CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-46295
Medium

In the Linux kernel, a race condition in KVM x86's posted interrupt handling can cause the highest pending interrupt to be incorrectly reported. This occurs when the sender's atomic operations (setting PIR and PID.ON) interleave with the receiver's sync, leading to a spurious warning and unnecessary L2 VM-Enter/VM-Exit cycles.

CVE-2026-46292
Medium

In the Linux kernel, a vulnerability in the PM Domain (genpd) subsystem was found. The missing pm_runtime_disable() call when detaching virtual devices leaves runtime PM enabled, potentially causing critical errors like NULL pointer dereference.

CVE-2026-46291
Medium

In the Linux kernel, the CAAM cryptographic driver leaks HMAC key bytes via hex dumps in hash_digest_key(). Using print_hex_dump() instead of print_hex_dump_devel() exposes sensitive key material at runtime when CONFIG_DYNAMIC_DEBUG is enabled.

CVE-2026-46290
Medium

A vulnerability in the Linux kernel's EFI page fault handling was introduced by FPU changes (commit d02198550423). kernel_fpu_begin() now disables softirqs via local_bh_disable(), causing in_interrupt() to return true during EFI runtime calls. This makes efi_crash_gracefully_on_page_fault() always bail out, turning firmware page faults into a kernel panic and system freeze instead of graceful recovery.

CVE-2026-46287
Medium

In the txgbe driver for copper NICs with external PHY, a missing RTNL lock during PHY disconnection on module removal triggers an RTNL assertion warning in phylink_disconnect_phy().

CVE-2026-46286
Medium

In the qcom-lpg LED driver in the Linux kernel, array bounds checking was missing when selecting high resolution values. The FIELD_GET() macro extracted a 3-bit register value, but the array had only 5 entries, potentially causing out-of-bounds read.

CVE-2026-46284
Medium

In the Linux kernel, a vulnerability causes a system crash during early boot when kernel command-line parameters (hugepages, hugepagesz, default_hugepagesz) are specified without the '=' separator. The hugetlb_add_param() function calls strlen() on a NULL value, leading to a pointer dereference and crash.

CVE-2026-46283
Medium

In the Linux kernel TPM driver, a vulnerability was found where tpm_dev_release() uses plain kfree() instead of kfree_sensitive() to free the auth session structure. This leaves sensitive cryptographic material such as HMAC session keys, nonces, and passphrase data in non-zeroed memory.

CVE-2026-46282
Medium

In the Linux kernel, the admv1013 frequency driver has a NULL pointer dereference vulnerability. When device_property_read_string() fails, the str variable remains uninitialized, and the code proceeds to strcmp(str, ...), dereferencing garbage memory.

CVE-2026-46278
Medium

In the Linux kernel, a null pointer dereference was found in the Imagination (powervr) DRM driver when updating the ftrace trace mask. This causes a segfault and can lead to system crash.

CVE-2026-46276
Medium

In the Linux kernel amdgpu driver, a bug causes a system crash during initialization of RDNA4 GPUs (e.g., RX 9070 XT). The issue occurs when amdgpu_ttm_init_on_chip() calls ttm_range_man_init() with zero size for absent GDS, GWS, and OA resources, triggering a DRM_MM_BUG_ON assertion and kernel panic. The fix adds an early return when size is zero, skipping TTM resource manager registration for non-existent hardware.

CVE-2026-45581
Medium

In versions from 2.3.1 to before 2.5.10, when deployed in chaincode-as-a-service mode with TLS enabled, the chaincode server logs include the TLS private key password in plaintext. This allows an attacker with access to the logs to recover the password.

CVE-2026-43966
Medium

CVE-2026-43966 describes an improper neutralization of CRLF sequences in HTTP headers in the cowlib library, allowing HTTP response splitting through the injection of non-VCHAR bytes in structured field values.

CVE-2026-39908
Medium

OpenBullet2 through version 0.3.2 on Windows contains a credential disclosure vulnerability that allows remote attackers to capture the NTLMv2 hash of the process user by configuring a job proxy source with a UNC path pointing to an attacker-controlled server.

CVE-2026-11611
Medium

A flaw in 389 Directory Server's Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denial of service. Additional race conditions in plugin thread lifecycle can cause crashes during connection teardown or shutdown.

CVE-2026-11533
Medium

A vulnerability has been detected in the imvks786 student management system affecting an unknown functionality of the file /see.php in the Student Deletion Endpoint component. Manipulation of the argument del leads to improper authorization.

CVE-2026-11532
Medium

A weakness has been identified in the imvks786 student management system affecting an unknown function of the file /add.php of the Student Record Handler component. Executing a manipulation can lead to improper access controls.

CVE-2026-46443
Medium

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, when credentials are fetched with a credentialName filter parameter, the encryptedData field is not stripped from the response, potentially leading to the exposure of sensitive data.

CVE-2026-44119
Medium

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.

CVE-2026-43951
Medium

CVE-2026-43951 describes an out-of-bounds read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. It affects Apache HTTP Server versions from 2.4.0 to 2.4.67.

PreviousPage 160 of 560Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS