Lucene search
K

1784 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 8:22 p.m.8 views

CVE-2026-40410

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.8 views

EUVD-2026-29924

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References5
NVD
NVD
added 2026/05/13 1:1 p.m.9 views

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS0.00549EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:27 a.m.8 views

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

5.8AI score0.00549EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/05/13 8:27 a.m.35 views

CVE-2026-5773

CVE-2026-5773 affects libcurl and involves a logical error in the SMB connection reuse pool. The code could reuse an existing SMB connection to the same server but with a different share, potentially causing the wrong file to be downloaded or a file to be uploaded to the wrong location, while cre...

7.5CVSS5.8AI score0.00549EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 8:27 a.m.8 views

CVE-2026-5773 wrong reuse of SMB connection

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

5.8AI score0.00549EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/05/13 8:27 a.m.6 views

CVE-2026-5773

libcurl might in some circumstances reuse the wrong connection for SMBS transfers. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of criteria must be met. Due to a logical error in the...

7.5CVSS5.8AI score0.00549EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.13 views

SUSE CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

7.1CVSS5.8AI score0.00217EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/05/13 3:34 a.m.7 views

SUSE CVE-2026-43377

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

8.1CVSS5.7AI score0.00248EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.12 views

libcurl 代码问题漏洞

libcurl is an open-source, free, and easy-to-use client URL transfer library for cURL. There are code vulnerabilities in libcurl, stemming from errors in connection reuse logic. These vulnerabilities may cause SMB transfers to incorrectly reuse existing connections to different shares, resulting ...

7.5CVSS5.9AI score0.00549EPSS
Exploits1References1
EUVD
EUVD
added 2026/05/12 6:30 p.m.33 views

EUVD-2026-29669

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 4:58 p.m.7 views

CVE-2026-40410

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS
Exploits0References2Affected Software18
Vulnrichment
Vulnrichment
added 2026/05/12 4:58 p.m.7 views

CVE-2026-40410 Windows SMB Client Elevation of Privilege Vulnerability

...

7CVSS5.8AI score0.00243EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 4:58 p.m.36 views

CVE-2026-40410

Technical details (affected component, root cause, affected versions, exploit vectors or fixes) are not publicly provided in the supplied documents; monitor for updates from official advisories.

7CVSS5.8AI score0.00243EPSS
Exploits0References1Affected Software14
Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.9 views

Windows SMB Client Elevation of Privilege Vulnerability

Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally...

7CVSS5.8AI score0.00243EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

Microsoft Windows SMB Client 资源管理错误漏洞

Microsoft Windows SMB Client is a software application developed by Microsoft Corporation. It is a SMB client. The Microsoft Windows SMB Client has a resource management vulnerability that can be exploited by attackers to gain elevated privileges. The following products and versions are affected:...

7CVSS5.8AI score0.00243EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 9:17 p.m.11 views

CVE-2026-43378

A flaw was found in the Linux kernel. Specifically, within the Server Message Block SMB server component, a use-after-free vulnerability exists in the smb2open function. This issue arises when an opinfo pointer is accessed after its memory has been deallocated, creating a window for potential...

9.8CVSS6AI score0.00308EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/05/08 8:34 p.m.13 views

CVE-2026-43362

A flaw was found in the Linux kernel's Server Message Block SMB client. This vulnerability allows a remote attacker to cause data corruption. When an SMB client attempts to write data over an unstable connection, the in-place encryption process can lead to already encrypted data being re-sent...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/08 3:31 p.m.14 views

EUVD-2026-28683

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Don't log keys in SMB3 signing and encryption key generation When KSMBDDEBUGAUTH logging is enabled, generatesmb3signingkey and generatesmb3encryptionkey log the session, signing, encryption, and decryption key bytes. Remo...

5.8AI score0.00248EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/08 3:31 p.m.8 views

EUVD-2026-28684

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix use-after-free in smb2open The opinfo pointer obtained via rcudereferencefp-fopinfo is dereferenced after rcureadunlock, creating a use-after-free window...

5.8AI score0.00308EPSS
Exploits0References7
Rows per page
Query Builder