CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 4 days ago•2 views

DEBIAN-CVE-2026-53284

7.5CVSS5.9AI score0.00432EPSS

NVD•added 4 days ago•4 views

CVE-2026-53284

7.5CVSS0.00432EPSS

CVE•added 4 days ago•8 views

CVE-2026-53319

CVE-2026-53319 documents a Linux kernel change where blk-wbt’s wbt_init_enable_default() no longer triggers WARN_ON_ONCE for expected failure paths from wbt_alloc() and wbt_init(). The underlying issues are that wbt_alloc() may return NULL under memory pressure, and wbt_init() may fail with -EBUS...

5.8AI score0.00145EPSS

ATTACKERKB•added 4 days ago•5 views

CVE-2026-53284

7.5CVSS5.9AI score0.00432EPSS

Exploits0References4Affected Software1

EUVD•added 4 days ago•5 views

EUVD-2026-39889

6AI score0.00432EPSS

CVE•added 4 days ago•14 views

CVE-2026-53284

CVE-2026-53284 (Linux kernel, btrfs): The issue arises in btrfs_write_and_wait_transaction() where, after an error from btrfs_write_marked_extent(), the code still calls btrfs_extent_io_tree_release() to clear the dirty_pages io tree. This tree may contain records not yet submitted, and subsequen...

7.5CVSS6AI score0.00432EPSS

Positive Technologies•added 4 days ago•8 views

PT-2026-52953

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the padata component where the CPU offline callback was incorrectly placed in a hotplug state before CPUHP TEARDOWN CPU. Because failure is not permitted in these...

5.8AI score0.00161EPSS

Exploits0References10

RedHat Linux•added 5 days ago•5 views

kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()

A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...

7.8CVSS5.8AI score0.00129EPSS

Exploits0References5

CVE•added 5 days ago•9 views

CVE-2026-53186

CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...

9.1CVSS6AI score0.00544EPSS

Exploits0References8

EUVD•added 6 days ago•3 views

EUVD-2026-38834

In the Linux kernel, the following vulnerability has been resolved: drm: Replace old pointer to new idr Commit 5e28b7b94408 introduced a logical error by failing to replace the newly generated IDR pointer to old id's pointer at the correct location within the "change handle" logic; this resulted ...

5.8AI score0.00186EPSS

Exploits0References4

NVD•added last week•5 views

CVE-2026-46547

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, a reflected XSS vulnerability exists in the Page Leaving Warning page. The ncRedirectUrl and ncBackUrl query parameters are used in window.location.href and tag bindings without validation, allowing javascript: URI...

6.1CVSS0.00149EPSS

NVD•added last week•5 views

CVE-2026-11819

Module: plugins/modules/keyringinfo.py CVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Issue: The module retrieves a passphrase from the OS native keyring GNOME Keyring, macOS Keychain, Windows Credential Manager and places it directly into result"passphrase" with no output suppression...

5.5CVSS0.00128EPSS

Cvelist•added last week•25 views

CVE-2026-46547 NocoDB: Reflected Cross-Site Scripting via Page Leaving Redirect URL

6.1CVSS0.00149EPSS

CVE•added last week•14 views

CVE-2026-46547

CVE-2026-46547 (NocoDB) is a reflected XSS in the Page Leaving Warning page. The issue arises because the query parameters ncRedirectUrl and ncBackUrl are used in window.location.href and in an tag href without proper validation, allowing javascript: URI injection. Exploitation could enable arbi...

6.1CVSS5.9AI score0.00149EPSS

ATTACKERKB•added last week•4 views

CVE-2026-11819

5.5CVSS6.1AI score0.00128EPSS

Positive Technologies•added 2026/06/23 12:0 a.m.•7 views

PT-2026-51586

Name of the Vulnerable Software and Affected Versions Ansible affected versions not specified Description The plugins/modules/keyring info.py module retrieves passphrases from native operating system keyrings, such as GNOME Keyring, macOS Keychain, and Windows Credential Manager. The issue occurs...

5.5CVSS5.8AI score0.00128EPSS

Exploits0References7

AstraLinux•added 2026/06/19 11:10 a.m.•11 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: Stop the dlserver function before the CPU goes offline. The IBM CI tool reported a kernel warning1 when performing a CPU removal operation using drmgr2. For example: “drmgr -c cpu -r -q 1”. WARNING: CPU: 0 PID: 0 ...

5.7AI score0.00161EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpuset: Fixed the warning that occurs when disabling a remote partition. A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remotepartitiondisable+0xf7/0x110 RIP: 0010:remotepartitiondisable+0xf7/0x110 RS...

5.5CVSS5.4AI score0.00102EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: Fixed null-ptr-deref in socklockinitclassandname and rmmod. When I ran the reproduction steps and waited for a few seconds, I observed two LOCKDEP warnings: a warning immediately followed by a null-ptr-deref. 1 Reproduction...

5.5CVSS6.1AI score0.00169EPSS