[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2026-31786":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-15T22:50:23.791Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":21,"duplicate_of":9,"upstream":22,"downstream":23,"duplicates":38,"related":39,"reserved_at":9,"published_at":43,"modified_at":44,"state":45,"summary":46,"references_raw":55,"kevs":100,"epss":101,"epss_history":104,"metrics":235,"affected":243},"CVE-2026-31786","In the Linux kernel, the following vulnerability has been resolved:\n\nBuffer overflow in drivers/xen/sys-hypervisor.c\n\nThe build id returned by HYPERVISOR_xen_version(XENVER_build_id) is\nneither NUL terminated nor a string.\n\nThe first causes a buffer overflow as sprintf in buildid_show will\nread and copy till it finds a NUL.\n\n00000000  f4 91 51 f4 dd 38 9e 9d  65 47 52 eb 10 71 db 50  |..Q..8..eGR..q.P|\n00000010  b9 a8 01 42 6f 2e 32                              |...Bo.2|\n00000017\n\nSo use a memcpy instead of sprintf to have the correct value:\n\n00000000  f4 91 51 f4 dd 00 9e 9d  65 47 52 eb 10 71 db 50  |..Q.....eGR..q.P|\n00000010  b9 a8 01 42                                       |...B|\n00000014\n\n(the above have a hack to embed a zero inside and check it's\nreturned correctly).\n\nThis is XSA-485 / CVE-2026-31786",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],[],[],[],[24,26,28,30,32,34,36],{"_key":25},"MGASA-2026-0108",{"_key":27},"MGASA-2026-0110",{"_key":29},"OPENSUSE-SU-2026:10703-1",{"_key":31},"ALPINE-CVE-2026-31786",{"_key":33},"RHSA-2026:24381",{"_key":35},"DEBIAN-CVE-2026-31786",{"_key":37},"UBUNTU-CVE-2026-31786",[],[40,41],{"_key":29},{"_key":42},"CGA-M53P-86G8-4P77","2026-04-30T10:31:28.293Z","2026-06-14T17:44:38.198Z","Analyzed",{"cisa_kev":47,"cisa_ransomware":47,"cisa_vendor":9,"epss_severity":48,"epss_score":49,"severity":50,"severity_score":51,"severity_version":52,"severity_source":53,"severity_vector":54,"severity_status":45},false,"low",0.00197,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[56,62,66,70,74,78,82,86,92,96],{"url":57,"sources":58,"tags":60},"https://git.kernel.org/stable/c/e3af585e1728c917682b6a3de9a69b41fb9194d4",[53,59],"nvd",[61],"Patch",{"url":63,"sources":64,"tags":65},"https://git.kernel.org/stable/c/8288d031a01dbacfde3fc643f7be3d23504de64d",[53,59],[61],{"url":67,"sources":68,"tags":69},"https://git.kernel.org/stable/c/f458ba102da97fafca106327086fc95f3fc764cb",[53,59],[61],{"url":71,"sources":72,"tags":73},"https://git.kernel.org/stable/c/4b4defd2fce3f966c25adabf46644a85558f1169",[53,59],[61],{"url":75,"sources":76,"tags":77},"https://git.kernel.org/stable/c/5c5ff7c7bd15bb536f44b10b3fb5b8408f344d0a",[53,59],[61],{"url":79,"sources":80,"tags":81},"https://git.kernel.org/stable/c/d5f59216650c51e5e3fcb7517c825bc8047f60ef",[53,59],[61],{"url":83,"sources":84,"tags":85},"https://git.kernel.org/stable/c/52cecff98bda2c51eed1c6ce9d21c5d6268fb19d",[53,59],[61],{"url":87,"sources":88,"tags":89},"http://www.openwall.com/lists/oss-security/2026/04/28/12",[53,59],[90,91],"Mailing List","Third Party Advisory",{"url":93,"sources":94,"tags":95},"http://xenbits.xen.org/xsa/advisory-485.html",[53,59],[90,91],{"url":97,"sources":98,"tags":99},"https://git.kernel.org/stable/c/27fdbab4221b375de54bf91919798d88520c6e28",[53,59],[61],[],{"date":102,"score":49,"percentile":103},"2026-06-15",0.09524,[105,109,112,115,119,121,124,128,131,134,137,139,142,144,146,149,152,155,157,160,163,166,169,173,176,178,180,182,185,188,191,194,197,200,203,206,208,210,213,216,219,221,224,227,229,231,234],{"date":106,"score":107,"percentile":108},"2026-04-30",0.00078,0.2288,{"date":110,"score":107,"percentile":111},"2026-05-01",0.22884,{"date":113,"score":107,"percentile":114},"2026-05-02",0.22923,{"date":116,"score":117,"percentile":118},"2026-05-03",0.00012,0.01537,{"date":120,"score":117,"percentile":118},"2026-05-04",{"date":122,"score":117,"percentile":123},"2026-05-05",0.01539,{"date":125,"score":126,"percentile":127},"2026-05-06",0.00013,0.02021,{"date":129,"score