Lucene search
K
RedhatcveRecent

206286 matches found

RedhatCVE
RedhatCVE
•added 4 days ago•13 views

CVE-2026-53177

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer dereference PCIe errors detected by a Root Port or Downstream Port cause error recovery services to run on all subordinate devices regardless of administrative state. The .errordetected callback,...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-13029

An use after free flaw was found in the Web Authentication component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=521495992...

7.5CVSS5.7AI score0.00149EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-27145

A flaw was found in the crypto/x509 package of golang. This vulnerability allows a remote attacker to cause a Denial of Service DoS by presenting a specially crafted X.509 certificate with a large number of DNS Subject Alternative Name SAN entries. The certificate verification process, specifical...

7.5CVSS5.9AI score0.00763EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53201

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...

7.8CVSS5.7AI score0.00137EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•10 views

CVE-2026-53190

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain = dmafencegethead, taking an extra reference. On normal loop completion,...

5.5CVSS5.7AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-58058

A flaw was found in Nmap. A remote attacker or a scanned target can send a specially crafted IPv6 response with a truncated extension header. This can lead to an integer underflow, causing out-of-bounds reads and a denial of service DoS due to a crash during raw IPv6 scans. Mitigation Mitigation...

6.9CVSS5.7AI score0.00278EPSS
Exploits0References7
RedhatCVE
RedhatCVE
•added 4 days ago•9 views

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

8.3CVSS5.9AI score0.00333EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-55892

A flaw was found in Vim, an open-source command-line text editor. A remote attacker could exploit this vulnerability by convincing a user to load a specially crafted spell file. This malicious file can trigger a stack out-of-bounds write, which corrupts the editor's memory and causes it to crash...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53238

In the Linux kernel, the following vulnerability has been resolved: netlabel: validate unlabeled address and mask attribute lengths netlblunlabeladdrinfoget used the address attribute length to determine whether the attribute data could be read as an IPv4 or IPv6 address, but did not independentl...

5.5CVSS5.7AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53253

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: reject short frames before parsing A BNEP peer can send a short BNEP SDU. bneprxframe reads the packet type byte immediately and, for control packets, reads the control opcode and setup UUID-size byte before...

7.1CVSS5.7AI score0.00274EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-53214

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.5CVSS5.7AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-11972

A flaw was found in the Python tarfile module. When processing a specially crafted tar archive opened in 'streaming mode' mode='r|', the module does not properly handle the end-of-file EOF condition. This can cause the tarfile module to enter an infinite loop, leading to a Denial of Service DoS f...

8.2CVSS5.7AI score0.00433EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53202

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

7.8CVSS5.9AI score0.00146EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53265

In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

7CVSS5.7AI score0.00184EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53155

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: use correct flags for device private PMD entry Commit 65edfda6f3f2 "mm/rmap: extend rmap and migration support device-private entries" updated setpmdmigrationentry to use pmdphugegetandclear in the softleaf case, b...

5.4AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-12246

A flaw was found in NSD. A remote attacker, operating as a configured primary DNS server in a multi-tenant secondary DNS deployment, could exploit a bug involving specially crafted Address Prefix List APL resource records. By providing an APL record with an adflength larger than permitted, the...

8.1CVSS6.5AI score0.00265EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-12245

A flaw was found in NSD. When NSD is configured with DNS over TLS DoT, a remote attacker can exploit a vulnerability by performing a TLS action and then prematurely closing the connection. This action causes the server process to crash and restart. By repeatedly exploiting this flaw, an attacker...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53250

In the Linux kernel, the following vulnerability has been resolved: xsk: cache csumstart/csumoffset to fix TOCTOU in xskskbmetadata The TX metadata area resides in the UMEM buffer which is memory-mapped and concurrently writable by userspace. In xskskbmetadata, csumstart and csumoffset are read...

7.8CVSS5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-12244

A flaw was found in nsd. When nsd is configured as a secondary server for a zone, a remote attacker, acting as the primary server for that zone, can send a specially crafted DNS message within an AXFR Asynchronous Full Zone Transfer request. This message, containing a malformed SVCB Service Bindi...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-12490

A flaw was found in nsd. When a 'provide-xfr' is configured with a 'tls-auth-name', the server incorrectly allows zone transfers without requiring a client certificate if the request comes over TLS on the regular 'tls-port' or over TCP on the regular port, provided other access control conditions...

8.2CVSS5.8AI score0.00139EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53266

A flaw was found in the Linux kernel's netfilter bridge ebtables SNAT Source Network Address Translation module. This vulnerability allows a local attacker on a system configured with specific bridge netfilter rules to improperly modify underlying memory pages during an ARP Address Resolution...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53222

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix resource freeing order Commit a60fc3294a37 "ptp: rework ptpclockunregister to disable events" added a call to ptpdisableallevents which changes the configuration of pins if they support EXTTS events. In ptpocpdetach...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.5CVSS5.7AI score0.00162EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53204

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53146

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Limit XDomain response copy to actual frame size tbxdomaincopy copies req-responsesize bytes from the received packet buffer regardless of the actual frame size. When a short response arrives, this reads past the val...

7.1CVSS5.9AI score0.00242EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-54370

A time-of-check to time-of-use TOCTOU race condition vulnerability was found in acl. By replacing a pathname component with a symbolic link between a security check and subsequent file operations, an attacker can redirect file access control list operations. This occurs when privileged processes...

