authentication retry in cf-h1-proxy.c (libcurl)

Summary: When an HTTP/1.x proxy returns a 407 with no Content-Length and no chunked transfer-encoding, lib/cf-h1-proxy.c singleheader sets ts-keepon = KEEPONDONE but never sets ts-closeconnection = TRUE. Because ts-closeconnection and conn-bits.close both stay false, the CONNECT tunnel state...

5.8AI score

Exploits0

OSV•added 2026/05/28 10:16 a.m.•3 views

UBUNTU-CVE-2026-46137

9.8CVSS5.7AI score0.0006EPSS

Exploits0References8

Cvelist•added 2026/05/28 9:35 a.m.•24 views

CVE-2026-46137 mptcp: pm: ADD_ADDR rtx: fix potential data-race

9.8CVSS0.0006EPSS

Exploits0References5

CVE•added 2026/05/28 9:35 a.m.•13 views

CVE-2026-46137

CVE-2026-46137 affects the Linux kernel MPTCP implementation. The mptcp_pm_add_timer() helper runs as a timer callback in softirq context and can race with socket state unless the socket lock is held with bh_lock_sock(). The mitigation is to hold the lock and retry if the socket is in use, mirror...

9.8CVSS5.8AI score0.0006EPSS

Exploits0References5

SUSE CVE•added 2026/05/28 3:53 a.m.•4 views

SUSE CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

5.8AI score0.00032EPSS

Exploits0References3

Positive Technologies•added 2026/05/28 12:0 a.m.•7 views

PT-2026-44260

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A data race exists in the Multipath TCP MPTCP implementation. The mptcp pm add timer helper function, which operates as a timer callback in softirq context, fails to properly hold the...

5.8AI score0.0006EPSS

Exploits0References7

RedhatCVE•added 2026/05/27 7:37 p.m.•4 views

CVE-2026-46051

A flaw was found in the Linux kernel's md/raid5 component. When the retryalignedread function encounters an overlapped stripe, an issue in how stripes are released and processed can lead to an infinite loop. This prevents the system from resolving the overlap, resulting in a soft lockup and a...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References4

EUVD•added 2026/05/27 3:33 p.m.•6 views

EUVD-2026-32256

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

5.8AI score0.00072EPSS

Exploits0References7

NVD•added 2026/05/27 2:17 p.m.•4 views

CVE-2026-46051

0.00032EPSS

Exploits0References8

OSV•added 2026/05/27 2:17 p.m.•1 views

UBUNTU-CVE-2026-46051

5.7AI score0.00032EPSS

Exploits0References3

Debian CVE•added 2026/05/27 12:57 p.m.•3 views

CVE-2026-46051

5.7AI score0.00032EPSS

Exploits0

EUVD•added 2026/05/27 12:57 p.m.•3 views

EUVD-2026-32433

5.8AI score0.00032EPSS

Exploits0References5

ATTACKERKB•added 2026/05/27 12:57 p.m.•5 views

CVE-2026-46051

5.7AI score0.00032EPSS

Exploits0References9Affected Software1

Cvelist•added 2026/05/27 12:57 p.m.•31 views

CVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()

0.00032EPSS

Exploits0References8

CVE•added 2026/05/27 12:57 p.m.•10 views

CVE-2026-46051

The CVE-2026-46051 entry concerns the Linux kernel md/raid5 layer. It fixes a soft lockup in retry_aligned_read() when encountering an overlapped stripe. The bug occurs because a stripe released via raid5_release_stripe() enters the released_stripes list, and in the next raid5d loop, release_stri...

5.8AI score0.00032EPSS

Exploits0References8

CVE•added 2026/05/27 12:18 p.m.•10 views

CVE-2026-45972

The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...

9.8CVSS5.8AI score0.00072EPSS

Exploits0References6

Positive Technologies•added 2026/05/27 12:0 a.m.•5 views

PT-2026-43918

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retry aligned read When retry aligned read encounters an overlapped stripe, it releases the stripe via raid5 release stripe which puts it on the lockless released stripes llist. In the next raid5d loo...

5.8AI score0.00032EPSS

Exploits0References6