Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

59953 matches found

OSV
OSVadded 2026/05/08 3:16 p.m.3 views

UBUNTU-CVE-2026-43434

In the Linux kernel, the following vulnerability has been resolved: rustbinder: check ownership before using vma When installing missing pages or zapping them, Rust Binder will look up the vma in the mm by address, and then call vminsertpage or zappagerangesingle. However, if the vma is closed an...

7.8CVSS5.6AI score0.00128EPSS
Exploits0References6
OSV
OSVadded 2026/05/08 3:16 p.m.3 views

UBUNTU-CVE-2026-43458

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

7.8CVSS5.7AI score0.00117EPSS
Exploits0References11
OSV
OSVadded 2026/05/08 3:16 p.m.3 views

UBUNTU-CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.7AI score0.00132EPSS
Exploits0References11
UbuntuCve
UbuntuCveadded 2026/05/08 3:16 p.m.5 views

CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

7.1CVSS5.8AI score0.00132EPSS
Exploits0References10
ATTACKERKB
ATTACKERKBadded 2026/05/08 2:22 p.m.4 views

CVE-2026-43458

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

5.7AI score0.00117EPSS
Exploits0References9Affected Software1
CVE
CVEadded 2026/05/08 2:22 p.m.12 views

CVE-2026-43458

The CVE affects the Linux kernel’s caif_serial line discipline. A use-after-free (KASAN slab UAF) could be triggered in pty_write_room() when the caif_serial TX path invokes tty_write_room(), accessing tty->link->port. Root cause: improper management of the tty->link reference during ldi...

7.8CVSS5.8AI score0.00117EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/05/08 2:22 p.m.54 views

CVE-2026-43458 serial: caif: hold tty->link reference in ldisc_open and ser_release

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

0.00117EPSS
Exploits0References8
CVE
CVEadded 2026/05/08 2:22 p.m.9 views

CVE-2026-43433

The CVE-2026-43433 entry refers to a Linux kernel issue in the rust_binder component: a TOCTOU opportunity where a local process that can write to its own VMA could alter the offsets array before it is read back during a transaction, potentially enabling privilege escalation to the sender. The fi...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/05/08 2:22 p.m.28 views

CVE-2026-43427 usb: class: cdc-wdm: fix reordering issue in read code path

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

0.00132EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/08 2:22 p.m.10 views

CVE-2026-43427

In the Linux kernel, the following vulnerability has been resolved: usb: class: cdc-wdm: fix reordering issue in read code path Quoting the bug report: Due to compiler optimization or CPU out-of-order execution, the desc-length update can be reordered before the memmove. If this happens, wdmread...

5.8AI score0.00132EPSS
Exploits0References9Affected Software1
Cvelist
Cvelistadded 2026/05/08 2:21 p.m.29 views

CVE-2026-43362 smb: client: fix in-place encryption corruption in SMB2_write()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS0.00217EPSS
Exploits0References5
CVE
CVEadded 2026/05/08 2:21 p.m.16 views

CVE-2026-43362

CVE-2026-43362 affects the Linux kernel SMB client by an in-place encryption flaw in SMB2_write(), where the write payload could be replaced with ciphertext during retries on unstable connections. The root cause is that smb3_init_transform_rq() shares rq_iov, causing crypt_message() to in-place-e...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/05/08 2:21 p.m.4 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

5.8AI score0.00217EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVEadded 2026/05/08 2:21 p.m.5 views

CVE-2026-43362

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqiov, so cryptmessage encrypts iov1 in-place, replacing the original...

8.1CVSS5.7AI score0.00217EPSS
Exploits0
NVD
NVDadded 2026/05/08 2:16 p.m.7 views

CVE-2026-44340

PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the safeextractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not validate...

8.7CVSS0.00433EPSS
Exploits1References1
NVD
NVDadded 2026/05/08 2:16 p.m.11 views

CVE-2026-44336

PraisonAI is a multi-agent teams system. Prior to version 4.6.34, PraisonAI's MCP Model Context Protocol server praisonai mcp serve registers four file-handling tools by default — praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and praisonai.workflow.show. Each accepts a pat...

9.6CVSS0.00492EPSS
Exploits1References1
NVD
NVDadded 2026/05/08 2:16 p.m.4 views

CVE-2026-43309

In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...

5.5CVSS0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/05/08 2:16 p.m.6 views

CVE-2026-43309

In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References5
OSV
OSVadded 2026/05/08 2:16 p.m.2 views

UBUNTU-CVE-2026-43309

In the Linux kernel, the following vulnerability has been resolved: md raid: fix hang when stopping arrays with metadata through dm-raid When using device-mapper's dm-raid target, stopping a RAID array can cause the system to hang under specific conditions. This occurs when: - A dm-raid managed...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References6
CVE
CVEadded 2026/05/08 1:38 p.m.12 views

CVE-2026-44340

PraisonAI prior to 4.6.37 does not validate member.linkname or reject symlink/hardlink archive members in _safe_extractall, and calls tar.extractall(dest_dir) without a data filter. A bundle could contain a symlink inside dest_dir with a linkname outside it, followed by a file path traversing the...

8.7CVSS5.9AI score0.00433EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder