CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2 days ago•5 views

CVE-2026-7431

An incorrect permission assignment for critical resource of Ivanti Secure Access Client before 22.8R6 allows a local authenticated user to read or modify sensitive log data via write access to a shared memory section...

4.4CVSS5.5AI score0.00042EPSS

Tenable Nessus•added 3 days ago•5 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Tomcat Connectors vulnerability (USN-8369-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8369-1 advisory. It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like...

5.9CVSS6.3AI score0.00039EPSS

Exploits0References2

NVD•added 4 days ago•8 views

CVE-2026-40290

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior to 4.11.0, a user-after-free UAF race condition exists in the shared memory teardown logic of FF-A...

7.8CVSS0.00012EPSS

EUVD•added 4 days ago•6 views

EUVD-2026-34139

ATTACKERKB•added 4 days ago•6 views

CVE-2026-40290

Exploits1References2Affected Software1

CVE•added 4 days ago•7 views

CVE-2026-40290

OP-TEE (Trusted Execution Environment) on Arm Cortex-A with TrustZone suffers a Use-After-Free race in FF-A shared-memory teardown when OP-TEE is configured as an SPMC for S-EL0 SPs (CFG_SECURE_PARTITION=y). The bug lies in sp_mem_remove() not acquiring the global sp_mem_lock before freeing entri...

Exploits1References1Affected Software1

Vulnrichment•added 4 days ago•6 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

Cvelist•added 4 days ago•29 views

CVE-2026-40290 OP-TEE has a Use-After-Free race in FF-A shared-memory teardown

7.8CVSS0.00012EPSS

Ubuntu•added 5 days ago•7 views

USN-8369-1: Apache Tomcat Connectors vulnerability

It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...

5.9CVSS6.3AI score0.00039EPSS

OSV•added 5 days ago•6 views

USN-8369-1 libapache-mod-jk vulnerability

5.9CVSS6.3AI score0.00039EPSS

Exploits0References2

Packet Storm News•added 6 days ago•9 views

PeAR: A Static Binary Rewriting Framework for Binary-Only Fuzzing

Binary-only fuzzing is a key technique for finding bugs in close-source software. Without access to source code, the fuzzer must rely on static or dynamic binary instrumentation for coverage guidance. In practice, most fuzzers favor dynamic binary instrumentation DBI, accepting runtime overhead t...

5.8AI score

Debian CVE•added 2026/05/28 9:40 a.m.•6 views

CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

7.8CVSS5.8AI score0.00013EPSS

Debian CVE•added 2026/05/27 12:56 p.m.•7 views

CVE-2026-46027

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...

7.5CVSS5.7AI score0.00068EPSS

Hacker One•added 2026/05/21 6:31 a.m.•19 views

Node.js: Memory Corruption via TOCTOU Race in SharedArrayBuffer UTF-8 Decode (`StringBytes::Encode`)

I discovered a memory corruption vulnerability in Node.js's native UTF-8 string decoding path src/stringbytes.cc. When Buffer.prototype.toString'utf8' is called on a Buffer backed by a SharedArrayBuffer, the underlying native code performs a validate-then-convert sequence without copying the data...

6.4AI score

AstraLinux•added 2026/05/20 5:53 a.m.•10 views

Astra Linux - уязвимость в php7.3

In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25, and 8.0.x below 8.0.12, when running PHP FPM SAPI with the main FPM daemon process running as the root user and child worker processes running as lower-privileged users, it is possible for the child processes to access memory...

7.8CVSS6.9AI score0.0014EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•6 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mm, shmem: preventing infinite loops in the truncate race condition. When truncating a large swap entry, shmemfreeswap returns 0 when the entry’s index does not match the given index due to lookup alignment issues. The failure...

5.1AI score0.00025EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: - In IPC: fixed to protect IPCS lookups using RCU. The syzbot reported that it discovered a use-after-free vulnerability. 0 0: https://lore.kernel.org/all/[email protected]/ The idrforeach function is...

7.8CVSS6.4AI score0.00078EPSS

Exploits0References2

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Ensure that objs is not NULL in virtiogpuarrayputfree. If virtiogpuobjectshmeminit fails e.g., due to fault injection, as happened in the bug report by syzbot, virtiogpuarrayputfree might be called with objs being NUL...

5.5CVSS5.7AI score0.00017EPSS