CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4586 matches found

CVE•added 2026/05/28 9:36 a.m.•18 views

CVE-2026-46175

Summary of CVE-2026-46175 (f2fs FGGC issue) : In the Linux kernel’s f2fs filesystem, Foreground Garbage Collection (FGGC) of node blocks could leave the fsync and dentry marks uncleared, causing fsck to misinterpret migrated data as fsync-written. The root cause is that the marks were not cleared...

7.1CVSS5.8AI score0.00013EPSS

Exploits0References3

Debian CVE•added 2026/05/28 9:35 a.m.•6 views

CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

7.8CVSS5.7AI score0.00013EPSS

Exploits0

CVE•added 2026/05/28 9:35 a.m.•12 views

CVE-2026-46111

The CVE concerns a use-after-free in the Linux kernel Bluetooth stack (hci_conn, BIG creation). The patch adds hci_conn_valid() in create_big_sync() to detect stale connections before BIG creation, handles -ECANCELED in create_big_complete(), and re-validates under hci_dev_lock() before dereferen...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References5

SUSE CVE•added 2026/05/28 3:55 a.m.•8 views

SUSE CVE-2026-45933

In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve id of register in synclinkedregs synclinkedregs copies the id of knownreg to reg when propagating bounds of knownreg to reg using the off of knownreg, but when knownreg was linked to reg like: knownreg = reg ; both...

5.8AI score0.00014EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:53 a.m.•8 views

SUSE CVE-2026-46069

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: fix use-after-free in mwifiexadaptercleanup The mwifiexadaptercleanup function uses timerdelete non-synchronous for the wakeuptimer before the adapter structure is freed. This is incorrect because timerdelete does...

5.5CVSS5.7AI score0.00024EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:53 a.m.•6 views

SUSE CVE-2026-46077

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

5.5CVSS5.8AI score0.00032EPSS

Exploits0References3

CNNVD•added 2026/05/28 12:0 a.m.•7 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the potential for reusing memory after the creation of the createbigsync function in the Bluetooth HCI...

7.8CVSS5.8AI score0.00013EPSS

Exploits0References5

NVD•added 2026/05/27 3:16 p.m.•16 views

CVE-2026-6957

Mattermost Plugins versions =1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target server's filestore via...

8CVSS0.00052EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 2:23 p.m.•10 views

CVE-2026-6957 Path traversal in Mattermost Legal Hold plugin via unsanitized file name from federated peer allows arbitrary file write.

8CVSS6AI score0.00052EPSS

Exploits0References1

EUVD•added 2026/05/27 2:23 p.m.•12 views

EUVD-2026-32523

8CVSS6AI score0.00052EPSS

Exploits0References1

SUSE Linux•added 2026/05/27 2:21 p.m.•7 views

Security update for redis

This update for redis fixes the following issues CVE-2026-23479: use-after-free in unblock client flow may lead to remote code execution bsc1264164. CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243:...

7.7CVSS6.5AI score0.00119EPSS

Exploits3References12

SUSE Linux•added 2026/05/27 2:20 p.m.•9 views

Security update for redis7

This update for redis7 fixes the following issues CVE-2026-23631: Lua use-after-free via the master-replica synchronization mechanism may lead to remote code execution bsc1264165. CVE-2026-25243: invalid memory access in RESTORE command via a specially crafted serialized payload may lead to remot...

7.7CVSS6.5AI score0.00109EPSS

Exploits0References10

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-46077

0.00032EPSS

Exploits0References8

NVD•added 2026/05/27 2:17 p.m.•7 views

CVE-2026-46069

0.00024EPSS

Exploits0References5

NVD•added 2026/05/27 2:17 p.m.•7 views

CVE-2026-46027

In the Linux kernel, the following vulnerability has been resolved: net/smc: avoid early lgr access in smcclcwaitmsg A CLC decline can be received while the handshake is still in an early stage, before the connection has been associated with a link group. The decline handling in smcclcwaitmsg...

7.5CVSS0.00068EPSS

Exploits0References8

NVD•added 2026/05/27 2:17 p.m.•6 views

CVE-2026-46011

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...

7.8CVSS0.00013EPSS

Exploits0References5

NVD•added 2026/05/27 2:17 p.m.•8 views

CVE-2026-45987

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Sync interrupt shadow to cached vmcb12 after VMRUN of L2 After VMRUN in guest mode, nestedsynccontrolfromvmcb02 syncs fields written by the CPU from vmcb02 to the cached vmcb12. This is because the cached vmcb12 is use...

0.00032EPSS

Exploits0References8