Ctrl + K
/ news / CVE
CVEPublished 2026-04-25Modified 2026-05-061 article on news6 live referencesNVD data

CVE-2026-31682Linux · Linux_kernel

Vulnerability data via NVD (ingested)

CVSS v3.1
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS percentile
25
Exploit Prediction Scoring System · top 75% of all CVEs
Description

In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] and assumes that these options are in the linear part of request. Its callers only guarantee that the ICMPv6 header and target address are available, so the option area can still be non-linear. Parsing ns->opt[] in that case can access data past the linear buffer. Linearize request before option parsing and derive ns from the linear network header.

Timeline
Published 2026-04-25
Modified 2026-05-06

External references

NVDMITREExploit-DBGitHub PoCSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-31682
Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · OS
os:"Linux Kernel"
Hosts Shodan identified as running Linux Kernel.
More intel sources (5)
Shodan report
vuln:CVE-2026-31682
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-31682
Censys host search filtered to this CVE id.
grep.app
CVE-2026-31682
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-31682
GitHub code search for direct mentions.
Google dork
"CVE-2026-31682" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub

No public proof-of-concept repositories found for CVE-2026-31682 on GitHub.
Articles on news mentioning CVE-2026-31682