CVE-2026-46012

Name: CVE-2026-46012 — Vulnerability Record
Brand: Quanteta Data Lab
SKU: CVE-2026-46012

MEDIUM

CVSS v3.1: 5.5 · EPSS: 0.0017 (6.4 percentile)

No user interactionMemory Leak

Source data as of: 2026-06-17 05:00:11 UTC

At a glance

Severity: MEDIUM
CVSS: 5.5 v3.1 · NVD
EPSS: 0.0017 (6.4 percentile) · FIRST.org
CISA KEV: No
Type: Memory Leak · NVD CWE
Attack conditions (CVSS vector): No user interaction · Source: NVD Vector
Affected vendors: linux
Published: 2026-05-27 · Modified: 2026-06-16
References: Jump to references (5)

CVSS / EPSS / KEV

CVSS v3.1 5.5 / 10 MEDIUM Source: NVD

EPSS 0.0017 6.4 percentile Source: FIRST.org

CISA KEV No Source: CISA

Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix memory leaks in rxkad_verify_response() Fix rxkad_verify_response() to free the ticket and the server key under all circumstances by initialising the ticket pointer to NULL and then making all paths through the function after the first allocation has been done go through a single common epilogue that just releases everything - where all the releases skip on a NULL pointer.

Record details

CVE ID: CVE-2026-46012
CVSS (v3.1): 5.5 (MEDIUM)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability subscore: 1.8
Impact subscore: 3.6
EPSS: 0.0017 (6.4 percentile) — 2026-06-17
CISA KEV: No
Weakness (CWE): CWE-401
Affected vendors: linux
Affected configurations (CPE): 4
Published: 2026-05-27
Modified: 2026-06-16
Status: Analyzed

References

Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.

← Back to all records

CVE-2026-46012

At a glance

CVSS / EPSS / KEV

Description

Record details

References

Related records

Same affected vendor

Same weakness type (CWE)

Published the same year