Lucene search
K
AttackerkbRecent

74784 matches found

ATTACKERKB
ATTACKERKB
•added 2026/06/25 1:1 p.m.•7 views

CVE-2026-42390

An invalid zone might pass ZONEMD validation while it should not. This is only relevant if ZoneToCache is configured with ZONEMD validation...

5.3CVSS5.8AI score0.00213EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:59 p.m.•9 views

CVE-2026-42388

Incomplete validation of the SOA record present in a catalog zone might lead to a crash...

5.9CVSS5.8AI score0.004EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:59 p.m.•6 views

CVE-2026-42387

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...

5.9CVSS5.8AI score0.004EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:58 p.m.•7 views

CVE-2026-40012

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS5.9AI score0.00305EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:58 p.m.•5 views

CVE-2026-33612

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning...

7.5CVSS5.8AI score0.00119EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:24 p.m.•7 views

CVE-2026-42004

An attacker can send a crafted EDNS OPT record that will be ignored by DNSdist’s filtering rules, but will be rewritten as a valid OPT record when EDNS Client Subnet is inserted, causing the backend to see the EDNS options that DNSdist did not filter...

3.7CVSS5.9AI score0.00162EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:23 p.m.•5 views

CVE-2026-40211

An attacker can send crafted DNS over HTTP/3 queries, triggering an exception that prevents some buffer from being freed right away. The buffer will be freed at the end of the QUIC connection, but on some setups it might be possible to open enough concurrent DoH3 streams to trigger an out-of-memo...

5.3CVSS6.1AI score0.00413EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:23 p.m.•5 views

CVE-2026-40210

An out-of-bounds read might happen when SetMacAddrAction is used, potentially resulting in uninitialized memory being sent over the network or a crash...

4.8CVSS5.9AI score0.00336EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:23 p.m.•7 views

CVE-2026-40209

An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a denial of service if there is a limit to the number of concurrent connections to this backend, or...

5.3CVSS5.8AI score0.00404EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:22 p.m.•5 views

CVE-2026-40208

An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame...

3.7CVSS5.9AI score0.00285EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 12:22 p.m.•6 views

CVE-2026-40011

An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The prometheus endpoint will then be rejected by the scraper until the dynamic block expires...

3.7CVSS5.8AI score0.00158EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 11:57 a.m.•6 views

CVE-2026-42005

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

4.3CVSS5.9AI score0.00479EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:45 a.m.•9 views

CVE-2026-56091

When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://vulners.com/cve/CVE-2020-1957 https://www.cve.org/CVERecord , except that it affects the shiro-guice module...

8.2CVSS5.9AI score0.00422EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:44 a.m.•7 views

CVE-2026-56130

"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed. This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and 3.0.0-alpha-1, only whe...

2CVSS5.9AI score0.00224EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:40 a.m.•7 views

CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

5.6AI score0.00114EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53275

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group address is retrieved when initially parsing the packet. This pointer is later dereferenced without being...

5.7AI score0.00252EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53276

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hciconn pointer In isosockrebindbc, the bis pointer is cached, then the socket lock is dropped: bis = isopisk-conn-hcon; / Release the socket before lookups since that requires hcidevlo...

5.6AI score0.0012EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•9 views

CVE-2026-53274

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in smcsetsockopt causing local DoS A logic flaw in smcsetsockopt allows a local unprivileged user to cause a Denial of Service DoS by holding the socket lock indefinitely. The function smcsetsockopt...

5.9AI score0.00126EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53272

In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi-syncdecompress zerofsdecompresskickoff can race with filesystem unmount, causing a use-after-free on sbi-syncdecompress. When I/O completes, zerofsendio calls zerofsdecompresskickoff to queue...

5.6AI score0.00125EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53273

In the Linux kernel, the following vulnerability has been resolved: tee: optee: prevent use-after-free when the client exits before the supplicant Commit 70b0d6b0a199 "tee: optee: Fix supplicant wait loop" made the client wait as killable so it can be interrupted during shutdown or after a...

5.7AI score0.00126EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•8 views

CVE-2026-53271

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix NULL-deref of opinfo-conn in oplock/lease break notifiers smb2oplockbreaknoti and smb2leasebreaknoti read opinfo-conn into a local with neither READONCE nor a NULL check. Both run from oplockbreak after opinfogetlist h...

5.6AI score0.00119EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53270

In the Linux kernel, the following vulnerability has been resolved: ipvs: clear the svc scheduler ptr early on edit ipvseditservice while unbinding the old scheduler clears the svc-scheduler ptr after the scheduler module initiates RCU callbacks. This can cause packets to use the old scheduler at...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53269

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nftables expression, if done concurrently they can ra...

5.7AI score0.00119EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•8 views

CVE-2026-53268

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrackirc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different command. This helper should be deprecated, given...

5.7AI score0.00364EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53267

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report 1. A rule like the one below is enough to trigger the bug: table ip t chain pre type filter hook prerouting...

5.7AI score0.00128EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53266

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebtsnat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skbensurewritableskb, 0. This is intentional: at the bridge ebtables hooks the Ethernet header is...

5.6AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53265

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53263

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpaniphcmcastctxaddrcompress uses 1 as destination and &ipaddr-;s6addr11 as source, but both should be offset by one: 2 and &ipaddr-;s6addr12...

