CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/08 2:22 p.m.•4 views

CVE-2026-43456

In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bondsetupbyslave kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP: 0010:pskbexpandhead+0xa08/0xfe0 net/core/skbuff.c:2306 RSP: 0018:ffffc90004aff760 EFLAGS:...

5.7AI score0.00018EPSS

Exploits0References5Affected Software1

Debian CVE•added 2026/05/08 2:22 p.m.•4 views

CVE-2026-43456

7.8CVSS5.7AI score0.00018EPSS

Exploits0

Cvelist•added 2026/05/08 2:22 p.m.•29 views

CVE-2026-43456 bonding: fix type confusion in bond_setup_by_slave()

7.8CVSS0.00018EPSS

Exploits0References4

Debian CVE•added 2026/05/08 2:22 p.m.•4 views

CVE-2026-43440

In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path, set gc-servicewq to NULL after destroyworkqueue to match the cleanup in managdcleanup. This prevents a use-after-free if the workqueue...

7.8CVSS5.7AI score0.00015EPSS

Exploits0

ATTACKERKB•added 2026/05/08 2:22 p.m.•3 views

CVE-2026-43440

5.7AI score0.00015EPSS

Exploits0References4Affected Software1

CVE•added 2026/05/08 2:22 p.m.•8 views

CVE-2026-43440

CVE-2026-43440 affects the Linux kernel net/mana driver, where during mana_gd_setup() cleanup a workqueue pointer (service_wq) could remain non-NULL after destroy_workqueue(), leading to a potential use-after-free if the pointer is checked after a failed setup. Connected advisories confirm the ro...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/08 2:22 p.m.•28 views

CVE-2026-43440 net/mana: Null service_wq on setup error to prevent double destroy

0.00015EPSS

ATTACKERKB•added 2026/05/08 2:21 p.m.•5 views

CVE-2026-43372

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Fix error path in PTP IRQ setup If requestthreadedirq fails during the PTP message IRQ setup, the newly created IRQ mapping is never disposed. Indeed, the kszptpirqsetup's error path only frees the mappings...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References6Affected Software1

OSV•added 2026/05/08 2:4 p.m.•8 views

MAL-2026-3396 Malicious code in ninja-core-optimizer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fbe38f659a9fac5304f648aa594e12123221abd687755378f05b3efe17d6d4c7 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location --- Category: MALICIOUS - The campaign has clearly maliciou...

OSSF Malicious Packages•added 2026/05/08 2:4 p.m.•8 views

Malicious code in ninja-core-optimizer (PyPI)

EUVD•added 2026/05/08 12:31 a.m.•7 views

EUVD-2026-28465

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

5.9CVSS5.8AI score0.0003EPSS

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39101

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the Linux kernel within the mana gd setup function error path. The problem occurs because the service wq pointer is not set to NULL after destroy workque...

5.8AI score0.00015EPSS

Exploits0References6

CNNVD•added 2026/05/08 12:0 a.m.•5 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a type confusion in the bonding component’s bondsetupbyslave function, potentially leading to...

7.8CVSS5.8AI score0.00018EPSS

Exploits0References2

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39033

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the net: dsa: microchip component where the ksz ptp irq setup function fails to dispose of a newly created IRQ mapping if the request threaded irq function fails durin...

5.8AI score0.00015EPSS

Exploits0References8

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mana: Null servicewq on setup error to prevent double destroy In managdsetup error path,...

7.8CVSS5.7AI score0.00015EPSS

NVD•added 2026/05/07 10:16 p.m.•9 views

CVE-2026-8106

6.1CVSS0.0003EPSS

Exploits0References2

OSV•added 2026/05/07 9:25 p.m.•3 views

MAL-2026-3372 Malicious code in ninja-core-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 65af5eaa02abf860465d0ee9e11d7b10e3e1e36473aec951f8c1ea38ed8a8560 During installation, obfuscated code exfiltrates cryptocurrency wallet data to a hardcoded location --- Category: MALICIOUS - The campaign has clearly maliciou...

OSSF Malicious Packages•added 2026/05/07 9:25 p.m.•7 views

Malicious code in ninja-core-utils (PyPI)