CVE-2026-46203
HighUpdated
Published: 28 May 2026
Published
28 May 2026
Modified
10 June 2026
KEV Added
—
Patch
—
CVSS Score v3.1
7.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
0.0012
2.3th percentile
Risk Priority
14
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2026-46203 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Linux Linux Kernel. Its CVSS base score is 7.1 (High).
Operationally, ranked at the 2.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-32830
Vulnerability details
In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: fix unclocked access on unbind Make sure that the controller is runtime resumed before disabling it during driver unbind to avoid an unclocked register access. This issue was…
more
flagged by Sashiko when reviewing a controller deregistration fix.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Insufficient information to map techniques.Confidence: LOW · MITRE ATT&CK Enterprise v18.1
Affected Assets
linux
linux kernel
7.1 · 6.7 — 7.0.9
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.