CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•6 views

CVE-2026-53132

A flaw was found in the Linux kernel's vsock/virtio component. A remote attacker could send specially crafted packets with zero length and an End-of-Message EOM flag. This could lead to an unbounded queue of packets, consuming excessive memory and potentially causing a Denial of Service DoS due t...

7CVSS5.8AI score0.00168EPSS

RedhatCVE•added yesterday•7 views

CVE-2026-53164

A flaw was found in the Linux kernel's input/output memory management unit IOMMU Direct Memory Access DMA subsystem, specifically within the software IOMMU bounce buffer SWIOTLB mechanism. This vulnerability occurs when the system attempts to map a zero-length memory region, which can be triggere...

5.5CVSS5.9AI score0.00166EPSS

RedhatCVE•added yesterday•7 views

CVE-2026-53210

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem. A shared memory shm leak occurs in the registershmhelper function when TEEIOCSHMREGISTER is called with a zero-length shared memory registration. This can be triggered by a local attacker, potentially leading to a...

5.5CVSS5.8AI score0.00175EPSS

EUVD•added yesterday•5 views

EUVD-2026-39565

HMAC zero-length tag forgery in EVPDigestVerifyFinal, where a zero-length tag could be accepted as valid during HMAC verification. In the OpenSSL-compatibility HMAC verify path the supplied signature length was only checked as not exceeding the MAC length, so a zero-length or otherwise truncated...

2.1CVSS5.8AI score0.001EPSS

NVD•added 2 days ago•5 views

CVE-2026-6331

2.1CVSS0.001EPSS

CVE•added 2 days ago•7 views

CVE-2026-6329

CVE-2026-6329 describes a vulnerability in PKCS#12 MAC verification in wolfSSL where the verification uses an attacker-controlled comparison length. The PKCS#12 verify path compares the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from atta...

6CVSS5.9AI score0.00207EPSS

CVE•added 2 days ago•10 views

CVE-2026-6331

CVE-2026-6331 describes a vulnerability in the OpenSSL-compatibility HMAC verify path where EVP_DigestVerifyFinal could accept a zero-length or truncated tag. The root cause is insufficient validation of the supplied signature length, which was only checked to not exceed the MAC length rather tha...

2.1CVSS5.8AI score0.001EPSS

Debian CVE•added 2 days ago•4 views

CVE-2026-6331

2.1CVSS5.8AI score0.001EPSS

Exploits0

Cvelist•added 2 days ago•22 views

CVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinal

2.1CVSS0.001EPSS

RedHat Linux•added 2 days ago•4 views

gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service...

9.1CVSS5.7AI score0.00776EPSS

CVE•added 2 days ago•5 views

CVE-2026-53210

In the Linux kernel, CVE-2026-53210 fixes a shm leak in register_shm_helper() within the TEE SHM path. The function allocates shm before calling iov_iter_npages(); if iov_iter_npages() returns 0, it jumps to err_ctx_put and leaks the allocated shm. The issue could be triggered by TEE_IOC_SHM_REGI...

5.7AI score0.00175EPSS

EUVD•added 2 days ago•3 views

EUVD-2026-39255

In the Linux kernel, the following vulnerability has been resolved: iommu/dma: Do not try to iommumap a 0 length region in swiotlb iommudmaiovalinkswiotlb processes a mapping that is unaligned in three parts, the head, middle and trailer. If the middle is empty because there are no aligned pages ...

5.8AI score0.00166EPSS

CVE•added 2 days ago•5 views

CVE-2026-53164

The CVE-2026-53164 issue in the Linux kernel affects the iommu/dma path, specifically swiotlb handling of mappings in iommu_dma_iova_link_swiotlb(). When a mapping is unaligned, the middle segment may be empty and a 0-size call to iommu_map() occurs, which the iommupt implementation treats as ill...

5.8AI score0.00166EPSS

Debian CVE•added 2 days ago•3 views

CVE-2026-53164

5.7AI score0.00166EPSS

Exploits0

CVE•added 2 days ago•5 views

CVE-2026-53150

CVE-2026-53150 affects the Linux kernel's thunderbolt validation path. The issue lies in tb_property_entry_valid() accepting zero-length entries for DIRECTORY, DATA, and TEXT types, allowing a zero-length TEXT entry to pass validation but trigger an underflow in the null-termination logic: proper...

5.8AI score0.00184EPSS

Exploits0References8

EUVD•added 2 days ago•3 views

EUVD-2026-39241

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Reject zero-length property entries in validator tbpropertyentryvalid accepts entries with length == 0 for DIRECTORY, DATA, and TEXT types. A zero-length TEXT entry passes validation but causes an underflow in the...

5.8AI score0.00184EPSS

Exploits0References8

Debian CVE•added 2 days ago•4 views

CVE-2026-53150

5.7AI score0.00184EPSS

Exploits0

CVE•added 2 days ago•7 views

CVE-2026-53132

CVE-2026-53132 concerns the Linux kernel via vsock/virtio, addressing an unbounded skb queue in the virtio transport path. The root cause is that virtio_transport_inc_rx_pkt() and virtio_transport_recv_enqueue() can allow a growing queue when fed with packets of length 0 ending with VIRTIO_VSOCK_...

5.7AI score0.00168EPSS

EUVD•added 3 days ago•3 views

EUVD-2026-38897

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.7AI score0.00172EPSS