CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/06/10 2:16 a.m.•13 views

CVE-2026-45542

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a heap buffer overflow exists in the Security Scheme 2 SRP6a session-setup path of the protocomm component. The first-phase handler handlesessioncommand0 in...

7.1CVSS0.00325EPSS

EUVD•added 2026/06/10 12:34 a.m.•9 views

EUVD-2026-35918

7.1CVSS5.8AI score0.00325EPSS

CVE•added 2026/06/10 12:34 a.m.•28 views

CVE-2026-45542

ESF-IDF (Espressif IoT Development Framework) versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0 suffer a heap buffer overflow in protocomm Security Scheme 2 (SRP6a) during session setup. The handle_session_command0() path copies a client-provided SRP6a username field into a smaller destination buffer,...

7.1CVSS5.8AI score0.00325EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2026/06/10 12:34 a.m.•7 views

CVE-2026-45542 ESF-IDF: Heap buffer overflow in protocomm Security2 over Bluetooth

7.1CVSS5.7AI score0.00325EPSS

EUVD•added 2026/05/27 3:16 p.m.•10 views

EUVD-2026-32563

Ella Core is a 5G core designed for private networks. Prior to 1.10.0, a radio with a valid NG Setup can send a forged PDUSessionResourceSetupResponse carrying any UE's AMF-UE-NGAP-ID. Ella Core does not verify the message arrived on the SCTP association bound to that UE's logical NG-connection,...

7.1CVSS5.8AI score0.00166EPSS

CVE•added 2026/05/27 3:16 p.m.•17 views

CVE-2026-44473

CVE-2026-44473 affects Ella Core (5G core for private networks). Before v1.10.0, a radio with a valid NG Setup could send a forged PDUSessionResourceSetupResponse containing another UE’s AMF-UE-NGAP-ID. Ella Core does not verify the message arrived on the SCTP association bound to that UE’s NG-co...

7.1CVSS5.8AI score0.00166EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2SESSIONSETUP commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

9CVSS6.9AI score0.02593EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Validates the mech token during session setup. If a client sends an invalid mech token in a session setup request, ksmbd validates it and reports an error if the token is invalid...

7.1CVSS5.7AI score0.78388EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•8 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel. A memory leak may occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion...

5.3CVSS5.6AI score0.00453EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•7 views

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...

8.1CVSS6.7AI score0.02393EPSS

NVD•added 2026/04/06 8:16 a.m.•2 views

CVE-2026-31409

In the Linux kernel, the following vulnerability has been resolved: ksmbd: unset conn-binding on failed binding request When a multichannel SMB2SESSIONSETUP request with SMB2SESSIONREQFLAGBINDING fails ksmbd sets conn-binding = true but never clears it on the error path. This leaves the connectio...

8.8CVSS0.00454EPSS

OSV•added 2026/04/06 8:16 a.m.•2 views

UBUNTU-CVE-2026-31409

8.8CVSS5.7AI score0.00454EPSS

Exploits0References9

Debian CVE•added 2026/04/06 7:38 a.m.•1 views

CVE-2026-31409

8.8CVSS5.2AI score0.00454EPSS

Exploits0

Redos•added 2026/04/03 12:0 a.m.•4 views

ROS-20260403-73-0002

A vulnerability in the smb2sesssetup function of the fs/smb/server/smb2pdu.c module of the ksmbd component of the Linux operating system kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a...

7.8CVSS6.7AI score0.00356EPSS

Exploits2

ATTACKERKB•added 2026/04/02 9:52 p.m.•5 views

CVE-2022-4986

Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service...

8.7CVSS5.9AI score0.00438EPSS

RedhatCVE•added 2026/03/27 5:9 p.m.•3 views

CVE-2026-27828

EVerest is an EV charging software stack. Prior to version 2026.02.0, ISO15118chargerImpl::handlesessionsetup uses v2gctx after it has been freed when ISO15118 initialization fails e.g., no IPv6 link-local address. The EVSE process can be crashed remotely by an attacker with MQTT access who issue...

7.5CVSS5.8AI score0.00286EPSS

NVD•added 2026/03/26 5:16 p.m.•7 views

CVE-2026-27828

7.5CVSS0.00286EPSS

Vulnrichment•added 2026/03/26 4:34 p.m.•2 views

CVE-2026-27828 EVerest: ISO15118 session_setup use-after-free can crash EVSE process

6.9CVSS5.8AI score0.00286EPSS