CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.8CVSS6.4AI score0.00008EPSS

CVE-2026-45250

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

Exploits1References1

RedhatCVE•added 2 days ago•6 views

CVE-2025-36510

Improper buffer restrictions for some Display Virtualization for Windows OS driver software within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

6.8CVSS5.5AI score0.00016EPSS

5.5CVSS5.4AI score0.00014EPSS

CVE-2026-47335

Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic...

6.8CVSS5.4AI score0.00018EPSS

CVE-2026-2810

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death BSOD. Successful...

RedhatCVE•added 2 days ago•3 views

CVE-2026-20881

Divide by zero for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

6.8CVSS5.3AI score0.00014EPSS

6.9CVSS5.3AI score0.00016EPSS

CVE-2026-20905

Improper input validation for some IntelR QAT software drivers for Windows before version 2.6 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...

RedHat Linux•added 3 days ago•6 views

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

RedHat Linux•added 3 days ago•5 views

kernel: Read root-owned files as an unprivileged user

RedHat Linux•added 3 days ago•8 views

kernel: Read root-owned files as an unprivileged user

RedhatCVE•added 4 days ago•5 views

CVE-2026-6473

A flaw was found in PostgreSQL. An integer overflow in multiple server features allows an unprivileged database user to cause an undersized memory allocation that leads to an out-of-bounds write. This issue allows an attacker to execute arbitrary code as the operating system user running the...

8.8CVSS6.3AI score0.00075EPSS

Exploits0References4

RedHat Linux•added 4 days ago•5 views

kernel: Read root-owned files as an unprivileged user

Tenable Nessus•added 4 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-47333

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory...

7.8CVSS5.8AI score0.00015EPSS

Exploits0References2

RedhatCVE•added 5 days ago•11 views

CVE-2022-4991

Tychon includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory that may be controllable by an unprivileged user on Windows. Tychon contains a privileged service that uses this OpenSSL component. A user who can place a specially-crafted openssl.cnf file at an...

7.4CVSS6.3AI score0.00049EPSS