Lucene search
+L
RedhatcveRecent

206772 matches found

redhatcve
redhatcve
•added 2026/05/27 7:37 p.m.•12 views

CVE-2026-46050

A flaw was found in the Linux kernel's md/raid10 component. A local user performing a check operation while an application is doing nowait I/O Input/Output on the same array can trigger a deadlock. This occurs because the nrpending value underflows, causing the md resync thread to become stuck...

5.5CVSS5.8AI score0.00095EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:34 p.m.•16 views

CVE-2026-46052

A flaw was found in the Linux kernel's Ceph filesystem. A local user or process interacting with the Ceph filesystem could trigger a dcache hash corruption when a negative dentry is incorrectly re-added to the dcache hash while it is already present. This can cause the system to experience an RCU...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:20 p.m.•14 views

CVE-2026-46054

A flaw was found in the Linux kernel's SELinux security module when handling overlayfs. The existing security model for overlayfs does not properly enforce access controls for mmap and mprotect operations. This oversight could allow a local attacker to bypass intended security policies, potential...

7.1CVSS5.8AI score0.00118EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:19 p.m.•13 views

CVE-2026-46053

A flaw was found in the Linux kernel's Reliable Datagram Sockets RDS network protocol. When handling memory registration MR cleanup, specifically during the process of copying generated cookies back to user space, an error in the cleanup path could lead to resources being freed multiple times. Th...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:15 p.m.•11 views

CVE-2026-46059

A flaw was found in the Linux kernel's KVM Kernel-based Virtual Machine nSVM module. This vulnerability occurs when running nested virtual machines L2 guests with NRIPS Next Instruction Pointer Suppression disabled. After an L2 guest's initial run, the NextRIP value in vmcb02 may not be correctly...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:10 p.m.•14 views

CVE-2026-46061

A flaw was found in the Linux kernel's journaling block device jbd2 subsystem. A lock ordering issue within the jbd2journalcancelrevoke function can lead to a deadlock under specific conditions, particularly when the filesystem blocksize is smaller than the pagesize. This vulnerability could allo...

5.5CVSS5.8AI score0.00094EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 7:7 p.m.•14 views

CVE-2026-46056

A flaw was found in the Linux kernel's Bluetooth subsystem. This vulnerability, a Use-After-Free UAF, exists within the Secure Simple Pairing SSP passkey handlers. It occurs when hciconn lookup and field access are performed without proper locking, allowing a connection to be freed concurrently...

8.8CVSS6AI score0.00262EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 6:57 p.m.•15 views

CVE-2026-46064

A flaw was found in the Linux kernel's ibmasm module. A local root user can exploit a heap over-read vulnerability within the ibmasmsendi2omessage function. This vulnerability arises from insufficient validation of user-controlled input sizes, allowing the system to read beyond allocated memory...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 6:40 p.m.•18 views

CVE-2026-46066

A flaw was found in the Linux kernel's Ceph filesystem. When writing to encrypted CephFS files, a failure to allocate a bounce buffer for a dirty folio can lead to an off-by-one error in the numops counter. This inconsistency can cause a kernel panic, resulting in a Denial of Service DoS for the...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 6:40 p.m.•20 views

CVE-2026-46065

A flaw was found in the Linux kernel's framebuffer device fbdev deferred I/O defio mechanism. A local user with an active mapping of graphics memory could trigger a device hot-unplug, leading to the system accessing undefined memory. This can result in system instability or a crash, causing a...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 6:34 p.m.•14 views

CVE-2026-46069

A flaw was found in the Linux kernel's mwifiex Wi-Fi driver. The mwifiexadaptercleanup function incorrectly uses a non-synchronous timer deletion, allowing the wakeuptimer callback to access memory after it has been freed. This use-after-free vulnerability can lead to system instability, crashes,...

