CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 8 hours ago•5 views

EUVD-2026-38699

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

5.7AI score

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: octeonep VF: Fixed the issue where the devid used in the freeirq function did not match the original devid during the IRQ rollback process. The octepvfrequestirqs function requests MSI-X queues for IRQs with the devid set to...

7.8CVSS5.6AI score0.00152EPSS

AstraLinux•added 5 days ago•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clsact: Fixed a use-after-free issue in the init/destroy rollback asymmetry. A use-after-free occurred when initializing or destroying a clsact instance during the rollback process. This issue was addressed by first fully...

7.8CVSS5.7AI score0.00119EPSS

Exploits0References1

AstraLinux•added 5 days ago•6 views

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak was fixed during the rehash operation. The rehash operation delays the migration of filters from one region to another. This is achieved by iterating over all chunks all filters with the same...

6.4CVSS6.1AI score0.00728EPSS

AstraLinux•added 5 days ago•4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winchhandlers before registering the winchIRQ. Registering a winchIRQ can lead to a race condition; an interrupt may occur before the winch is added to the winchhandlers list. If this happens, registerwinchirq ad...

5.5CVSS6.1AI score0.00233EPSS

GithubExploit•added 2026/06/09 10:46 a.m.•50 views

Exploit for Use After Free in Linux Linux_Kernel

🐧 CVE-2026-23111 - Linux Kernel nftables Use-After-Free Vulne...

7.8CVSS5.6AI score0.00236EPSS

Exploits5

EUVD•added 2026/05/29 4:40 p.m.•8 views

EUVD-2026-33361

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scoping. Each endpoint must individually verify the resource's org matches the session's...

5.3CVSS5.8AI score0.00225EPSS

Exploits0References1

CVE•added 2026/05/29 4:40 p.m.•19 views

CVE-2026-43917

CVE-2026-43917 (Dokploy) describes an IDOR due to a missing organization scoping check in the protectedProcedure middleware prior to 0.19.0. The middleware only validates authentication, not that the resource’s organization matches the session’s activeOrganizationId, enabling cross-organization a...

5.3CVSS5.8AI score0.00225EPSS

Exploits0References1

Positive Technologies•added 2026/05/29 12:0 a.m.•10 views

PT-2026-44929

5.3CVSS5.8AI score0.00225EPSS

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the...

5.9AI score0.00173EPSS

SUSE CVE•added 2026/05/28 3:56 a.m.•10 views

SUSE CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

5.9AI score0.00173EPSS

EUVD•added 2026/05/27 3:33 p.m.•9 views

EUVD-2026-32357

5.9AI score0.00173EPSS

NVD•added 2026/05/27 2:17 p.m.•9 views

CVE-2026-45891

0.00173EPSS

Exploits0References7

OSV•added 2026/05/27 2:17 p.m.•3 views

UBUNTU-CVE-2026-45891

5.8AI score0.00173EPSS

OSV•added 2026/05/27 2:17 p.m.•4 views

UBUNTU-CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

5.5CVSS5.7AI score0.00123EPSS

EUVD•added 2026/05/27 12:56 p.m.•9 views

EUVD-2026-32421

5.8AI score0.00123EPSS

Exploits0References5

Cvelist•added 2026/05/27 12:56 p.m.•37 views

CVE-2026-46040 inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails

0.00123EPSS