Ctrl + K
/ news / CVE
CVEPublished 2026-06-09Modified 2026-06-141 article on news5 live referencesNVD data

CVE-2026-46332

Vulnerability data via NVD (ingested)

CVSS v3.1
8.0
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS percentile
6
Exploit Prediction Scoring System · top 94% of all CVEs
Description

In the Linux kernel, the following vulnerability has been resolved: greybus: gb-beagleplay: bound bootloader receive buffering cc1352_bootloader_rx() appends each serdev chunk into the fixed rx_buffer before parsing bootloader packets. The helper can keep leftover bytes between callbacks and may receive multiple packets in one callback, so a single count value is not constrained by one packet length. Check that the incoming chunk fits in the remaining receive buffer space before memcpy(). If it does not, drop the staged data and consume the bytes instead of overflowing rx_buffer.

Timeline
Published 2026-06-09
Modified 2026-06-14

External references

NVDMITREExploit-DBSploitusVulnCheck

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

Shodan · vuln tag0 hosts
vuln:CVE-2026-46332
Hosts Shodan has explicitly fingerprinted as vulnerable.
More intel sources (5)
Shodan report
vuln:CVE-2026-46332
Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2026-46332
Censys host search filtered to this CVE id.
grep.app
CVE-2026-46332
Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2026-46332
GitHub code search for direct mentions.
Google dork
"CVE-2026-46332" exploit -site:nvd.nist.gov
Write-ups and news, NVD excluded.

Known PoCs on GitHub

No public proof-of-concept repositories found for CVE-2026-46332 on GitHub.
Articles on news mentioning CVE-2026-46332