7.8CVSS6AI score0.00126EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 6:21 p.m.•13 views

CVE-2026-46070

A flaw was found in the Linux kernel's md/raid5 component. This vulnerability arises from insufficient validation of payload sizes within journal metadata blocks. A local attacker can exploit this by providing a corrupted journal, leading to out-of-bounds reads when the system processes payload...

7.1CVSS5.8AI score0.00126EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:49 p.m.•15 views

CVE-2026-46078

A flaw was found in the Linux kernel's EROFS filesystem. A local attacker could exploit an out-of-bounds read vulnerability by creating a specially crafted EROFS image. This issue arises from incorrect calculations of directory entry name lengths, which can cause the system to read beyond allocat...

7.1CVSS5.8AI score0.00131EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:49 p.m.•22 views

CVE-2026-46076

A flaw was found in the Kernel-based Virtual Machine KVM nSVM module of the Linux kernel. This vulnerability occurs when an unhandled VMMCALL is not properly intercepted by the Level 1 L1 hypervisor. A malicious Level 2 L2 guest operating system could exploit this by making specific hypercalls,...

7.9CVSS5.8AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:37 p.m.•12 views

CVE-2026-46079

A flaw was found in the Linux kernel's Rados Block Device rbd module. When adding a new block device, a double teardown of resources can occur if the disk addition process fails. This can lead to a null-pointer dereference during cleanup operations, allowing a local attacker to cause a system...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:29 p.m.•11 views

CVE-2026-46083

A flaw was found in the Linux kernel. This vulnerability occurs when the spisetup function fails during the registration of a device, leading to improper cleanup and subsequent resource leaks. This can result in a denial of service DoS due to the exhaustion of system resources...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:29 p.m.•19 views

CVE-2026-46082

A flaw was found in the Linux kernel's virtualization component, known as KVM. This vulnerability arises when a specific instruction, INVLPGA, is used in a virtualized environment without the proper security setting EFER.SVME. The system fails to trigger an expected error, which could allow a loc...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•10 views

CVE-2026-46085

A flaw was found in the Linux kernel's rxrpc subsystem, specifically in the rxkad crypto unalignment handling. A remote attacker could send a specially crafted packet with a misaligned crypto length. This improper handling could lead to system instability or a denial of service DoS due to incorre...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•11 views

CVE-2026-46088

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•12 views

CVE-2026-46087

A flaw was found in the Linux kernel's Data Access MONitor DAMON subsystem. When the damonstart function fails during the damonstatstart operation, the system does not properly release the allocated memory context. This oversight leads to a memory leak, where previously allocated memory becomes...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•14 views

CVE-2026-46092

A flaw was found in the Linux kernel's rtw88 Wi-Fi driver. When the 8821CE device is installed on a system where it is on a root bus, the driver's probing routine does not properly check for the existence of a PCI upstream bridge. This oversight can lead to a system crash, resulting in a denial o...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•14 views

CVE-2026-46091

A flaw was found in the igorplugusb component of the Linux kernel. The USB request structure, when handled by Direct Memory Access DMA on certain host controllers, did not properly follow DMA coherency rules. This oversight could lead to data integrity issues or unexpected system behavior, as the...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:27 p.m.•12 views

CVE-2026-46084

A flaw was found in the Linux kernel's RDMA Remote Direct Memory Access manaib driver. When a Receive Side Scaling Queue Pair RSS QP is destroyed, the vPort RX receive steering in the firmware is not properly disabled, leaving stale steering configurations. This can lead to receive completions...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:21 p.m.•18 views

CVE-2026-8643

A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially crafted entry-point names that use directory traversal or absolute paths. This allows pip to wri...

