Lucene search
K

679 matches found

NVD
NVD
added yesterday5 views

CVE-2026-53516

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...

8.3CVSS0.00019EPSS
Exploits0References4
Cvelist
Cvelist
added yesterday11 views

CVE-2026-53516 Better Auth: Account takeover via OAuth auto-link to unverified pre-registered email

Better Auth is an authentication and authorization library for TypeScript. Prior to 1.6.11, Better Auth's OAuth callback auto-link gate in handleOAuthUserInfo accepts implicit account linking when the OAuth provider asserts emailverified: true without requiring the local user row's emailVerified...

8.3CVSS0.00019EPSS
Exploits0References4
CVE
CVE
added yesterday10 views

CVE-2026-53516

Summary: CVE-2026-53516 affects Better Auth (

8.3CVSS6.1AI score0.00019EPSS
Exploits0References4
OSV
OSV
added 6 days ago1 views

SUSE-SU-2026:2841-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2026-31771: Bluetooth: Ignore HCIERRORCANCELLEDBYHOST on adv set terminated event bsc1264145. - CVE-2026-43038: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach...

9.8CVSS6.8AI score0.00385EPSS
Exploits16References57
RedhatCVE
RedhatCVE
added 2026/06/24 3:36 p.m.6 views

CVE-2026-52937

A flaw was found in the Linux kernel's tap driver. This vulnerability allows an attacker to potentially disclose sensitive kernel stack memory contents to userspace. The flaw occurs in the tapioctl function when handling the SIOCGIFHWADDR command, where uninitialized portions of a stack-allocated...

5.5CVSS5.7AI score0.00112EPSS
Exploits0References4
NVD
NVD
added 2026/06/24 8:16 a.m.7 views

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS0.00112EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.6AI score0.00112EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/24 7:14 a.m.6 views

CVE-2026-52937

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.7AI score0.00112EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/24 7:14 a.m.35 views

CVE-2026-52937

CVE-2026-52937 concerns the Linux kernel where the tap_ioctl() path handling SIOCGIFHWADDR leaks kernel stack contents by copying 16 bytes of an uninitialised sockaddr_storage to userspace. Specifically, netif_get_mac_address() writes only sa_family and dev->addr_len (6 bytes), leaving sa_data...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/24 7:14 a.m.4 views

CVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR

In the Linux kernel, the following vulnerability has been resolved: tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to userspace via ifrhwaddr, but netifgetmacaddress only writes safamily an...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-51730

Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description A stack information leak exists in the tap ioctl function during the SIOCGIFHWADDR path. The function copies 16 bytes of an uninitialized on-stack sockaddr storage structure to userspace...

5.5CVSS6AI score0.00112EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-52937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tap: fix stack info leak in tapioctl SIOCGIFHWADDR In the SIOCGIFHWADDR path, tapioctl copies 16 bytes of an uninitialised on-stack struct sockaddrstorage to...

5.5CVSS6.1AI score0.00112EPSS
Exploits0References4
OSV
OSV
added 2026/06/23 10:8 a.m.8 views

RHSA-2026:28038 Red Hat Security Advisory: gvisor-tap-vsock security update

Bulletin has no description...

7.8CVSS5.8AI score0.00621EPSS
Exploits0References33
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

RHEL 9 : gvisor-tap-vsock (RHSA-2026:28038)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28038 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vso...

7.5CVSS6AI score0.00621EPSS
Exploits0References10
RedHat Linux
RedHat Linux
added 2026/06/22 8:40 p.m.10 views

Important: Red Hat Security Advisory: gvisor-tap-vsock security update

An update for gvisor-tap-vsock is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS7.2AI score0.00621EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/10 2:25 a.m.9 views

SUSE CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

3.3CVSS5.4AI score0.00235EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/09 5:13 p.m.9 views

CVE-2026-46321

A flaw was found in the Linux kernel. A local attacker with access to the tun/tap device can exploit this vulnerability. By sending network frames shorter than the expected header length, the system fails to free allocated memory pages, leading to memory leaks. This can exhaust system memory,...

7.1CVSS5.4AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/09 4:55 p.m.47 views

CVE-2026-46320

A flaw was found in the Linux kernel's tap driver. This vulnerability occurs in the tapgetuserxdp function, where allocated memory pages are not properly freed when processing rejected network frames. Specifically, if a frame is shorter than the expected Ethernet header length or if memory...

7.4CVSS5.4AI score0.00235EPSS
Exploits0References4
NVD
NVD
added 2026/06/09 1:16 p.m.25 views

CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

7.4CVSS0.00235EPSS
Exploits0References8
OSV
OSV
added 2026/06/09 1:16 p.m.9 views

UBUNTU-CVE-2026-46320

In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...

8.2CVSS5.3AI score0.00235EPSS
Exploits0References3
Rows per page
Query Builder