CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

636 matches found

CVE-2026-49319

CVE-2026-49319 concerns a roll-back attack on a Remote Keyless Entry System (RKES) using the 433 MHz key fob with FCC ID CWTR53R0 from ALPS ALPINE CO., LTD. The described vulnerability allows an attacker within RF range to record two consecutive lock/unlock transmissions and replay them to cause ...

6.9CVSS5.9AI score0.0024EPSS

Exploits0References2

NVD•added 4 days ago•5 views

CVE-2026-52929

In the Linux kernel, the following vulnerability has been resolved: sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves removed stream metadata behind, so a later re-add can reuse a stale ext a...

7.5CVSS0.00164EPSS

Exploits0References8

EUVD•added 4 days ago•8 views

EUVD-2026-38699

5.7AI score0.00164EPSS

Exploits0References8

CVE•added 4 days ago•6 views

CVE-2026-52929

The CVE affects the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the rollback only shrinks queued chunks and lowers outcnt, leaving removed stream metadata behind. A subsequent re-add can reuse a stale ext and trigger a null-pointer dereference in the scheduler get path, pot...

7.5CVSS5.7AI score0.00164EPSS

Exploits0References8

Cvelist•added 4 days ago•33 views

CVE-2026-52929 sctp: stream: fully roll back denied add-stream state

7.5CVSS0.00164EPSS

Exploits0References8

Tenable Nessus•added 4 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-52929

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: stream: fully roll back denied add-stream state When ADDOUTSTREAMS is denied, SCTP only shrinks the queued chunks and then lowers outcnt. That leaves...

7.5CVSS5.9AI score0.00164EPSS

Exploits0References3

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: octeonep VF: Fixed the issue where the devid used in the freeirq function did not match the original devid during the IRQ rollback process. The octepvfrequestirqs function requests MSI-X queues for IRQs with the devid set to...

7.8CVSS5.6AI score0.00152EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fpga: m10bmc-sec: Fixed probe rollback issues. Properly handled probe error rollbacks to avoid leaks...

5.5CVSS5.3AI score0.0014EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: clsact: Fixed a use-after-free issue in the init/destroy rollback asymmetry. A use-after-free occurred when initializing or destroying a clsact instance during the rollback process. This issue was addressed by first fully...

7.8CVSS5.7AI score0.00119EPSS

Exploits0References1

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: um: Add winch to winchhandlers before registering the winchIRQ. Registering a winchIRQ can lead to a race condition; an interrupt may occur before the winch is added to the winchhandlers list. If this happens, registerwinchirq ad...

5.5CVSS6.1AI score0.00233EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumacltcam: A memory leak was fixed during the rehash operation. The rehash operation delays the migration of filters from one region to another. This is achieved by iterating over all chunks all filters with the same...

6.4CVSS6.1AI score0.00728EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: don’t unregister hooks when the table is dormant When nftablesupdchain encounters an error, the hook registration needs to be rolled back. This should only be done if the hook has been registered, which will...

5.5CVSS6.1AI score0.00216EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Do not call cleanup on profile rollback failure When profile rollback fails in mlx5enetdevchangeprofile, the netdev profile var is left set to NULL. Avoid a crash when unloading the driver by not calling profile-cleanu...

5.5CVSS6.1AI score0.00231EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bpf: fixed the ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 Kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x...

5.5CVSS6.3AI score0.00147EPSS

Exploits0References2

GithubExploit•added 2026/06/09 10:46 a.m.•55 views

Exploit for Use After Free in Linux Linux_Kernel

🐧 CVE-2026-23111 - Linux Kernel nftables Use-After-Free Vulne...

7.8CVSS5.6AI score0.00236EPSS

Exploits6

CVE•added 2026/05/29 4:40 p.m.•20 views

CVE-2026-43917

CVE-2026-43917 (Dokploy) describes an IDOR due to a missing organization scoping check in the protectedProcedure middleware prior to 0.19.0. The middleware only validates authentication, not that the resource’s organization matches the session’s activeOrganizationId, enabling cross-organization a...

5.3CVSS5.8AI score0.00225EPSS

Exploits0References1

EUVD•added 2026/05/29 4:40 p.m.•9 views

EUVD-2026-33361

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.19.0 and earlier, the protectedProcedure middleware only verifies the user is authenticated - it does NOT enforce organization scoping. Each endpoint must individually verify the resource's org matches the session's...

5.3CVSS5.8AI score0.00225EPSS

Exploits0References1

Positive Technologies•added 2026/05/29 12:0 a.m.•12 views

PT-2026-44929

5.3CVSS5.8AI score0.00225EPSS

Exploits0References2

Tenable Nessus•added 2026/05/29 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-45891

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the...

7.8CVSS5.9AI score0.00129EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45891

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix double free issue for tx spare buffer In hns3setringparam, a temporary copy tmprings of the ring structure is created for rollback. However, the txspare pointer in the original ring handle is incorrectly left...

5.9AI score0.00129EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by