CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/27 4:31 p.m.•42 views

CVE-2026-42328 go-ipld-prime: DAG-CBOR and DAG-JSON decoders unbounded recursion depth

6.2CVSS0.0012EPSS

ATTACKERKB•added 2026/05/27 4:31 p.m.•8 views

CVE-2026-42328

Exploits0References2Affected Software1

EUVD•added 2026/05/27 4:31 p.m.•10 views

EUVD-2026-32581

Vulnrichment•added 2026/05/27 4:31 p.m.•9 views

CVE-2026-42328 go-ipld-prime: DAG-CBOR and DAG-JSON decoders unbounded recursion depth

CVE•added 2026/05/27 4:31 p.m.•12 views

CVE-2026-42328

CVE-2026-42328 : go-ipld-prime prior to 0.23.0 had unbounded recursion in the DAG-CBOR and DAG-JSON decoders when processing deeply nested maps/lists. Each nesting level increases the goroutine stack, potentially causing a fatal stack overflow. The issue is resolved by a fix in version 0.23.0 . I...

EUVD•added 2026/05/27 3:33 p.m.•12 views

EUVD-2026-32243

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix a crash due to incorrect cleanup usage of kfree Annotating a local pointer variable, which will be assigned with the kmalloc-family functions, with the cleanupkfree attribute will make the address of the local...

5.8AI score0.00127EPSS

Exploits0References4

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2026-32342

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

5.8AI score0.00198EPSS

Exploits0References4

EUVD•added 2026/05/27 3:33 p.m.•8 views

EUVD-2025-209970

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

5.8AI score0.00189EPSS

NVD•added 2026/05/27 2:17 p.m.•11 views

CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

5.5CVSS0.00094EPSS

Exploits0References5

NVD•added 2026/05/27 2:17 p.m.•16 views

CVE-2026-45903

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 "bpf: verifier: Refactor helper access type tracking", the verifier started relying on the access type flags in helper function prototypes to perform...

7.1CVSS0.00157EPSS

NVD•added 2026/05/27 2:17 p.m.•17 views

CVE-2026-45876

5.5CVSS0.00198EPSS

OSV•added 2026/05/27 2:17 p.m.•6 views

UBUNTU-CVE-2026-45876

5.5CVSS5.7AI score0.00198EPSS

OSV•added 2026/05/27 2:17 p.m.•6 views

UBUNTU-CVE-2026-45903

7.1CVSS5.8AI score0.00157EPSS

OSV•added 2026/05/27 2:17 p.m.•10 views

UBUNTU-CVE-2026-45959

7.8CVSS5.8AI score0.00127EPSS

OSV•added 2026/05/27 2:17 p.m.•7 views

UBUNTU-CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

5.5CVSS5.7AI score0.00107EPSS

OSV•added 2026/05/27 2:17 p.m.•5 views

UBUNTU-CVE-2026-46063

5.5CVSS5.8AI score0.00094EPSS