Lucene search
K
RedhatcveRecent

206286 matches found

RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53298

A flaw was found in the Linux kernel's airoha network driver. An issue with early initialization of the ndesc variable in the airohaqdmainitrxqueue routine can lead to a NULL pointer dereference during cleanup. This can result in a Denial of Service DoS condition. Additionally, improper ordering ...

5.8AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•8 views

CVE-2026-54285

A flaw was found in the @opentelemetry/core component of the OpenTelemetry JavaScript Client. This vulnerability allows a remote attacker to trigger uncontrolled memory allocation by sending oversized baggage HTTP headers. The system's inability to enforce size limits during inbound baggage parsi...

5.3CVSS5.8AI score0.00238EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53302

A flaw was found in the Linux kernel's cryptographic module, specifically within the EIP93 hardware accelerator driver. An error in how the system allocates resources for HMAC Keyed-Hash Message Authentication Code operations can lead to a critical system failure. When certain cryptographic...

5.8AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53313

A flaw was found in the Linux kernel's drm/amd/display module. This vulnerability allows for a denial of service DoS due to a NULL pointer dereference. Specifically, the dcdmubsrvlogdiagnosticdata and dcdmubsrvenabledpiatrace functions do not correctly handle a NULL dcdmubsrv pointer before...

5.5CVSS5.7AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53296

A flaw was found in the Linux kernel, specifically within the mailbox-test component. This vulnerability occurs when channels are not correctly released during a probe error, leading to a memory leak and a Use-After-Free UAF condition. A Use-After-Free UAF is a memory corruption vulnerability tha...

5.5CVSS6.2AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53290

A flaw was found in the Linux kernel's drm/xe/eustall component. This vulnerability occurs because the drmdevput function is called before a stream is disabled and its resources are freed within xeeustallstreamclose. This timing issue can lead to a use-after-free condition, where device structure...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-56766

A flaw was found in Hydra. A malicious server can exploit a stack buffer overflow vulnerability in the NTLM authentication modules by sending a specially crafted NTLM Type-2 challenge. This can lead to an overflow of a stack buffer, potentially enabling remote code execution on systems that lack...

8.8CVSS6.5AI score0.00474EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53308

A flaw was found in the Linux kernel's max77705 power supply driver. Incorrect management of workqueues and interrupt handlers during device removal can lead to a use-after-free vulnerability. This allows for the potential use of freed memory, which could result in system instability or, in certa...

6AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53286

A flaw was found in the Linux kernel. Specifically, a double free and use-after-free vulnerability exists in the idpf driver's auxiliary device error paths. This flaw occurs when auxiliarydeviceadd fails, leading to improper memory handling where memory is freed twice or accessed after being free...

5.5CVSS6AI score0.00169EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53291

A flaw was found in the Advanced Linux Sound Architecture ALSA hda/conexant driver within the Linux kernel. A missing error check for the sndhdajackdetectenablecallback function's return value in cxprobe can lead to a kernel crash. If the registration of the jack detection callback fails, the...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53284

A flaw was found in the Linux kernel's Btrfs filesystem. A local user performing specific filesystem operations could trigger an error during the writing of dirty extent buffers. This improper handling of the dirty pages I/O tree can prevent unsubmitted records from being cleaned up, leading to...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53300

A flaw was found in the Linux kernel's enetc network driver. This issue arises when the netcxmitntmpcmd function times out and returns an error, causing a DMA Direct Memory Access buffer to be prematurely freed. Subsequently, the hardware may write to the physical address of this freed buffer,...

7.8CVSS5.9AI score0.00124EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-55603

A flaw was found in http-proxy-middleware. A remote attacker could exploit a vulnerability in the fixRequestBody function, which is used to re-emit a request body. By injecting carriage return and line feed characters \r\n into a request body key or value, an attacker can bypass security policies...

7.5CVSS5.8AI score0.00243EPSS
Exploits1References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53311

A flaw was found in the FUSE Filesystem in Userspace subsystem of the Linux kernel. An uninitialized value vulnerability exists in the fusedentryrevalidate function, where it may be called with a dentry that has an uninitialized dtime field. This can lead to unpredictable system behavior or a...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53320

A flaw was found in the Linux kernel's nilfs2 filesystem. A local attacker could exploit this vulnerability by sending a specially crafted input/output control ioctl request to the nilfsioctlmarkblocksdirty function. By providing a zero block number, the attacker can bypass a critical dead block...

