{"@context":"https://openvex.dev/ns/v0.2.0","@id":"https://database.harborguard.co/cve/CVE-2026-46288/vex.json","author":"HarborGuard Database","role":"Document Creator","timestamp":"2026-06-14T04:30:00.153Z","version":1,"tooling":"HarborGuard Database (https://database.harborguard.co)","statements":[{"vulnerability":{"name":"CVE-2026-46288","@id":"https://www.cve.org/CVERecord?id=CVE-2026-46288","description":"In the Linux kernel, the following vulnerability has been resolved:\n\nof: unittest: fix use-after-free in of_unittest_changeset()\n\nThe variable 'parent' is assigned the value of 'nchangeset' earlier in the\nfunction, meaning both point to the same struct device_node. The call to\nof_node_put(nchangeset) can decrement the reference count to zero and\nfree the node if there are no other holders. After that, the code still\nuses 'parent' to check for the presence of a property and to read a\nstring prope"},"products":[{"@id":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*"}},{"@id":"cpe:2.3:a:linux:linux:6.12:*:*:*:*:*:*:*","identifiers":{"cpe23":"cpe:2.3:a:linux:linux:6.12:*:*:*:*:*:*:*"}}],"status":"affected","action_statement":"Update to a fixed version: 0, 37318d1a27c9cc5a70d3cd7e49e30ec86f2b8ca1, 6.12.86, 6.18.27, 6fdad20b7975bdc32e85b45f8f7c640f6687b81f, 7.0.4, 7.1-rc1, 7f0f0926f3010b10cff5e93446258f971e42f2fd, faecdd423c27f0d6090156a435ba9dbbac0eaddb.","timestamp":"2026-06-14T04:30:00.153Z"}]}