COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-31431

CVE-2026-31431

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2026-05-01
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-31431
⌖ exploited in the wild shame 45/100 exploited-in-wildunpatchedprivilege-escalation

Linux kernel vulnerability CVE-2026-31431 enables privilege escalation via incorrect resource transfer between spheres.

This unpatched kernel flaw allows privilege escalation, posing a critical risk to DIB systems relying on Linux for security controls. Organizations must patch immediately to prevent unauthorized access to sensitive data and maintain NIST 800-171 compliance.

Shame score — A known kernel vulnerability that poses significant risk but lacks the negligence or avoidability of a supply-chain breach or default credential failure.

Players implicated

linux · vendorKernel · product

Description

Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.