5.7AI score0.00173EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-57434

A flaw was found in Nokogiri, an open source XML and HTML library for the Ruby programming language. A remote attacker could exploit this vulnerability by calling specific methods on allocated-but-uninitialized native wrapper classes that inherit from Nokogiri::XML::Node. This could lead to a NUL...

7.5CVSS5.8AI score0.00357EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-57436

A flaw was found in Nokogiri, an open-source library used for processing XML and HTML documents. This vulnerability occurs due to insufficient validation when setting the document's root element, allowing a malicious document to trigger a memory error. This can lead to a heap use-after-free,...

6.3CVSS5.9AI score0.00312EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-13606

A flaw was found in GraphicsMagick's Photo CD PCD decoder. A remote attacker could exploit this vulnerability by providing a specially crafted PCD file. This could lead to an out-of-bounds write, corrupting memory and potentially causing a denial of service or other unpredictable system behavior...

8.1CVSS5.7AI score
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-57235

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This vulnerability allows an attacker to trigger an out-of-bounds read by providing a specially crafted large negative index to certain methods. This can lead to a denial of service DoS by crashing the application on CRuby, or by...

8.2CVSS5.8AI score0.00331EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-57435

A flaw was found in Nokogiri, an XML and HTML library for Ruby. This use-after-free vulnerability occurs when replacing the value of an XML attribute. If a Ruby wrapper already points to the attribute's child node, the underlying native child node can be freed while the wrapper remains accessible...

7.5CVSS5.7AI score0.00357EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53309

A flaw was found in the Linux kernel's OCFS2 Distributed Lock Manager DLM component. An off-by-one error in the dlmmatchregions function's region comparison loop causes it to read beyond the valid memory range of qrregions. This out-of-bounds read could lead to system instability or crashes...

9.8CVSS5.8AI score0.00404EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53307

A flaw was found in the Linux kernel. The pinctrl: pinconf-generic subsystem does not properly validate the 'pinmux' property. An attacker could provide an empty 'pinmux' property, which would cause the system to crash due to invalid memory access. This could lead to a denial of service...

5.8AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53295

A flaw was found in the Linux kernel's mailbox component. This vulnerability arises from an insufficient sanity check for the channel array. When a mailbox controller is initialized without an attached channel array, a subsequent operation can lead to a null pointer dereference, causing a kernel...

5.5CVSS5.7AI score0.00177EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53303

A flaw was found in the Linux kernel's f2fs filesystem. This vulnerability allows for potential out-of-bounds memory access or the display of stale data. It occurs because the extensionlist and related counts are read without proper synchronization, enabling a concurrent system file system sysfs...

5.8AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•7 views

CVE-2026-53319

A flaw was found in the Linux kernel's block writeback throttling blk-wbt component. The wbtinitenabledefault function used a warning mechanism WARNONONCE for expected failure paths during memory allocation or if writeback throttling was already registered. This could lead to spurious warnings, b...

5.8AI score0.00145EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53292

A flaw was found in the Linux kernel's phonet networking subsystem. A local user could trigger a kernel panic by sending a specially crafted message, leading to a denial of service. This occurs because the pnsocketautobind function incorrectly assumes a socket is already bound when pnsocketbind...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53304

A flaw was found in the Linux kernel's SCSI generic sg module. A local user could bypass the intended size restrictions for the defreservedsize module parameter. By setting this parameter to an invalid value and then attempting to open a SCSI generic device, the system can experience a soft locku...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53294

A flaw was found in the Linux kernel's mailbox subsystem. This vulnerability occurs when the receive RX channel is aliased to the transmit TX channel with a different Memory-Mapped I/O MMIO and is not properly handled during the freeing of channels. This can lead to a double-free condition, which...

5.5CVSS5.7AI score0.00177EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53282

A flaw was found in the Linux kernel's kexec functionality, specifically within the purgatory code used by kexec-tools. This vulnerability occurs when the purgatory code attempts to locate a return address on the stack during a non-kjump kexec operation, but the address is not present. This can...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53310

A flaw was found in the Linux kernel. This vulnerability occurs in the soc/tegra: cbb component when a fabric receives an error interrupt, causing the system to use an incorrect memory address during a target timeout lookup. This can lead to a kernel page fault, potentially resulting in a denial ...

