CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

262 matches found

CVE-2026-46167

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix uninitialized heap leak via LPGETSTATUS ioctl Just like in a previous problem in this driver, usblpctrlmsg will collapse the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferre...

0.00032EPSS

Exploits0References8

NVD•added last week•6 views

CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

0.00032EPSS

Exploits0References8

OSV•added last week•1 views

UBUNTU-CVE-2026-46182

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace The hdr variable is allocated on the stack and only hdr.version and hdr.flags are initialized explicitly. Because the struct paprhvpipehdr contains reserved paddi...

5.7AI score0.00022EPSS

Exploits0References6

Cvelist•added last week•21 views

CVE-2026-46182 pseries/papr-hvpipe: Prevent kernel stack memory leak to userspace

0.00022EPSS

Exploits0References3

CVE•added last week•9 views

CVE-2026-46182

The CVE describes a Linux kernel issue in the pseries/papr-hvpipe path where a stack-allocated hdr structure is only partially initialized (hdr.version, hdr.flags). Because papr_hvpipe_hdr includes reserved padding (reserved[3], reserved2[40]), uninitialized padding bytes could be exposed to user...

5.8AI score0.00022EPSS

Exploits0References3

CVE•added last week•7 views

CVE-2026-46151

The CVE-2026-46151 issue affects the Linux kernel usb: usblp driver. A vulnerable path in usblp_ctrl_msg() discards the actual bytes transferred, enabling a short GET_DEVICE_ID transfer to be misinterpreted. The cache_device_id_string() reads a 2-byte big-endian length from the response and trust...

5.8AI score0.00032EPSS

Exploits0References8

SUSE CVE•added 2026/05/28 3:57 a.m.•5 views

SUSE CVE-2026-45858

In the Linux kernel, the following vulnerability has been resolved: ext4: don't zero the entire extent if EXT4EXTDATAPARTIALVALID1 When allocating initialized blocks from a large unwritten extent, or when splitting an unwritten extent during end I/O and converting it to initialized, there is...

5.7AI score0.00024EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:56 a.m.•5 views

SUSE CVE-2026-45892

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache after doing PARTIALVALID1 zeroout When splitting an unwritten extent in the middle and converting it to initialized in ext4splitextent with the EXT4EXTMAYZEROOUT and EXT4EXTDATAVALID2 flags set, it could...

5.7AI score0.00032EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:55 a.m.•5 views

SUSE CVE-2026-45944

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...

7.5CVSS5.7AI score0.00014EPSS

Exploits0References3

SUSE CVE•added 2026/05/28 3:55 a.m.•5 views

SUSE CVE-2026-45972

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF and double free in smb2openfile Zero out @erriov and @errbuftype before retrying SMB2open to prevent an UAF bug if @data != NULL, otherwise a double free...

5.8AI score0.00072EPSS

Exploits0References3

EUVD•added 2026/05/27 3:33 p.m.•5 views

EUVD-2026-32358

5.7AI score0.00032EPSS

Exploits0References6

EUVD•added 2026/05/27 3:33 p.m.•5 views

EUVD-2026-32324

5.7AI score0.00024EPSS

Exploits0References6

NVD•added 2026/05/27 2:16 p.m.•3 views

CVE-2026-45858

0.00024EPSS

Exploits0References5

CVE•added 2026/05/27 12:18 p.m.•10 views

CVE-2026-45972

The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...

9.8CVSS5.8AI score0.00072EPSS

Exploits0References6

CVE•added 2026/05/27 12:18 p.m.•10 views

CVE-2026-45944

CVE-2026-45944 affects the Linux kernel IOMMU VT-d. During context-entry teardown, the implementation zeros a 128‑bit entry in two 64‑bit writes, risking a torn entry where the Present bit remains set while other fields are zeroed, potentially causing unpredictable behavior or spurious faults. Th...

7.5CVSS5.7AI score0.00014EPSS

Exploits0References3

CVE•added 2026/05/27 12:17 p.m.•8 views

CVE-2026-45892

Summary of CVE-2026-45892 : In the Linux kernel ext4 code, during the split of an unwritten extent, a zeroing step after partial validation could leave a stale unwritten extent in the extent status tree. Specifically, splitting at B with EXT4_EXT_DATA_PARTIAL_VALID1 and EXT4_EXT_MAY_ZEROOUT could...

5.7AI score0.00032EPSS

Exploits0References6

Cvelist•added 2026/05/27 12:17 p.m.•28 views

CVE-2026-45892 ext4: drop extent cache after doing PARTIAL_VALID1 zeroout

0.00032EPSS

Exploits0References6