What is the CVSS score of EUVD-2026-24639?

EUVD-2026-24639 has a CVSS 3.1 base score of 7.8 (High). CVSS vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Linux Kernel are affected by EUVD-2026-24639?

CVE-2026-31431 is a high-severity Linux kernel memory corruption vulnerability in the cryptographic interface that allows authenticated local users to escalate privileges to root.. A patch is available.

Is there a public PoC exploit available for EUVD-2026-24639?

Yes, a public proof-of-concept exploit is available for EUVD-2026-24639. Prioritise patching immediately. EPSS: 0.0%.

Linux Kernel EUVD-2026-24639

| CVE-2026-31431 HIGH

Incorrect Resource Transfer Between Spheres (CWE-669)

2026-04-22 Linux

GHSA-2274-3hgr-wxv6

Information Disclosure Linux

7.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Added to CISA KEV

May 04, 2026 - 18:16 cisa

CISA KEV

CIRCL Exploitation Confirmed

May 04, 2026 - 18:16 circl

CIRCL KEV

PoC Detected

May 04, 2026 - 18:16 vuln.today

Public exploit code

Patch released

May 04, 2026 - 18:16 nvd

Patch available

Added to CISA KEV

May 01, 2026 - 19:02 CISA

Patch released

May 01, 2026 - 06:00 NVD

Analysis Updated

Apr 30, 2026 - 10:12 vuln.today

v6 (cvss_changed)

article_added

Apr 30, 2026 - 10:05 vuln.today

trending_spike

Apr 30, 2026 - 10:05 vuln.today

Started Trending

Apr 30, 2026 - 10:04 vuln.today

14.4

Analysis Updated

Apr 30, 2026 - 09:27 vuln.today

v5 (cvss_changed)

Analysis Updated

Apr 30, 2026 - 08:28 vuln.today

v4 (cvss_changed)

Analysis Updated

Apr 30, 2026 - 06:27 vuln.today

v3 (cvss_changed)

Analysis Updated

Apr 30, 2026 - 01:27 vuln.today

v2 (cvss_changed)

Re-analysis Queued

Apr 29, 2026 - 21:22 vuln.today

cvss_changed

exploit_published

Apr 29, 2026 - 00:00 copy.fail

Analysis Generated

Apr 27, 2026 - 14:24 vuln.today

CVSS changed

Apr 27, 2026 - 14:22 NVD

7.8 (HIGH)

EUVD ID Assigned

Apr 22, 2026 - 08:30 euvd

EUVD-2026-24639

Analysis Generated

Apr 22, 2026 - 08:30 vuln.today

CVE Published

Apr 22, 2026 - 08:15 nvd

HIGH 7.8

DescriptionNVD

In the Linux kernel, the following vulnerability has been resolved:

crypto: algif_aead - Revert to operating out-of-place

This mostly reverts commit 72548b093ee3 except for the copying of the associated data.

There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly.

AnalysisAI

Memory corruption in Linux kernel's algif_aead cryptographic interface allows local authenticated users to achieve arbitrary kernel memory read/write, leading to privilege escalation to root. The vulnerability stems from improper handling of in-place operations introduced in commit 72548b093ee3, affecting kernel versions from 4.14 through 6.19.x. …

RemediationAI

Within 24 hours: Inventory all systems running Linux kernel versions 4.14 through 6.19.x and assess exposure to untrusted local users. Within 7 days: Prioritize patching or upgrading kernels to version 6.20 or later on high-value systems; restrict local user access on systems that cannot be immediately patched. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

More from same product – last 7 days

CVE-2026-47334 MEDIUM This Month

5.5 May 28

Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect

CVE-2026-47335 MEDIUM This Month

5.5 May 28

Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic

CVE-2026-47327 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash th

CVE-2026-47337 LOW Monitor

3.3 May 28

NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local

CVE-2026-45844 Monitor

May 27

In the Linux kernel, the following vulnerability has been resolved: netfilter: arp_tables: fix IEEE1394 ARP payload par

Vendor StatusVendor

EUVD-2026-24639 vulnerability details – vuln.today

Back

Linux Kernel EUVD-2026-24639

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

More from same product – last 7 days

Vendor StatusVendor

Share

External POC / Exploit Code