Skip to main content
Regulatory Triage ICT Providers

AMD

Hardware & Firmware

Period: 7d 14d 30d 90d
4
Open CVEs
0
Exploited
0
KEV
0
Unpatched
0
No Workaround
1
Internet-facing

Why this provider is risky now

This provider has 4 open CVE(s) in the last 7 days. 1 affect internet-facing services.

1 Internet-facing

Top Risky CVEs

CVE-2026-44210
This Month
VM escape in Kata Containers allows any Kubernetes user with pod-creation rights to break out of the VM sandbox and gain full read/write access to the host filesystem. All Kata Containers installations prior to commit ffa59ce3aa78 are affected when using the default configuration.toml, which enables the `virtio_fs_extra_args` and `kernel_params` pod annotations out of the box. An attacker crafts a pod with two annotations: one to redirect virtiofsd to serve the host root filesystem (`/`) into the guest VM, and a second to enable the agent debug console - after which the entire host filesystem is accessible from inside the supposedly isolated VM. A fully working proof-of-concept with confirmed output against Kata Containers 3.28.0 on Ubuntu 24.04 has been publicly disclosed; no public exploit confirmed as actively exploited (CISA KEV) at time of analysis.
Edge exposure ICT dependency Patched
Why flagged?
CVE-2026-45878
Awaiting Data
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 The address watch clear code receives watch_id as an unsigned v
ICT dependency Patched
Why flagged?
0.0%
EPSS
CVE-2026-46052
Awaiting Data
In the Linux kernel, the following vulnerability has been resolved: ceph: only d_add() negative dentries when they are unhashed Ceph can call d_add(dentry, NULL) on a negative dentry that is already
ICT dependency Patched
Why flagged?
0.0%
EPSS
CVE-2026-46174
Awaiting Data
In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in th
ICT dependency Patched
Why flagged?
0.0%
EPSS

By Exposure

Internet-facing
1
Mgmt / Admin Plane
0
Identity / Auth
0
Internal only
3

By Exploitability

Known exploited
0
Public PoC
0
High EPSS (>30%)
0
Remote unauthenticated
0
Local only
0

By Remediation

Patch available
4
No patch
0
Workaround available
0
No workaround
0

Affected Services / Product Families

Amd
4 CVE(s)
CVE-2026-44210 MEDIUM Patched
CVE-2026-45878 Patched
CVE-2026-46052 Patched
CVE-2026-46174 Patched

Recommended Actions

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy