CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/07 12:19 a.m.•7 views

CVE-2026-43276

A flaw was found in the Linux kernel's mana network driver. This vulnerability, a use-after-free, occurs when the PCI service rescan path attempts to destroy an already-freed workqueue a second time. A local attacker could exploit this condition to cause a system crash, leading to a denial of...

7.8CVSS5.8AI score0.00015EPSS

Tenable Nessus•added 2026/05/07 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-43276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: mana: Fix double destroyworkqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free crash was found on the service resc...

7.8CVSS5.9AI score0.00015EPSS

EUVD•added 2026/05/06 12:30 p.m.•3 views

EUVD-2026-27731

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core APIs. And some these PMIC APIs have operations that may sleep, leading...

5.8AI score0.00015EPSS

Exploits0References6

EUVD•added 2026/05/06 12:30 p.m.•1 views

EUVD-2026-27647

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: annotate data-races around hdev-reqstatus hcicmdsyncsk sets hdev-reqstatus under hdev-reqlock: hdev-reqstatus = HCIREQPEND; However, several other functions read or write hdev-reqstatus without holding any loc...

5.9AI score0.00015EPSS

NVD•added 2026/05/06 12:16 p.m.•3 views

CVE-2026-43276

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroyworkqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free crash was found on the service rescan PCI path. When manaservreset calls managdsuspend, managdcleanup...

7.8CVSS0.00015EPSS

NVD•added 2026/05/06 12:16 p.m.•2 views

CVE-2026-43199

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs by replacing mlx5querymacaddress with etheraddrcopy to get the local MAC address directly from...

7.5CVSS0.00059EPSS

NVD•added 2026/05/06 12:16 p.m.•2 views

CVE-2026-43170

5.5CVSS0.00015EPSS

ATTACKERKB•added 2026/05/06 11:28 a.m.•3 views

CVE-2026-43276

5.8AI score0.00015EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/06 11:28 a.m.•25 views

CVE-2026-43276 net: mana: Fix double destroy_workqueue on service rescan PCI path

0.00015EPSS

Debian CVE•added 2026/05/06 11:28 a.m.•3 views

CVE-2026-43276

7.8CVSS5.8AI score0.00015EPSS

Exploits0

CVE•added 2026/05/06 11:27 a.m.•9 views

CVE-2026-43170

CVE-2026-43170 affects the Linux kernel USB DWC3 gadget driver. The vulnerability arises when dwc3_gadget_vbus_draw() is called from atomic context and may invoke PMIC APIs that sleep, risking kernel panic. The fix moves vbus_draw to a workqueue context, mitigating sleep in atomic operations. Aff...

5.5CVSS5.8AI score0.00015EPSS

Exploits0References5Affected Software1

Debian CVE•added 2026/05/06 11:27 a.m.•4 views

CVE-2026-43170

5.5CVSS5.7AI score0.00015EPSS

Exploits0

Cvelist•added 2026/05/06 11:27 a.m.•22 views

CVE-2026-43170 usb: dwc3: gadget: Move vbus draw to workqueue context

0.00015EPSS

RedhatCVE•added 2026/05/06 9:50 a.m.•6 views

CVE-2026-43064

A flaw was found in the Linux kernel's dmaengine IDXD driver. The workqueue associated with a Data Streaming Accelerator DSA or In-Memory Analytics Accelerator IAA device is not properly released when the object is freed. This resource leak may lead to a denial of service...

5.5CVSS5.8AI score0.00015EPSS

SUSE CVE•added 2026/05/06 1:43 a.m.•6 views

SUSE CVE-2026-31731

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Address thermal zone removal races with resume Since thermalzonepmcomplete and thermalzonedeviceresume re-initialize the pollqueue delayed work for the given thermal zone, the canceldelayedworksync in...

5.7AI score0.00015EPSS

SUSE CVE•added 2026/05/06 1:40 a.m.•5 views

SUSE CVE-2026-43064

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix not releasing workqueue on .release The workqueue associated with an DSA/IAA device is not released when the object is freed...

5.8AI score0.00015EPSS

Positive Technologies•added 2026/05/06 12:0 a.m.•5 views

PT-2026-37539

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5e ipsec init macs by replacing mlx5 query mac address with ether addr copy to get the local MAC address directly from...

5.8AI score0.00059EPSS

Tenable Nessus•added 2026/05/06 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-43170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: dwc3: gadget: Move vbus draw to workqueue context Currently dwc3gadgetvbusdraw can be called from atomic context, which in turn invokes power-supply-core...

5.5CVSS5.8AI score0.00015EPSS