":126,"percentile":130},"2026-05-07",0.02023,{"date":132,"score":126,"percentile":133},"2026-05-08",0.0203,{"date":135,"score":126,"percentile":136},"2026-05-09",0.02048,{"date":138,"score":126,"percentile":136},"2026-05-10",{"date":140,"score":126,"percentile":141},"2026-05-11",0.02049,{"date":143,"score":126,"percentile":130},"2026-05-12",{"date":145,"score":126,"percentile":133},"2026-05-13",{"date":147,"score":126,"percentile":148},"2026-05-14",0.02028,{"date":150,"score":126,"percentile":151},"2026-05-15",0.02031,{"date":153,"score":126,"percentile":154},"2026-05-16",0.02032,{"date":156,"score":126,"percentile":151},"2026-05-17",{"date":158,"score":126,"percentile":159},"2026-05-18",0.02017,{"date":161,"score":126,"percentile":162},"2026-05-19",0.02007,{"date":164,"score":126,"percentile":165},"2026-05-20",0.02,{"date":167,"score":126,"percentile":168},"2026-05-21",0.01987,{"date":170,"score":171,"percentile":172},"2026-05-22",0.00006,0.00328,{"date":174,"score":171,"percentile":175},"2026-05-23",0.00327,{"date":177,"score":171,"percentile":175},"2026-05-24",{"date":179,"score":171,"percentile":175},"2026-05-25",{"date":181,"score":171,"percentile":175},"2026-05-26",{"date":183,"score":171,"percentile":184},"2026-05-27",0.00334,{"date":186,"score":171,"percentile":187},"2026-05-28",0.00335,{"date":189,"score":171,"percentile":190},"2026-05-29",0.0034,{"date":192,"score":171,"percentile":193},"2026-05-30",0.00345,{"date":195,"score":171,"percentile":196},"2026-05-31",0.00343,{"date":198,"score":171,"percentile":199},"2026-06-01",0.00463,{"date":201,"score":171,"percentile":202},"2026-06-02",0.0047,{"date":204,"score":171,"percentile":205},"2026-06-03",0.00467,{"date":207,"score":171,"percentile":205},"2026-06-04",{"date":209,"score":171,"percentile":202},"2026-06-05",{"date":211,"score":171,"percentile":212},"2026-06-06",0.00472,{"date":214,"score":171,"percentile":215},"2026-06-07",0.00468,{"date":217,"score":171,"percentile":218},"2026-06-08",0.00464,{"date":220,"score":171,"percentile":215},"2026-06-09",{"date":222,"score":171,"percentile":223},"2026-06-10",0.00471,{"date":225,"score":171,"percentile":226},"2026-06-11",0.00473,{"date":228,"score":171,"percentile":202},"2026-06-12",{"date":230,"score":171,"percentile":212},"2026-06-13",{"date":232,"score":171,"percentile":233},"2026-06-14",0.0048,{"date":102,"score":49,"percentile":103},[236,241],{"source":53,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":237,"cvss_v4_0":9},{"baseScore":51,"baseSeverity":238,"vectorString":54,"impactScore":239,"exploitabilityScore":240},"HIGH",9.8,4.6,{"source":59,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":242,"cvss_v4_0":9},{"baseScore":51,"baseSeverity":238,"vectorString":54,"impactScore":239,"exploitabilityScore":240},[244,294],{"ecosystem":9,"name":245,"vendor":246,"product":246,"cpe_part":247,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":248},"Linux","linux","a",[249,256,259,262,265,268,271,274,277,279,281,283,285,287,289,292],{"version":250,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":254,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C e3af585e1728c917682b6a3de9a69b41fb9194d4",true,"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","including","e3af585e1728c917682b6a3de9a69b41fb9194d4","excluding",{"version":257,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":258,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 8288d031a01dbacfde3fc643f7be3d23504de64d","8288d031a01dbacfde3fc643f7be3d23504de64d",{"version":260,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":261,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C f458ba102da97fafca106327086fc95f3fc764cb","f458ba102da97fafca106327086fc95f3fc764cb",{"version":263,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":264,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 4b4defd2fce3f966c25adabf46644a85558f1169","4b4defd2fce3f966c25adabf46644a85558f1169",{"version":266,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":267,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 