CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 3 hours ago•2 views

CVE-2026-45702

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior to version 4.11.0, a type confusion vulnerability exists in OP-TEE OS when processing an FFAMEMSHARE...

4.4CVSS

NVD•added 4 hours ago•4 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS

Cvelist•added 4 hours ago•2 views

CVE-2026-45702 OP-TEE has FF-A type confusion in SPMC tmem path that causes S-EL1 kernel panic

4.4CVSS

ATTACKERKB•added 4 hours ago•1 views

CVE-2026-45702

4.4CVSS5.8AI score

EUVD•added 5 hours ago•2 views

EUVD-2026-34139

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

ATTACKERKB•added 5 hours ago•3 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

CVE•added 5 hours ago•3 views

CVE-2026-40290

OP-TEE (Trusted Execution Environment) on Arm Cortex-A with TrustZone suffers a Use-After-Free race in FF-A shared-memory teardown when OP-TEE is configured as an SPMC for S-EL0 SPs (CFG_SECURE_PARTITION=y). The bug lies in sp_mem_remove() not acquiring the global sp_mem_lock before freeing entri...

Cvelist•added 5 hours ago•4 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS

Positive Technologies•added 22 hours ago•2 views

PT-2026-46046

4.4CVSS5.8AI score

Positive Technologies•added 22 hours ago•2 views

PT-2026-46006

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

RedhatCVE•added 2025/12/17 10:2 a.m.•1 views

CVE-2025-62864

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result in an out-of-bounds write within the UEFI-MM Secure Partition context...

9.8CVSS7.1AI score0.00056EPSS

EUVD•added 2025/12/16 6:31 p.m.•1 views

EUVD-2025-203819

Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver that could result in 1 an out-of-bounds read which leaks Secure-EL0 information to a process...

6.3AI score0.00015EPSS

Exploits0References3

OSV•added 2025/12/16 6:16 p.m.•1 views

CVE-2025-62864

9.8CVSS5.8AI score

NVD•added 2025/12/16 5:16 p.m.•1 views

CVE-2025-62862

4.6CVSS0.00015EPSS

Positive Technologies•added 2025/12/16 12:0 a.m.•2 views

PT-2025-51756

Name of the Vulnerable Software and Affected Versions AmpereOne AC03 versions prior to 3.5.9.3 AmpereOne AC04 versions prior to 4.4.5.2 AmpereOne M versions prior to 5.4.5.1 Description The software contains a flaw where an incorrectly formed System Management Call SMC to the UEFI-MM MMCommunicat...

9.8CVSS6.7AI score0.00056EPSS

Exploits0References5

Vulnrichment•added 2025/12/16 12:0 a.m.•2 views

CVE-2025-62864

6.7AI score0.00056EPSS

Cvelist•added 2025/12/16 12:0 a.m.•22 views

CVE-2025-62862

0.00015EPSS

CVE•added 2025/12/16 12:0 a.m.•5 views

CVE-2025-62862

CVE-2025-62862 concerns AmpereOne AC03 (before 3.5.9.3), AC04 (before 4.4.5.2), and M (before 5.4.5.1). The root cause is an incorrectly formed SMC call to the UEFI-MM Boot Error Record Table driver, enabling (1) out-of-bounds reads that may leak Secure-EL0 information to Non-Secure state, or (2)...

4.6CVSS6.4AI score0.00015EPSS

CVE•added 2025/12/16 12:0 a.m.•8 views

CVE-2025-62864

AmpereOne hardware (AC03 before 3.5.9.3, AC04 before 4.4.5.2, M before 5.4.5.1) is affected by CVE-2025-62864 due to an incorrectly formed SMC call to the UEFI-MM MMCommunicate service, which could cause an out-of-bounds write within the UEFI-MM Secure Partition context. Red Hat and NVD entries a...

9.8CVSS6.7AI score0.00056EPSS