VDB
CVE-2026-23290
CVE-2026-23290
PUBLISHED
CVSS 5.5 MEDIUM
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: validate USB endpoints The pegasus driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not have the same urbs the driver will crash later on when it blindly accesses these endpoints.
EPSS 0.04% · 12.6th percentile
Risk Scores
CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.04%
12.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux | 7.0, 7.0-rc2, 6.6.130 |
| linux | linux_kernel | 2.6.12, 2.6.12, 2.6.12 |
Exploit Intelligence
- CIRCL seen: CVE-2026-23290 (circl-sighting)
- CIRCL seen: CVE-2026-23290 (circl-sighting)
- CIRCL seen: CVE-2026-23290 (circl-sighting)
- https://git.kernel.org/stable/c/d5d9086211877361f1bda44a0aec538ddb04042a (circl)
- https://git.kernel.org/stable/c/af7369ae572f53cb701731a4289ec3b3889bc501 (circl)
- https://git.kernel.org/stable/c/43d7c4114b1ec14f41f09306525d3b9382286fc1 (circl)
- https://git.kernel.org/stable/c/7f8505c7ce3f186ef9d2495f3c0bd6ad6fce999f (circl)
- https://git.kernel.org/stable/c/95556b4e879711693c9865ba0938c148f62d5ea4 (circl)
- https://git.kernel.org/stable/c/c3f1672eaea68c5cb6e1ec081cdb92045453218f (circl)
- https://git.kernel.org/stable/c/ee31ec8cf1eafeefa85ef934ba688d27f88bf0e2 (circl)
…and 16 more exploits
Timeline
- Mar 25, 2026 EPSS Score
- Mar 25, 2026 Coalition ESS Score
- Mar 25, 2026 CVE Published
- Mar 29, 2026 Security Advisory
- Mar 29, 2026 PoC Published
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
- Mar 31, 2026 Security Advisory
References
- https://git.kernel.org/stable/c/43d7c4114b1ec14f41f09306525d3b9382286fc1 url
- https://git.kernel.org/stable/c/7f8505c7ce3f186ef9d2495f3c0bd6ad6fce999f url
- https://git.kernel.org/stable/c/95556b4e879711693c9865ba0938c148f62d5ea4 url
- https://git.kernel.org/stable/c/c3f1672eaea68c5cb6e1ec081cdb92045453218f url
- https://git.kernel.org/stable/c/ee31ec8cf1eafeefa85ef934ba688d27f88bf0e2 url
- https://git.kernel.org/stable/c/11de1d3ae5565ed22ef1f89d73d8f2d00322c699 url
- https://nvd.nist.gov/vuln/detail/CVE-2026-23290 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32748 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-4438 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23347 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23268 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23392 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23319 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23253 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23296 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23364 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23368 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27654 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-30922 advisory
- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23286 advisory
…and 159 more