8CVSS6AI score0.0032EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:17 p.m.•11 views

CVE-2026-46086

A flaw was found in the Linux kernel. Inconsistent handling of local Forwarding Database FDB entries in the bridge networking component's RCU Read-Copy-Update readers can lead to a null-pointer dereference. A local attacker could exploit this by triggering a concurrent update to an FDB entry,...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:13 p.m.•16 views

CVE-2026-46089

A flaw was found in the Linux kernel's zram module. This vulnerability allows a local user to cause a system hang, leading to a Denial of Service DoS. The issue occurs because the zram module fails to properly handle partial discard requests, specifically by not calling endio when such requests a...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:7 p.m.•11 views

CVE-2026-46090

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture aloop driver. This Use-After-Free UAF vulnerability occurs when loopbackcheckformat stops the capture side during a format change, while a concurrent close operation detaches or frees the runtime. An attacker could...

7.8CVSS6AI score0.00103EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:7 p.m.•14 views

CVE-2026-46093

A flaw was found in the Linux kernel's memory management vmalloc subsystem. The decayvapoolnode function, when invoked concurrently from the shrinker path, lacks proper serialization. This oversight can lead to race conditions, potentially resulting in memory leaks and affecting system stability...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:0 p.m.•29 views

CVE-2026-46095

A flaw was found in the Linux kernel's RAID Redundant Array of Independent Disks driver component. A race condition can occur when the system attempts to write or discard data, as a necessary synchronization barrier is not properly established before critical state changes. This oversight could...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:0 p.m.•11 views

CVE-2026-46097

A flaw was found in the Linux kernel's edt-ft5x06 input driver. This vulnerability, a use-after-free, arises during the debugfs teardown, allowing debugfs files to be accessed after an associated buffer has been released. This could enable a local attacker to cause system instability or potential...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:0 p.m.•13 views

CVE-2026-46096

A flaw was found in the Linux kernel's tpm2-sessions component. The tpm2readpublic function fails to properly destroy a buffer on certain exit paths, leading to a page allocation leak. This resource exhaustion could allow a local attacker to cause a Denial of Service DoS...

5.5CVSS6AI score0.00121EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 5:0 p.m.•12 views

CVE-2026-46098

A flaw was found in the Linux kernel's CAIF network module. When a client is torn down, the caiffreeclient function frees a service pointer but leaves it in a stale state. If the socket is later destroyed, caiffreeclient may be called again, attempting to use the previously freed pointer. This ca...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 4:59 p.m.•15 views

CVE-2026-46103

A flaw was found in the Linux kernel's can: ucan USB driver. This vulnerability arises from incorrect management of device resource lifetimes, where resources are tied to the parent USB device instead of the USB interface. This can lead to memory leaks when drivers are unbound without the...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 4:59 p.m.•12 views

CVE-2026-46101

A flaw was found in the Linux kernel's Netfilter subsystem. Specifically, the nftbitwise expression incorrectly handles zero shift operands during initialization. This can lead to undefined behavior within the kernel, potentially causing system instability. An attacker could exploit this by...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 4:59 p.m.•11 views

CVE-2026-46100

A flaw was found in the Linux kernel's AFS Andrew File System component. The mmapprepare function was incorrectly used, leading to a reference count refcount leak. This issue occurs when mmapprepare establishes a refcount, but a subsequent operation fails, causing the refcount to be leaked. This...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 4:49 p.m.•12 views

CVE-2026-46099

A flaw was found in the Linux kernel's IPv6 networking implementation, specifically within the seg6 and rpl lwtunnels. A race condition can occur when handling destination cache entries, where a NOREF no reference destination object is used after it has been freed. This use-after-free vulnerabili...

8.1CVSS5.7AI score0.00321EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 4:45 p.m.•13 views

CVE-2026-46102

A flaw was found in the Linux kernel's network stream parser. This vulnerability occurs when the stream parser is unexpectedly stopped, such as during a message assembly timeout. A partially processed network message is not properly released from memory, leading to a memory leak. An attacker coul...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 2:12 p.m.•12 views

CVE-2026-3345

IBM Langflow Desktop =1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system...

