CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2847 matches found

OESA-2026-2557 kata-containers security update

This is core component of Kata Container, to make it work, you need a isulad/docker engine. Security Fixes: 'This vulnerability was fixed in Kata Containers 3.31.0:', 'Description:\n\nIn the runtime-rs standalone virtio-fs path, Kata Containers runs virtiofsd\nas root with --sandbox none --seccom...

5.7AI score

Exploits0References2

Tenable Nessus•added 2 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-46207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to...

5.9AI score0.00023EPSS

Exploits0References2

OSV•added 4 days ago•2 views

SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

6.5CVSS6.9AI score0.00019EPSS

Exploits1References13

SUSE CVE•added 2026/05/29 1:16 a.m.•6 views

SUSE CVE-2026-46123

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

7.7CVSS5.9AI score0.00016EPSS

Exploits0References3

SUSE CVE•added 2026/05/29 1:15 a.m.•10 views

SUSE CVE-2026-46186

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe for every event/ACL/SCO/ISO type, without checking that the remaining...

5.7AI score0.00032EPSS

Exploits0References3

SUSE CVE•added 2026/05/29 1:15 a.m.•6 views

SUSE CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

3.3CVSS5.8AI score0.00023EPSS

Exploits0References3

SUSE CVE•added 2026/05/29 1:14 a.m.•4 views

SUSE CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

5.8AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2026/05/29 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46186

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: virtiobt: validate rx pkttype header length virtbtrxhandle reads the leading pkttype byte from the RX skb and forwards the remainder to hcirecvframe...

5.8AI score0.00032EPSS

Exploits0References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-46123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against th...

7.7CVSS6AI score0.00016EPSS

Exploits0References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-46214

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If...

5.8AI score0.00032EPSS

Exploits0References4

RedhatCVE•added 2026/05/28 8:5 p.m.•9 views

CVE-2026-46123

A flaw was found in the Linux kernel's virtio Bluetooth virtiobt driver. A malicious or faulty virtualized Bluetooth device could send a specially crafted message with an incorrect length. This could lead to the kernel reading uninitialized memory, potentially exposing sensitive information from...

7.7CVSS5.8AI score0.00016EPSS

Exploits0References4

RedhatCVE•added 2026/05/28 5:9 p.m.•7 views

CVE-2026-46186

A flaw was found in the Linux kernel's virtiobt Bluetooth virtual device driver. An untrusted backend can exploit this vulnerability by sending malformed Bluetooth packets with an insufficient header length. This can cause the system to read uninitialized kernel memory, potentially leading to...

7CVSS5.8AI score0.00032EPSS

Exploits0References4

OSV•added 2026/05/28 2:52 p.m.•2 views

SUSE-SU-2026:21912-1 Security update for qemu

6.5CVSS6.9AI score0.00019EPSS

Exploits1References13

RedhatCVE•added 2026/05/28 1:19 p.m.•5 views

CVE-2026-46214

A flaw was found in the Linux kernel's vsock/virtio component. This vulnerability occurs when virtiotransportrecvlisten calls skacceptqadded before transport validation, leading to a permanent increment of the skackbacklog counter if transport assignment fails. A remote attacker could exploit thi...

5.5CVSS5.7AI score0.00032EPSS

Exploits0References4