CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/05/28 9:36 a.m.•12 views

CVE-2026-46154

CVE-2026-46154 affects the Linux kernel sched_ext functionality. Root cause: in cgroup setters, scx_group_set_{weight,idle,bandwidth}() cache the scx_root before acquiring scx_cgroup_ops_rwsem, enabling a window where the pointer can become stale if a scheduler is disabled and freed (via RCU) and...

7CVSS5.8AI score0.00013EPSS

Cvelist•added 2026/05/28 9:36 a.m.•25 views

CVE-2026-46154 sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters

7CVSS0.00013EPSS

Debian CVE•added 2026/05/28 9:36 a.m.•6 views

CVE-2026-46154

7CVSS5.7AI score0.00013EPSS

Exploits0

OSV•added 2026/05/18 6:10 p.m.•5 views

CLSA-2026-1779127797 libpng15: Fix of CVE-2026-34757

CVE-2026-34757: Use snapshot-before-free and defer-free patterns to prevent use-after-free when a caller passes a pointer obtained from pnggetPLTE, pnggettRNS, pnggethIST, pnggettext, pnggetsPLT, or pnggetunknownchunks back into the corresponding setter issues 836 and 837...

5.1CVSS5.8AI score0.00006EPSS

Exploits1References1

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1859 firewalld security update

firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. Security Fixes: A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and...

OSV•added 2026/04/11 2:3 p.m.•1 views

OESA-2026-1858 firewalld security update

OSV•added 2026/04/11 2:3 p.m.•2 views

OESA-2026-1857 firewalld security update

Slackware Linux•added 2026/04/09 11:14 p.m.•5 views

[slackware-security] libpng

New libpng packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libpng-1.6.57-i586-1slack15.0.txz: Upgraded. Fixed a medium severity security issue: Use-after-free in pngsetPLTE, pngsettRNS and...

5.1CVSS5.9AI score0.00006EPSS

Exploits1

NVD•added 2026/04/09 3:16 p.m.•0 views

CVE-2026-34757

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.0.9 to before 1.6.57, passing a pointer obtained from pnggetPLTE, pnggettRNS, or pnggethIST back into the corresponding setter on the same...

5.1CVSS0.00006EPSS

Exploits1References6

SUSE CVE•added 2026/03/28 6:26 p.m.•3 views

SUSE CVE-2026-4948

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus Desktop Bus setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication,...

5.5CVSS5.8AI score0.00031EPSS

Exploits0References6

EUVD•added 2026/03/27 6:31 a.m.•1 views

EUVD-2026-16557

NVD•added 2026/03/27 6:16 a.m.•2 views

CVE-2026-4948

5.5CVSS0.00031EPSS

UbuntuCve•added 2026/03/27 6:16 a.m.•1 views

CVE-2026-4948

5.5CVSS5.8AI score0.00031EPSS

Debian CVE•added 2026/03/27 5:30 a.m.•2 views

CVE-2026-4948

5.5CVSS5.2AI score0.00031EPSS

Exploits0

Cvelist•added 2026/03/27 5:30 a.m.•27 views

CVE-2026-4948 Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

5.5CVSS0.00031EPSS

CVE•added 2026/03/27 5:30 a.m.•68 views

CVE-2026-4948

The CVE-2026-4948 entry concerns firewalld where a local unprivileged user can exploit mis-authorization of two runtime D-Bus setters (setZoneSettings2 and setPolicySettings). This allows modifying the runtime firewall state without authentication, leading to unauthorized changes in network secur...