Lucene search
K
RedhatcveRecent

206296 matches found

RedhatCVE
RedhatCVE
•added 2026/06/26 7:27 a.m.•5 views

CVE-2026-53173

A flaw was found in the Linux kernel's accel/ethosu component. A local user can exploit this vulnerability by providing a specially crafted command stream, which causes an out-of-bounds write in memory. This memory corruption can lead to system instability, causing a denial of service or...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:27 a.m.•8 views

CVE-2026-54235

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. The temperature validation gates, which use comparison operators, incorrectly handle Not-a-Number NaN and positive Infinity values in Python's IEEE 754 float semantics. These invalid values can bypass...

6.9CVSS5.6AI score0.00261EPSS
Exploits1References6
RedhatCVE
RedhatCVE
•added 2026/06/26 7:23 a.m.•6 views

CVE-2026-40084

A flaw was found in Cacti. This Path Traversal vulnerability in the Report formatfile parameter allows a remote attacker to read arbitrary files from the filesystem. The system stores an unvalidated file path, which is later used to access files, leading to information disclosure...

6.5CVSS6AI score0.00324EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2026/06/26 7:23 a.m.•8 views

CVE-2026-53169

A flaw was found in the Linux kernel's accel/ethosu driver. An unprivileged local user with access to the Direct Rendering Manager DRM device could submit a specific command NPUOPRESIZE that the driver does not properly handle. This could lead to excessive kernel log spam and, if the paniconwarn...

5.8AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:23 a.m.•5 views

CVE-2026-53166

A flaw was found in the Linux kernel's futex Fast Userspace Mutex requeue mechanism. When a non-top waiter attempts to requeue a Priority Inheritance PI futex it already owns, a NULL pointer dereference can occur. This issue, specifically within the removewaiter function during a self-deadlock...

5.5CVSS5.7AI score0.00173EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:23 a.m.•5 views

CVE-2026-53241

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA sequencer dummy port. This vulnerability arises from a stack overread when processing Universal MIDI Packet UMP events, where the system attempts to copy a UMP-sized packet into a smaller, legacy-sized stack storage. Th...

5.5CVSS5.7AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:19 a.m.•6 views

CVE-2026-46611

A vulnerability in the Glances XML-RPC server fails to properly validate HTTP Host headers, enabling DNS rebinding attacks. If a user is tricked into visiting a malicious website, a remote attacker can exploit this flaw to exfiltrate sensitive system monitoring data. Mitigation The XML-RPC server...

5.3CVSS5.8AI score0.00156EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 2026/06/26 7:18 a.m.•7 views

CVE-2026-40941

A flaw was found in Cacti, an open-source performance and fault management framework. This vulnerability allows a remote attacker to bypass the package import signature validation. By exploiting this flaw, an attacker can import self-signed packages, potentially leading to the execution of...

8.8CVSS6AI score0.00159EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 2026/06/26 7:9 a.m.•4 views

CVE-2026-53207

A flaw was found in the Linux kernel's memory management, specifically concerning huge pages. When two concurrent memory poisoning operations madviseMADVHWPOISON occur on the same huge page while it is also being unmapped, a recursive spinlock self-deadlock can be triggered. This can lead to a...

5.5CVSS5.8AI score0.0018EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:9 a.m.•5 views

CVE-2026-40082

A flaw was found in Cacti. This vulnerability, known as Session Fixation, occurs because the application does not regenerate the session identifier after a user successfully logs in. A remote attacker could exploit this by tricking a user into authenticating with a predetermined session ID,...

5.4CVSS5.8AI score0.00183EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2026/06/26 7:9 a.m.•6 views

CVE-2026-54232

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. This vulnerability, a dependency confusion attack, allows a remote attacker to execute arbitrary code with root privileges during the Docker build process. By exploiting this, an attacker can compromise the...

8.8CVSS6.1AI score0.00304EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:9 a.m.•5 views

CVE-2026-40083

A flaw was found in Cacti. This vulnerability, a SQL Injection, allows a remote attacker with SNMP Simple Network Management Protocol agent management permissions to execute arbitrary SQL commands. The flaw occurs due to unsanitized deserialization of user-controlled input in the managers.php fil...