5.6AI score0.00119EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53264

In the Linux kernel, the following vulnerability has been resolved: net/sched: actapi: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action. Let's illustrate with CPU0 running NEWTFILTER and...

5.7AI score0.00129EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•8 views

CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

5.7AI score0.00125EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53261

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devlunregister, which calls devlinkrelput. This misses devlink instances that get a nested relation before registration and then fa...

5.7AI score0.00119EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53260

In the Linux kernel, the following vulnerability has been resolved: tcp: Add preemptdisable,enablenested in reqskqueuehashreq. syzbot reported a weird reqsk-rskrefcnt underflow in inetcskreqskqueuedrop. The captured reqskput in inetcskreqskqueuedrop is called only when it successfully removes req...

5.6AI score0.00349EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53259

In the Linux kernel, the following vulnerability has been resolved: ipv6: anycast: insert aca into global hash under idev-lock syzbot reported a splat 1: a slab-use-after-free in ipv6chkacastaddr, which walks the global inet6acaddrlst hash under RCU and dereferences a struct ifacaddr6 that has...

5.6AI score0.00123EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53258

In the Linux kernel, the following vulnerability has been resolved: wifi: fix leak if split 6 GHz scanning fails rdev-intscanreq is leaked if cfg80211scan fails. Note that it's supposed to be released at cfg80211scandone but this doesn't happen as rdev-scanreq is NULL at that point, too, leading ...

5.6AI score0.00117EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53257

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: enforce HE/EHT cap/oper consistency Xiang Mei reports that mac80211 could crash if ehtcap is set but ehtoper isn't. Rather than fixing that for the individual users, enforce that both HE/EHT have consistent elemen...

5.8AI score0.00104EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

5.7AI score0.00266EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•5 views

CVE-2026-53254

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: validate skb length in MCC handlers The RFCOMM MCC handlers cast skb-data to protocol-specific structs without validating skb-len first. A malicious remote device can send truncated MCC frames and trigger...

5.7AI score0.00283EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53255

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate advertising TLV before type checks tlvdataisvalid reads each advertising data field length from datai, then inspects datai + 1 for managed EIR types before checking that the current field still fits insi...

6AI score0.00122EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53253

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

5.7AI score0.00274EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53252

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix memory leak in error path of hciallocdev Early failures in Bluetooth HCI UART configuration leak SRCU percpu memory. When device initialization fails before hciregisterdev completes, the HCIUNREGISTER flag is never...

5.7AI score0.00136EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53251

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix not releasing hdev reference on isoconnbigsync hcigetroute returns a reference-counted hcidev pointer via hcidevhold. The function exits normally or with an error without ever releasing it...

5.7AI score0.00127EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•5 views

CVE-2026-53250

In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...

5.9AI score0.00112EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53248

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix use-after-free in metadata dst teardown airohametadatadstfree runs metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00391EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•4 views

CVE-2026-53249

In the Linux kernel, the following vulnerability has been resolved: ipv4: restrict IPOPTSSRR and IPOPTLSRR options This patch restricts setting Loose Source and Record Route LSRR and Strict Source and Record Route SSRR IP options to users with CAPNETRAW capability. This prevents unprivileged...

5.7AI score0.00128EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•3 views

CVE-2026-53247

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: Fix use-after-free in metadata dst teardown mtkfreedev calls metadatadstfree which frees the metadatadst with kfree immediately, bypassing the RCU grace period. In the RX path, skbdstsetnoref sets a...

5.7AI score0.00507EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•5 views

CVE-2026-53246

In the Linux kernel, the following vulnerability has been resolved: sctp: validate cached peer INIT chunk length in COOKIEECHO processing When a listening SCTP server processes a COOKIEECHO chunk, the cached peer INIT chunk embedded after the cookie is parsed and its parameters are later walked b...

6AI score0.00481EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•5 views

CVE-2026-53245

In the Linux kernel, the following vulnerability has been resolved: net/802/mrp: fix vector attribute parsing in mrppduparsevecattr In mrppduparsevecattr, vector attribute events are encoded three per byte and valen tracks the number of events left to process. The parser decrements valen after...

5.8AI score0.00128EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•6 views

CVE-2026-53244

In the Linux kernel, the following vulnerability has been resolved: VFS: fix possible failure to unlock in nfsd4createfile atomiccreate in fs/namei.c drops the reference to the dentry when it returns an error. This behaviour was imported into dentrycreate so that it will drop the reference if an...

5.7AI score0.00359EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53242

In the Linux kernel, the following vulnerability has been resolved: ALSA: PCM: Fix wait queue list corruption in sndpcmdrain on linked streams sndpcmdrain uses initwaitqueueentry which does not clear entry.prev/next, and addwaitqueue with a conditional removewaitqueue that is skipped when tocheck...

5.8AI score0.00138EPSS
Exploits0References8Affected Software1
ATTACKERKB
ATTACKERKB
•added 2026/06/25 8:39 a.m.•7 views

CVE-2026-53243

In the Linux kernel, the following vulnerability has been resolved: rseq: Fix using an uninitialized stack variable in rseqexituserupdate There is an bug in which an uninitialized stack variable is used in rseqexituserupdate as reported by syzbot: BUG: KMSAN: kernel-infoleak in rseqsetidsgetcsadd...

5.7AI score0.00112EPSS
Exploits0References3Affected Software1
Total number of security vulnerabilities74784