5c5ff7c7bd15bb536f44b10b3fb5b8408f344d0a","5c5ff7c7bd15bb536f44b10b3fb5b8408f344d0a",{"version":269,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":270,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C d5f59216650c51e5e3fcb7517c825bc8047f60ef","d5f59216650c51e5e3fcb7517c825bc8047f60ef",{"version":272,"is_range":251,"range_type":53,"version_start":252,"version_start_type":253,"version_end":273,"version_end_type":255,"fixed_in":9},">= 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2, \u003C 52cecff98bda2c51eed1c6ce9d21c5d6268fb19d","52cecff98bda2c51eed1c6ce9d21c5d6268fb19d",{"version":275,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":254,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C e3af585e1728c917682b6a3de9a69b41fb9194d4","84b7625728ea311ea35bdaa0eded53c1c56baeaa",{"version":278,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":258,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C 8288d031a01dbacfde3fc643f7be3d23504de64d",{"version":280,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":261,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C f458ba102da97fafca106327086fc95f3fc764cb",{"version":282,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":264,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C 4b4defd2fce3f966c25adabf46644a85558f1169",{"version":284,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":267,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C 5c5ff7c7bd15bb536f44b10b3fb5b8408f344d0a",{"version":286,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":270,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C d5f59216650c51e5e3fcb7517c825bc8047f60ef",{"version":288,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":273,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C 52cecff98bda2c51eed1c6ce9d21c5d6268fb19d",{"version":290,"is_range":251,"range_type":53,"version_start":276,"version_start_type":253,"version_end":291,"version_end_type":255,"fixed_in":9},">= 84b7625728ea311ea35bdaa0eded53c1c56baeaa, \u003C 27fdbab4221b375de54bf91919798d88520c6e28","27fdbab4221b375de54bf91919798d88520c6e28",{"version":293,"is_range":47,"range_type":53,"version_start":293,"version_start_type":253,"version_end":293,"version_end_type":253,"fixed_in":9},"4.13",{"ecosystem":9,"name":295,"vendor":246,"product":296,"cpe_part":297,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":298},"linux kernel","linux_kernel","o",[299,303,307,311,315,319,323,327,329],{"version":300,"is_range":251,"range_type":301,"version_start":293,"version_start_type":253,"version_end":302,"version_end_type":255,"fixed_in":9},"gte4.13_lt5.10.254","cpe","5.10.254",{"version":304,"is_range":251,"range_type":301,"version_start":305,"version_start_type":253,"version_end":306,"version_end_type":255,"fixed_in":9},"gte5.11_lt5.15.204","5.11","5.15.204",{"version":308,"is_range":251,"range_type":301,"version_start":309,"version_start_type":253,"version_end":310,"version_end_type":255,"fixed_in":9},"gte5.16_lt6.1.170","5.16","6.1.170",{"version":312,"is_range":251,"range_type":301,"version_start":313,"version_start_type":253,"version_end":314,"version_end_type":255,"fixed_in":9},"gte6.2_lt6.6.137","6.2","6.6.137",{"version":316,"is_range":251,"range_type":301,"version_start":317,"version_start_type":253,"version_end":318,"version_end_type":255,"fixed_in":9},"gte6.7_lt6.12.85","6.7","6.12.85",{"version":320,"is_range":251,"range_type":301,"version_start":321,"version_start_type":253,"version_end":322,"version_end_type":255,"fixed_in":9},"gte6.13_lt6.18.26","6.13","6.18.26",{"version":324,"is_range":251,"range_type":301,"version_start":325,"version_start_type":253,"version_end":326,"version_end_type":255,"fixed_in":9},"gte6.19_lt7.0.3","6.19","7.0.3",{"version":328,"is_range":47,"range_type":301,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc1",{"version":330,"is_range":47,"range_type":301,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.1:rc2"]