7.2CVSS6.1AI score0.00279EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2026/06/26 7:5 a.m.•4 views

CVE-2026-53135

A flaw was found in the Linux kernel's drm/amd/display module. A local user could exploit this vulnerability by writing to the sdpmessage debugfs node. The system may experience a kernel crash due to a null pointer dereference, leading to a denial of service DoS. Additionally, the flaw could resu...

6AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 7:1 a.m.•6 views

CVE-2026-53151

A flaw was found in the Linux kernel's AFRXRPC subsystem. This vulnerability involves incorrect handling of fragmented UDP packets when parsing the SACK Selective Acknowledgment table. An attacker could potentially craft a fragmented UDP packet to trigger an incorrect buffer access within the...

9.8CVSS5.9AI score0.00481EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:31 a.m.•11 views

CVE-2026-53199

A flaw was found in the Linux kernel's Hyper-V network virtual service client hvnetvsc component. This vulnerability occurs in the netvsccopytosendbuf function, where incorrect memory mapping of page buffer entries can lead to a system fault. Specifically, on 32-bit x86 systems with high memory...

7.5CVSS6AI score0.0053EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:31 a.m.•8 views

CVE-2026-53160

A flaw was found in the Linux kernel's fastrpc component. A race condition in the fastrpcmapcreate function allows for a use-after-free vulnerability. This could enable an attacker to cause system instability, disclose sensitive information, or potentially execute unauthorized code...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:26 a.m.•8 views

CVE-2026-53263

A flaw was found in the Linux kernel's 6lowpan component. An off-by-one error during multicast context address compression can lead to the transmission of uninitialized kernel stack memory over the network. This vulnerability results in information disclosure, potentially allowing an attacker to...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:26 a.m.•8 views

CVE-2026-53157

A flaw was found in the Linux kernel's phonet networking subsystem. This vulnerability occurs because a phonet device is freed immediately after being removed from a list, while other parts of the kernel RCU readers may still hold a pointer to the freed memory. This can lead to a use-after-free...

7CVSS5.8AI score0.00173EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:22 a.m.•9 views

CVE-2026-53216

A flaw was found in the Linux kernel's mvpp2 network driver. This vulnerability arises from improper handling of the eXpress Data Path XDP frame size, where the system advertises a larger frame size than the actual allocated buffer for short buffer pools. This can allow the bpfxdpadjusttail...

9.8CVSS6AI score0.00546EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:22 a.m.•8 views

CVE-2026-53252

A flaw was found in the Linux kernel's Bluetooth subsystem. Specifically, an issue in the error handling path of the hciallocdev function within the Bluetooth Host Controller Interface HCI Universal Asynchronous Receiver/Transmitter UART configuration can lead to a memory leak. This occurs when...

5.5CVSS5.8AI score0.00189EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:16 a.m.•7 views

CVE-2026-53223

A flaw was found in the Linux kernel's networking component. This vulnerability allows a remote attacker to potentially access sensitive information or cause system instability. By sending specially crafted network packets, an attacker can exploit an issue in how the kernel handles timestamping f...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:11 a.m.•6 views

CVE-2026-53233

A flaw was found in the Linux kernel. A double-free vulnerability exists within the netdevnlbindrxdoit function, which is responsible for binding network device receive operations. This vulnerability arises when genlmsgreply consumes the socket buffer skb, and the error handling path subsequently...

7CVSS6.2AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:7 a.m.•5 views

CVE-2026-53186

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA SCSI RDMA Protocol SRP component. A malicious or compromised SRP target on the InfiniBand/RoCE fabric can exploit this vulnerability by sending a specially crafted SRP response with an excessively large data length. This can...

9.1CVSS5.8AI score0.00544EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:7 a.m.•6 views

CVE-2026-53255

A flaw was found in the Linux kernel's Bluetooth Management MGMT component. A remote attacker could exploit this by providing specially crafted advertising data, leading to an out-of-bounds read vulnerability. This occurs because the system incorrectly validates the length of advertising data...

5.5CVSS5.9AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:3 a.m.•6 views

CVE-2026-53217

A flaw was found in the Linux kernel's mvpp2 network driver. This issue occurs because the driver incorrectly synchronizes received RX data at the hardware packet offset. On systems with non-coherent Direct Memory Access DMA, this can lead to the Central Processing Unit CPU reading stale cache...

