CVE-2026-43134
High
Published: 06 May 2026
Published
06 May 2026
Modified
12 May 2026
KEV Added
—
Patch
—
CVSS Score v3.1
8.1
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
EPSS Score
0.0018
7.4th percentile
Summary
CVE-2026-43134 is a high-severity an unspecified weakness vulnerability in Linux Linux Kernel. Its CVSS base score is 8.1 (High).
Operationally, ranked at the 7.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-27694
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ This adds a check for encryption key size upon receiving L2CAP_LE_CONN_REQ which is required by L2CAP/LE/CFC/BV-15-C which expects L2CAP_CR_LE_BAD_KEY_SIZE.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Insufficient information to map techniques.Confidence: LOW · MITRE ATT&CK Enterprise v19.0
Affected Assets
linux
linux kernel
7.0 · 3.14 — 5.10.252 · 5.11 — 5.15.202 · 5.16 — 6.1.165
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.