6.5CVSS6AI score0.00374EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/27 2:12 p.m.•15 views

CVE-2026-9299

A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memory corruption. Remote exploitation of the attack is possible. The exploit has been published and m...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/27 2:12 p.m.•11 views

CVE-2026-9295

A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...

9CVSS7.8AI score0.00542EPSS
Exploits0References1
redhatcve
redhatcve
•added 2026/05/27 1:9 p.m.•11 views

CVE-2026-2651

A flaw was found in MLflow when the --serve-artifacts mode is enabled. A remote attacker can exploit this vulnerability due to insufficient resource-level permission checks for multipart upload MPU endpoints. This allows the attacker to overwrite artifacts belonging to other users, which can lead...

9CVSS7.7AI score0.00345EPSS
Exploits1References5
redhatcve
redhatcve
•added 2026/05/27 12:59 p.m.•14 views

CVE-2026-2611

A flaw was found in MLflow. Improper origin validation in the MLflow Assistant's /ajax-api endpoints allows a remote attacker to exploit cross-origin requests from a malicious webpage. This enables interaction with the MLflow Assistant running on a victim's local machine, bypassing loopback-only...

9.6CVSS7.5AI score0.00371EPSS
Exploits1References5
redhatcve
redhatcve
•added 2026/05/27 12:50 p.m.•13 views

CVE-2026-9704

A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subjecttoken JSON Web Token JWT to the TokenEndpoint. When the token exceeds a 4000-character limit, it is silently dropped, causing the system to fall back to client...

8.8CVSS5.7AI score0.0032EPSS
Exploits0References3
redhatcve
redhatcve
•added 2026/05/27 12:45 p.m.•15 views

CVE-2026-45834

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol implementation. A missing null pointer guard in the l2capsockstatechangecb function can lead to a null pointer dereference. This vulnerability could allow an attacker to cause a system crash,...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:45 p.m.•18 views

CVE-2026-45836

A flaw was found in the Linux kernel's Bluetooth L2CAP subsystem. This vulnerability, a null-pointer dereference, occurs due to a missing NULL guard in the l2capsockgetsndtimeocb function. A local attacker could exploit this flaw to trigger a system crash, leading to a Denial of Service DoS...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:45 p.m.•12 views

CVE-2026-45835

A flaw was found in the Linux kernel's Bluetooth L2CAP Logical Link Control and Adaptation Protocol component. A missing null pointer check in the l2capsocknewconnectioncb function could allow a remote attacker to trigger a null-pointer dereference. This vulnerability can lead to a system crash,...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:40 p.m.•18 views

CVE-2026-45839

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter CO-RE Compile Once - Run Everywhere accessor parsing. A local attacker with CAPBPF capabilities could craft a malicious BPF program that uses negative CO-RE accessor indices. This input validation vulnerability allows for an...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:39 p.m.•16 views

CVE-2026-45838

A flaw was found in the Linux kernel. Specifically, within the Berkeley Packet Filter BPF component, an error in the cgroupstoragegetnextkey function's end-of-list detection mechanism can cause the system to read from an invalid memory location. This incorrect handling may lead to internal map...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:39 p.m.•15 views

CVE-2026-45837

A flaw was found in the Linux kernel. A use-after-free vulnerability exists in the arenavmclose function during a fork operation. This occurs because the child's Virtual Memory Area VMA is not correctly registered, leading to a dangling pointer. If a child process attempts to access this stale...

7.8CVSS5.8AI score0.00116EPSS
Exploits0References4
redhatcve
redhatcve
•added 2026/05/27 12:34 p.m.•15 views

CVE-2026-45840

A flaw was found in the Linux kernel's Open vSwitch component. A local attacker, with administrative network capabilities, could exploit this by providing an overly large Process ID PID array. This action triggers a buffer overflow within the network link netlink reply mechanism, leading to a...

7CVSS6AI score0.00117EPSS
Exploits0References4
Total number of security vulnerabilities206772