CVE-2026-29647 - OpenXiangShan NEMU Smstateen Permission Enforcement Vulnerability (Information Disclosure/Privilege Escalation)
CVE ID :CVE-2026-29647 Published : April 20, 2026, 9:16 p.m. | 1 hour, 5 minutes ago Description :In OpenXiangShan NEMU, insufficient Smstateen permission enforcement allows lower-privileged code to access IMSIC state via stopei/vstopei CSRs even when mstateen0.IMSIC is cleared, potentially en
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Google-linked OAuth breach exposed Vercel customer data
- [CYBER] iOS Exploit Kits with Identical Signatures in Active Use
- [CYBER] Vibe coding upstart Lovable denies data leak, cites 'intentional behavior,' then throws HackerOne under the bus
- [CYBER] CVE-2026-35570 - OpenClaude has Sandbox Bypass via Early-Exit Logic Flaw that Allows Path Traversal
- [CYBER] CVE-2026-35588 - Glances has CQL Injection in its Cassandra Export Module via Unsanitized Config Values
- [CYBER] CVE-2026-35587 - Glances IP Plugin has SSRF via public_api that leads to credential leakage