CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5875 matches found

CVE•added 2026/05/28 9:36 a.m.•9 views

CVE-2026-46180

CVE-2026-46180 affects the Linux kernel’s wifi/brcmfmac driver. A potential use-after-free occurs when stopping the watchdog task, if the task ends between send_sig() and kthread_stop() calls. The fix increases the watchdog task reference count before send_sig() and drops it by switching to kthre...

5.8AI score0.00024EPSS

Exploits0References5

Cvelist•added 2026/05/28 9:36 a.m.•22 views

CVE-2026-46180 wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential use-after-free issue when stopping watchdog task Watchdog task might end between sendsig and kthreadstop calls, what results in the use-after-free issue. Fix this by increasing watchdog task referenc...

0.00024EPSS

Exploits0References5

ATTACKERKB•added 2026/05/28 9:36 a.m.•6 views

CVE-2026-46173

In the Linux kernel, the following vulnerability has been resolved: exit: prevent preemption of oopsing TASKDEAD task When an already-exiting task oopses, maketaskdead currently calls dotaskdead with preemption enabled. That is forbidden: dotaskdead calls schedule, which has a comment saying...

7.8CVSS5.7AI score0.00016EPSS

Exploits0References7Affected Software1

CVE•added 2026/05/28 9:36 a.m.•12 views

CVE-2026-46173

CVE-2026-46173 concerns the Linux kernel. The issue arises when an already-exiting task oopses and make_task_dead() calls do_task_dead() with preemption enabled, while __schedule() must be called with preemption disabled. If a preempted oopsing task is still in the dead-state, finish_task_switch(...

7.8CVSS5.7AI score0.00016EPSS

Exploits0References6

Cvelist•added 2026/05/28 9:36 a.m.•24 views

CVE-2026-46173 exit: prevent preemption of oopsing TASK_DEAD task

7.8CVSS0.00016EPSS

Exploits0References6

Debian CVE•added 2026/05/28 9:36 a.m.•4 views

CVE-2026-46173

7.8CVSS5.7AI score0.00016EPSS

Exploits0

EUVD•added 2026/05/28 9:36 a.m.•6 views

EUVD-2026-32800

5.7AI score0.00016EPSS

Exploits0References5

SUSE CVE•added 2026/05/28 3:56 a.m.•4 views

SUSE CVE-2026-45919

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rtonextcpu CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kernel space. When other CPUs switch from RT to non-RT tasks, RT load...

5.8AI score0.00031EPSS

Exploits0References3

CNNVD•added 2026/05/28 12:0 a.m.•6 views

CodeWhale 代码注入漏洞

CodeWhale is a terminal coding tool developed by Hunter Bown as an individual developer. Versions of CodeWhale prior to 0.8.26 contained a code injection vulnerability. This vulnerability stemmed from the taskcreate tool, which generated persistent sub-proxies that inherited two insecure default...

9.6CVSS5.9AI score0.00045EPSS

Exploits0References3

CNNVD•added 2026/05/28 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the TASKDEAD task that exits can be preempted, potentially leading to reclamation after...

7.8CVSS5.8AI score0.00016EPSS

Exploits0References5

Positive Technologies•added 2026/05/28 12:0 a.m.•7 views

PT-2026-44296

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an exiting task that experiences an oops a kernel panic that does not require a full system reboot can be preempted during the execution of do task dead. This occur...

9.8CVSS6.1AI score0.00254EPSS

Exploits12References282

NVD•added 2026/05/27 11:16 p.m.•10 views

CVE-2026-46544

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied sessionid values in WebSocket task messages and reuses an existing in-memory session object if that sessionid already exists. If a prior session...

5.3CVSS0.00034EPSS

Exploits0References1

NVD•added 2026/05/27 11:16 p.m.•9 views

CVE-2026-46538

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by sessionid only and does not verify that a TASKEND message came from the device that originally received the task...

5.9CVSS0.00027EPSS

Exploits0References1

NVD•added 2026/05/27 11:16 p.m.•11 views

CVE-2026-46414

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can register as a normal device, but later send a TASK...

8.8CVSS0.00049EPSS

Exploits0References1

Cvelist•added 2026/05/27 9:56 p.m.•34 views

CVE-2026-46538 Microsoft UFO accepts cross-device TASK_END messages by session_id only, allowing peer task-result injection

5.9CVSS0.00027EPSS

Exploits0References1

EUVD•added 2026/05/27 9:56 p.m.•5 views

EUVD-2026-32677

5.9CVSS5.8AI score0.00027EPSS

Exploits0References1

CVE•added 2026/05/27 9:56 p.m.•18 views

CVE-2026-46538

CVE-2026-46538 affects Microsoft UFO open-source framework; in version 3.0.1-4-ge2626659, the constellation client tracks pending task responses by session_id and does not bind completion to the originating device. An authenticated peer can forge a TASK_END with the same session_id to inject atta...

5.9CVSS5.8AI score0.00027EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 9:56 p.m.•7 views

CVE-2026-46538

5.9CVSS5.8AI score0.00027EPSS

Exploits0References2