5.5CVSS5.7AI score0.00154EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53297

A flaw was found in the Linux kernel's mana network driver. This vulnerability occurs when the manaremove function is invoked a second time without proper checks after a power management PM resume failure and subsequent driver unbinding. A local attacker could exploit this double invocation to...

5.5CVSS5.8AI score0.00166EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-57964

A flaw was found in spice-vdagent. On macOS and BSD platforms, an unprivileged local user can bypass authentication by connecting to the Unix Domain Socket Client/Server UDSCS socket. This allows the unauthorized user to receive host-to-guest messages, including clipboard data and file transfers,...

5.3CVSS5.8AI score
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-57966

A path traversal vulnerability was found in spice-vdagent. This flaw allows a malicious or compromised SPICE host to write arbitrary files to any location on the guest operating system. This occurs because the filename provided by the SPICE host during file transfers is not properly sanitized...

4.4CVSS5.9AI score0.00137EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-57965

A flaw was found in spice-vdagent. A malicious or compromised SPICE host can trigger an integer overflow by sending a specially crafted message. This vulnerability can lead to a heap buffer overflow, causing the spice-vdagent daemon to crash and resulting in a Denial of Service DoS for the virtua...

5.1CVSS5.9AI score0.00123EPSS
Exploits0References3
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53280

A flaw was found in the Linux kernel's Input-Output Memory Management Unit IOMMU component. This vulnerability occurs when a default IOMMU domain fails to allocate during the initial probe, leading to a NULL pointer dereference. This can cause a system crash, resulting in a Denial of Service DoS...

5.5CVSS5.8AI score0.00155EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-53279

A flaw was found in the Linux kernel's drm/gma500/oaktraillvds component. This issue occurs during the initialization of the Low-Voltage Differential Signaling LVDS display interface. Due to improper error handling, the system may attempt to deregister an I2C adapter that is still in use, causing...

5.5CVSS5.7AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-53325

A flaw was found in the Linux kernel's AMD64 AGP Accelerated Graphics Port driver. This vulnerability occurs in virtualized environments lacking a physical AMD northbridge. Due to incorrect error handling, the driver attempts to initialize without the required hardware, leading to a NULL pointer...

5.5CVSS5.8AI score0.00175EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-41696

A flaw was found in Spring Data MongoDB. Repository query methods that use regular expression regex parameter binding perform insufficient validation of the bound parameter. A remote attacker can exploit this by supplying a crafted string, which could lead to breaking out of the intended regular...

5.9CVSS5.8AI score0.00262EPSS
Exploits0References4
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13023

An uninitialized use flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517080836...

5.3CVSS5.7AI score0.00186EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13031

An use after free flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523308824...

8.8CVSS5.7AI score0.00233EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•4 views

CVE-2026-13038

An use after free flaw was found in the Autofill component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523740781...

8.8CVSS5.7AI score0.0026EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13025

An insufficient validation of untrusted input flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518043569...

8.3CVSS5.7AI score0.00184EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•4 views

CVE-2026-13024

An insufficient validation of untrusted input flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517148260...

5.8CVSS5.7AI score0.00146EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13033

An out of bounds read flaw was found in the BlinkInterestGroups component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523677844...

8.8CVSS5.7AI score0.0026EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•4 views

CVE-2026-13032

An use after free flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=523591974...

9.6CVSS5.7AI score0.00217EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•4 views

CVE-2026-13026

An use after free flaw was found in the Digital Credentials component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519728279...

8.8CVSS5.7AI score0.00195EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13027

An use after free flaw was found in the FileSystem component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520543781...

8.8CVSS5.7AI score0.00195EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13283

An use after free flaw was found in the AdFilter component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=522561151...

9.6CVSS5.7AI score0.00229EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•6 views

CVE-2026-13281

An integer overflow flaw was found in the Mojo component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513138301...

8.7CVSS5.8AI score0.00177EPSS
Exploits0References5
RedhatCVE
RedhatCVE
•added 4 days ago•5 views

CVE-2026-13282

An use after free flaw was found in the Payments component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517522620...

6.8CVSS5.7AI score0.00115EPSS
Exploits0References5
Total number of security vulnerabilities206286