8.6CVSS5.8AI score0.00401EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:3 a.m.•5 views

CVE-2026-53200

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64 architectures. This vulnerability arises from incorrect handling of the Execute Never XN bit, a memory protection feature, when the FEATXNX feature is not enabled. This error can lead to execute permissions being...

8.8CVSS6.2AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 1:3 a.m.•6 views

CVE-2026-53191

A flaw was found in the Linux kernel's iouring networking component. During bundle receive retries, an issue with inheriting the IORINGCQEFBUFMORE flag can cause the userspace to incorrectly advance the ring head. This memory handling error could lead to information disclosure or potentially allo...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:47 a.m.•4 views

CVE-2026-53203

A flaw was found in the Linux kernel's accel/ivpu component. This vulnerability, a buffer overflow, occurs when the firmware returns a size larger than the allocated buffer during a metric stream information query. This can lead to an incorrect buffer copy, potentially causing system instability ...

7.1CVSS6AI score0.00146EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:37 a.m.•4 views

CVE-2026-53205

A flaw was found in the Linux kernel's Intel Versatile Processing Unit IVPU accelerator driver. This vulnerability occurs due to insufficient validation of read and write indices in the firmware log buffer. If the firmware provides invalid log indices, it could lead to out-of-bounds buffer access...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:37 a.m.•7 views

CVE-2026-53254

A flaw was found in the Linux kernel's Bluetooth RFCOMM Radio Frequency Communication subsystem. A malicious remote device could exploit this vulnerability by sending specially crafted, truncated Multiplexing Control Channel MCC frames. This lack of proper validation of incoming data length befor...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:32 a.m.•6 views

CVE-2026-53192

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA timer component. A race condition can occur during the release of a timer object, specifically when the SNDRVTIMERIOCTLPARAMS ioctl is called concurrently. This can lead to a use-after-free vulnerability, potentially...

7.8CVSS6.4AI score0.00134EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:27 a.m.•5 views

CVE-2026-53244

A flaw was found in the Linux kernel's Network File System Daemon NFSD component. When NFSD exports a filesystem utilizing atomiccreate, an error during atomiccreate processing can result in nfsd4createfile failing to unlock the parent directory. This resource management issue may lead to resourc...

7.5CVSS5.8AI score0.00359EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:27 a.m.•7 views

CVE-2026-53195

A flaw was found in the USB: serial: ioti module of the Linux kernel. The buildi2cfwhdr function allocates a fixed-size buffer but copies data into it without properly validating the input length from the firmware header. This oversight allows an attacker to provide a crafted firmware image,...

7CVSS6.7AI score0.00203EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:23 a.m.•6 views

CVE-2026-53262

A flaw was found in the Linux kernel's pppol2tp module. This Use-After-Free UAF vulnerability arises from improper handling of session references within the pppol2tpioctl function. A local attacker could exploit this by triggering a race condition during data copying, leading to the dereferencing...

7.8CVSS6AI score0.00125EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•6 views

CVE-2026-53172

A flaw was found in the Linux kernel's accel/ethosu component. An incorrect mask used when processing the NPUSETIFMREGION command allows a local userspace caller to provide an out-of-bounds region index. This can lead to an out-of-bounds write, corrupting adjacent kernel heap data...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•7 views

CVE-2026-53170

A flaw was found in the Linux kernel's accel/ethosu driver. A local attacker could exploit a vulnerability where DMA commands with uninitialized length are not properly handled. By omitting a specific DMA length setup command and issuing a DMA start command, a user could bypass bounds checks,...

8.8CVSS6.1AI score0.00137EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•9 views

CVE-2026-53247

A flaw was found in the Linux kernel's ethernet driver for MediaTek mtkethsoc network devices. This vulnerability, a 'use-after-free', occurs when the system attempts to free a memory region while it is still being used by network packet processing. This can allow a local attacker to trigger syst...

9.8CVSS5.9AI score0.00507EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•4 views

CVE-2026-53136

A flaw was found in the Linux kernel's AMD display driver. This vulnerability occurs when the driver processes malformed VBIOS Video Basic Input/Output System data. Specifically, unvalidated register counts in the VBIOS can lead to an out-of-bounds memory write during the driver's initialization...

6AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•6 views

CVE-2026-53240

A flaw was found in the Linux kernel's xfrm: iptfs component. A race condition during partial packet reassembly in the inputprocesspayload function can lead to a use-after-free vulnerability. This occurs when a concurrent process frees a packet buffer skb before it is checked, allowing subsequent...

8.8CVSS6AI score0.00418EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•12 views

CVE-2026-53215

A flaw was found in the Linux kernel's mvpp2 network driver. This vulnerability occurs due to incorrect handling of receive RX buffers, where a buffer is returned to the hardware Buffer Manager BM pool after it has been passed to the eXpress Data Path XDP or attached to a socket buffer skb. This...

9.8CVSS5.9AI score0.00546EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•5 views

CVE-2026-53273

A flaw was found in the Linux kernel's Trusted Execution Environment TEE subsystem, specifically within the OP-TEE driver. This use-after-free vulnerability occurs when a client task terminates before its associated supplicant has finished processing a request. This timing issue can lead to the...

7.8CVSS6AI score0.00126EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:18 a.m.•6 views

CVE-2026-53234

A flaw was found in the Linux kernel's IBM EMAC network driver. This vulnerability occurs due to incorrect handling of device unregistration during the device removal process. It creates a window where the network stack can attempt to access hardware resources that have already been freed. This...

5.7AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:17 a.m.•7 views

CVE-2026-53248

A flaw was found in the Linux kernel's airoha network driver. This use-after-free vulnerability occurs when the airohametadatadstfree function frees memory prematurely, before all references to it are released. If a network packet still holds a pointer to the freed memory, a use-after-free...

8.8CVSS5.8AI score0.00391EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:17 a.m.•7 views

CVE-2026-53198

A flaw was found in ksmbd, a Linux kernel module that provides an in-kernel SMB server. An authenticated SMB client can trigger a use-after-free vulnerability by sending a double SMB2CANCEL request for the same asynchronous operation. This can lead to memory corruption, potentially allowing an...

8.8CVSS6.1AI score0.00466EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:17 a.m.•7 views

CVE-2026-53161

A flaw was found in the Linux kernel's fastrpc module. A race condition between closing a file descriptor and processing Digital Signal Processor DSP responses can lead to a use-after-free vulnerability. This allows a local attacker to potentially cause a system crash or, in some cases, execute...

7.8CVSS6.2AI score0.00135EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:17 a.m.•8 views

CVE-2026-53159

A flaw was found in the Linux kernel's fastrpc module. The fastrpcgetargs function incorrectly calculates a Direct Memory Access DMA address offset for user-provided pointers. This can lead to an underflow, corrupting the DMA address sent to the Digital Signal Processor DSP. This corruption could...

5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:12 a.m.•6 views

CVE-2026-53150

A flaw was found in the Linux kernel's Thunderbolt subsystem. The tbpropertyentryvalid function, which validates Thunderbolt property entries, accepts zero-length TEXT entries. This can cause an underflow in the null-termination logic, resulting in an out-of-bounds write to memory. This memory...

7CVSS5.8AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:8 a.m.•4 views

CVE-2026-52978

A flaw was found in the Linux kernel's Platform Security Processor PSP networking component. A local user without administrative privileges could exploit this vulnerability by utilizing the dev-set and key-rotate netlink operations. These operations, which modify sensitive PSP version configurati...

5.8AI score0.00173EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:8 a.m.•7 views

CVE-2026-52983

A flaw was found in the Linux kernel's airoha network driver. This vulnerability stems from an inconsistent accounting of inflight packets in the transmit TX path, leading to a Byte Queue Limit BQL imbalance. This issue could potentially result in network performance degradation or a denial of...

7.5CVSS5.8AI score0.00451EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 2026/06/26 12:8 a.m.•4 views

CVE-2026-10804

A flaw was found in Streamlit, within its Palette Handler component. This vulnerability stems from the use of a weak hashing algorithm. A local attacker could exploit this flaw, though it requires a high level of technical complexity. Successful exploitation may lead to a low impact on the...

4.7CVSS5.8AI score0.00083EPSS
Exploits0References10
Total number of security vulnerabilities206296