7.2CVSS5.7AI score0.00091EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-53122

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.5CVSS5.8AI score0.00179EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-54369

A flaw was found in the acl package, specifically within its libacl pathname-based functions. A local attacker could exploit this vulnerability by using a symbolic link to replace a pathname component. This could allow the attacker to redirect access control list ACL read or write operations to...

8.4CVSS5.9AI score0.00142EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-54371

A flaw was found in the attr package. This vulnerability allows a local attacker to perform a symlink traversal attack by replacing a pathname component with a symbolic link - either during directory hierarchy traversal by getfattr or during backup restoration by setfattr, which reads and resolve...

8.4CVSS5.7AI score0.00142EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53022

In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: bound enumeration string aggregation populateenumdata aggregates firmware-provided value-modifier and possible-value strings into fixed 512-byte struct members. The current code bounds each individu...

7CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-44605

No description is available for this CVE...

5.5CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-12856

A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user clicks a specially crafted link within a JavaDo...

8.8CVSS6.1AI score0.00297EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-50171

A flaw was found in the @angular/common package of Angular. The formatNumber function, which is also used by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. A remote attacker could exploit this by providing a maliciously crafted...

8.2CVSS5.6AI score0.00161EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-47162

A flaw was found in Vim, an open-source text editor. This vulnerability, located in the netrw plugin, involves a code injection issue when the editor processes directory paths. A malicious directory name, if crafted by an attacker, could bypass security measures and allow for the execution of...

8.8CVSS6.4AI score0.00219EPSS
Exploits0References6
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53323

A flaw was found in the Linux kernel's Distributed Switch Architecture DSA subsystem. Redundant locking operations within the DSA conduit ethtool wrappers can lead to a deadlock. A local attacker can exploit this by using the ethtool -i command, causing the system to become unresponsive and...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53293

A flaw was found in the Linux kernel's AMDGPU graphics driver. Multiple issues exist within the AMDGPUINFOREADMMRREG function, including an incorrect order of operations between the reset semaphore and the memory management lock, and memory allocation while holding the reset semaphore. These issu...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53299

A flaw was found in the Linux kernel, specifically within the airoha network driver. This vulnerability arises from an issue where a variable ndesc is initialized too early in the airohaqdmainittxqueue routine. If a queue entry list allocation fails, this premature initialization can lead to a NU...

5.8AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53301

A flaw was found in the Linux kernel. Missing reset operations can lead to a null pointer dereference, which may cause system instability or a denial of service DoS. This vulnerability occurs when the system attempts to use uninitialized reset operations, resulting in an unexpected system state...

5.7AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53278

A flaw was found in the Linux kernel's armmpam component. This vulnerability occurs when the destroycomponentcfg function is called from mpamdisable before the configuration array has been properly allocated. This can lead to a null pointer dereference, potentially causing a system crash and...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53321

A flaw was found in the Linux kernel's iouring subsystem, specifically in the Networked Asynchronous Packet Interface NAPI busy polling. This vulnerability allows NAPI to poll indefinitely for events when none are present, which can cause a task to become stuck. This can lead to a Denial of Servi...

5.5CVSS5.8AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53322

A flaw was found in the Linux kernel's vfio/pci subsystem. During device shutdown, an improper order of operations in cleaning up Direct Memory Access Buffers DMABUFs before disabling the function creates a brief window. In this window, a device's Base Address Registers BARs could still be access...

8.8CVSS5.7AI score0.00174EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53289

A flaw was found in the Linux kernel's ice network driver. This vulnerability allows a local attacker to trigger a NULL pointer dereference by initiating an NVM Non-Volatile Memory firmware update while the driver is in a transitional state. This can lead to a kernel crash, resulting in a Denial ...

5.5CVSS5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53283

A flaw was found in the Linux kernel's AMD IOMMU Input/Output Memory Management Unit driver. A local attacker or a specially configured PCI device could trigger an out-of-bounds read in the rlookupamdiommu function. This vulnerability occurs when a PCI device's Bus Device Function BDF is not...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53285

A flaw was found in the Linux kernel's drm/amd/display component. When the dcn32enablephantomplane function attempts to allocate memory using kvzalloc within a floating-point unit FPU enabled region where software interrupts softirqs are disabled, it can trigger an error. This can lead to a kerne...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53318

A flaw was found in the Linux kernel's wifi subsystem, specifically within the mt76: mt7925 driver. This vulnerability arises from a missing check for a NULL pointer before it is used in the mt7925txcheckaggr function. Exploiting this flaw could lead to a system crash, causing a Denial of Service...

5.5CVSS5.8AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53317

A flaw was found in the Linux kernel's Wi-Fi drivers mt76 and mt7921. A remote attacker could exploit this by configuring a Wi-Fi station with an Association ID AID exceeding the expected limit. This malformed AID can cause a firmware crash, leading to a Denial of Service DoS on the affected...

5.5CVSS5.8AI score0.00157EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53288

A flaw was found in the Linux kernel, affecting systems running on the arm64 architecture. This vulnerability occurs during the early kernel mapping process, where an insufficient number of pages are reserved for kernel segments. This can lead to an overflow of data into adjacent memory pages,...

5.9AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53306

A flaw was found in the Linux kernel. An off-by-one error in the hvciucv module can allow a local attacker to cause an out-of-bounds write. This memory corruption could lead to a denial of service DoS or potentially other impacts...

5.5CVSS5.8AI score0.00177EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-53312

A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit component for RISC-V architectures. An integer overflow in the invalidation path can lead to an infinite loop. This vulnerability could allow a local attacker to cause a Denial of Service DoS by triggering the overfl...

5.8AI score0.00154EPSS
Exploits0References4
Total number of security vulnerabilities206286