Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9100 matches found

OSV
OSVadded 2026/05/06 12:11 p.m.0 views

SUSE-SU-2026:1716-1 Security update for libpng12

This update for libpng12 fixes the following issues: Update to version 1.2.59 jscPED-16191. Security issues : - CVE-2017-12652: missing chunk length check can lead to sensitive information disclosure, data corruption or crash bsc1141493. - CVE-2026-33416: use-after-free via pointer aliasing in...

9.8CVSS7.2AI score0.00609EPSS
Exploits2References7
Cvelist
Cvelistadded 2026/05/06 11:32 a.m.24 views

CVE-2025-71289 fs/ntfs3: handle attr_set_size() errors when truncating files

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state...

0.00013EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2026/05/06 11:32 a.m.2 views

CVE-2025-71289

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state...

5.5CVSS5.7AI score0.00013EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/05/06 11:32 a.m.2 views

CVE-2025-71289

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attrsetsize errors when truncating files If attrsetsize fails while truncating down, the error is silently ignored and the inode may be left in an inconsistent state...

5.7AI score0.00013EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/05/06 11:28 a.m.7 views

CVE-2026-43252

CVE-2026-43252 concerns the Linux kernel MPTCP subsystem (Multiswitch TCP). The issue arises in the in-kernel MPTCP path for removing endpoints, where code path __mark_subflow_endp_available/mptcp_pm_nl_fullmesh/mptcp_pm_nl_set_flags_all/mptcp_pm_nl_set_flags can trigger a kernel warning when a s...

5.5CVSS5.8AI score0.00012EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/05/06 11:28 a.m.7 views

CVE-2026-43208

The CVE-2026-43208 entry describes a Linux kernel networking vulnerability where an incorrect assumption about the Receive Packet Steering (RPS) table size/immutability leads to out-of-bounds access when computing the flow_id in set_rps_cpu(). The fix requires computing flow_id within set_rps_cpu...

9.8CVSS5.8AI score0.00053EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/05/06 11:28 a.m.4 views

CVE-2026-43208

In the Linux kernel, the following vulnerability has been resolved: net: do not pass flowid to setrpscpu Blamed commit made the assumption that the RPS table for each receive queue would have the same size, and that it would not change. Compute flowid in setrpscpu, do not assume we can use the...

9.8CVSS5.7AI score0.00053EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/06 11:28 a.m.30 views

CVE-2026-43206 drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

7.8CVSS0.00013EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/06 11:28 a.m.2 views

CVE-2026-43206

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfdeventpageset The kfdeventpageset function writes KFDSIGNALEVENTLIMIT 8 bytes via memset without checking the buffer size parameter. This allows unprivileged userspace to trigger an out-of...

5.9AI score0.00013EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2026/05/06 11:27 a.m.24 views

CVE-2026-43180 net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: remove TX queue manipulation in kawethsetrxmode kawethsetrxmode, the ndosetrxmode callback, calls netifstopqueue and netifwakequeue. These are TX queue flow control functions unrelated to RX multicast...

7.8CVSS0.00017EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/06 11:27 a.m.24 views

CVE-2026-43137 ASoC: SOF: Intel: hda: Fix NULL pointer dereference

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

0.00013EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/06 11:27 a.m.4 views

CVE-2026-43137

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the topology, it is possible that the playback/capture widget is not set, especially in the case of loopbac...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References6Affected Software1
CVE
CVEadded 2026/05/06 11:27 a.m.7 views

CVE-2025-71274

CVE-2025-71274 concerns the Linux kernel rpmsg core. A race existed between driver_override_show() and driver_override_store(): the show path read the driver_override string without holding the device_lock, while the store path modified and freed it while the lock was held, enabling a use-after-f...

4.7CVSS5.8AI score0.00012EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/06 11:27 a.m.4 views

CVE-2025-71274

In the Linux kernel, the following vulnerability has been resolved: rpmsg: core: fix race in driveroverrideshow and use core helper The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, the store function modifies and frees the string while holdi...

5.8AI score0.00012EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2026/05/06 11:27 a.m.30 views

CVE-2025-71273 wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band()

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...

0.00013EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2026/05/06 11:27 a.m.3 views

CVE-2025-71273

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devmkmemdup in rtwsetsupportedband Simplify the code by using device managed memory allocations. This also fixes a memory leak in rtwregisterhw. The supported bands were not freed in the error path. Copied from...

5.5CVSS5.8AI score0.00013EPSS
Exploits0
CVE
CVEadded 2026/05/06 11:27 a.m.6 views

CVE-2025-71273

The CVE-2025-71273 entry concerns the Linux kernel’s rtw88 Wi‑Fi driver. The issue arises from a memory leak in rtw_register_hw(), where memory allocated for supported bands was not freed on error paths. The patch standardizes memory allocation using device-managed memory (devm_kmemdup()) in rtw_...

5.5CVSS5.8AI score0.00013EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2026/05/06 10:16 a.m.2 views

CVE-2026-43114

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...

9.4CVSS0.00062EPSS
Exploits0References8
SUSE Linux
SUSE Linuxadded 2026/05/06 7:43 a.m.3 views

Security update for libpng12

This update for libpng12 fixes the following issues: Update to version 1.2.59 jscPED-16191. CVE-2026-33416: use-after-free via pointer aliasing in pngsettRNS and pngsetPLTE can lead to arbitrary code execution bsc1260754. CVE-2026-34757: use-after-free in pngsetPLTE, pngsettRNS and pngsethIST can...

9.2CVSS6.8AI score0.00026EPSS
Exploits2References10
Debian CVE
Debian CVEadded 2026/05/06 7:40 a.m.3 views

CVE-2026-43114

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...

9.4CVSS5.7AI score0.00062EPSS
Exploits0
Rows per page
Query Builder