Lucene search
K

20228 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 9:48 p.m.7 views

CVE-2026-52969

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with access to /dev/kvm could exploit an integer overflow vulnerability in the kvmresetdirtygfn function. By manipulating dirty ring entries, the attacker can bypass a bounds check, leading to an...

7CVSS5.8AI score0.00147EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/25 6:2 p.m.31 views

CVE-2026-46606 Glances: Command Injection via KVM/QEMU VM Domain Names in glances/plugins/vms/engines/virsh.py

Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine glances/plugins/vms/engines/virsh.py passes VM domain names, read directly from virsh list --all output, into f-string command templates that are processed by securepopen...

7.8CVSS0.00213EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 6:2 p.m.26 views

CVE-2026-46606

CVE-2026-46606 affects Glances’ KVM/QEMU monitoring engine (glances/plugins/vms/engines/virsh.py). Before 4.5.5, it interpolates VM domain names read from virsh list --all into f-strings that are passed to secure_popen(), which splits on &&, |, and > and does not sanitise the domain name. This...

7.8CVSS6.2AI score0.00213EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/25 6:1 p.m.5 views

CVE-2026-53105

A flaw was found in the Linux kernel's Wi-Fi subsystem, specifically within the mt76: mt7925 driver. This vulnerability occurs due to a missing check for a NULL 'vif' Virtual Interface before it is accessed. An attacker could potentially trigger a kernel panic by exploiting scenarios where the...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/25 5:47 p.m.6 views

CVE-2026-53270

A flaw was found in the Linux kernel's IP Virtual Server IPVS component. During the ipvseditservice operation, the svc-scheduler pointer is cleared too late when unbinding an old scheduler. This improper handling allows packets to access previously freed scheduler data, leading to a use-after-fre...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 4:16 p.m.7 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 3:24 p.m.39 views

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS0.00119EPSS
Exploits0References3
CVE
CVE
added 2026/06/25 3:24 p.m.18 views

CVE-2026-57454

Vim vulnerability CVE-2026-57454 affects 9.2.0320–9.2.0679. A crafted undo or swap file can store a virtual-text property with offset/length outside the line’s property data. On restore/display, Vim converts the offset to a pointer and reads the virtual text without bounds checking, causing an ou...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 3:24 p.m.5 views

CVE-2026-57454

Vim is an open source, command line text editor. From 9.2.0320 until 9.2.0679, a crafted undo or swap file can store a virtual-text property whose offset and length point outside the line's property data. When Vim restores or displays such a line it converts the offset into a pointer and reads th...

6.8CVSS5.8AI score0.00119EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/06/25 9:16 a.m.6 views

CVE-2026-53201

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...

7.8CVSS0.00137EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 9:16 a.m.3 views

UBUNTU-CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.7CVSS5.8AI score0.00128EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/25 8:39 a.m.7 views

EUVD-2026-39221

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

5.8AI score0.00129EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/25 8:39 a.m.6 views

CVE-2026-53244

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

5.7AI score0.00359EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/25 8:39 a.m.5 views

EUVD-2026-39195

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

5.7AI score0.00359EPSS
Exploits0References2
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53230

CVE-2026-53230 describes a slab-out-of-bounds vulnerability in the Linux kernel mlx5 driver: mlx5_query_nic_vport_mac_list sizes its firmware command buffer using the PF’s log_max_current_uc/mc_list, risking an overflow when querying a VF vport with a larger max. The resulting memory access is a ...

8.7CVSS6AI score0.00131EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/06/25 8:39 a.m.4 views

CVE-2026-53230

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

8.7CVSS5.9AI score0.00131EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/25 8:39 a.m.28 views

CVE-2026-53230 net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix slab-out-of-bounds in mlx5querynicvportmaclist mlx5querynicvportmaclist sizes its firmware command buffer using the PF's logmaxcurrentuc/mclist capabilities. When querying a VF vport with a larger configured max via...

8.7CVSS0.00131EPSS
Exploits0References5
CVE
CVE
added 2026/06/25 8:39 a.m.10 views

CVE-2026-53201

CVE-2026-53201 affects the Linux kernel, with multiple sources (NVD, OSV, Debian security tracker, Ubuntu, etc.) describing a fix that reverts a prior optimization. The issue arises because the idle-skip optimization in the DRM/xe path can bypass GuC suspend, potentially skipping the context-swit...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.17 views

CVE-2026-53181

CVE-2026-53181 affects the Linux kernel vsock/vmci stack. On failing handshake, vmci_transport_recv_listen() could leave sk_ack_backlog incremented (due to missing sk_acceptq_removed() call), allowing backlog growth toward sk_max_ack_backlog and a possible listener denial of new connections (-ECO...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/06/25 8:38 a.m.21 views

CVE-2026-53159

CVE-2026-53159 affects the Linux kernel in the misc: fastrpc path. The vulnerability arises in fastrpc_get_args(), which uses find_vma() to locate the VMA for a user pointer and compute a DMA address offset. If the address lies in a gap before the returned VMA, the expression (ptr & PAGE_MASK) - ...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder