[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"public-cve-CVE-2026-48914":3,"news-by-cve-CVE-2026-48914-10":67},{"id":4,"state":5,"cvss_severity":6,"in_kev":7,"attack_technique_count":8,"sectors":9,"nvd_cvss_vector":11,"nvd_cvss_severity":6,"has_workaround":7,"attack_techniques":12,"has_attack_graph":20,"assigner_org":21,"assigner_short_name":21,"nvd_cvss_score":22,"tags":23,"remediation_summary":24,"has_nuclei_templates":7,"date_published":25,"cvss_source":26,"has_exploit":7,"has_solution":7,"nuclei_template_count":27,"attack_tactics":28,"references_preview":29,"cvss_version":36,"cvss_score":22,"cvss_vector":11,"kev_ransomware_use":7,"exploit_count":27,"reference_count":37,"sources":38,"title":40,"source_identifier":41,"description":42,"weaknesses":43,"affected_products_preview":46,"date_updated":59,"affected_product_count":60,"vendor_context":61,"has_ai_summary":7},"CVE-2026-48914","PUBLISHED","MEDIUM",false,1,[10],"operating-systems","CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:H",[13],{"technique_name":14,"tactic":15,"tactic_name":16,"url":17,"confidence":18,"technique_id":19},"Exploitation for Privilege Escalation","privilege-escalation","Privilege Escalation","https://attack.mitre.org/techniques/T1068/","high","T1068",true,"",6.7,[],{"has_patch":7,"has_workaround":7},"2026-06-12T09:42:36Z","nvd",0,[16],[30,32,34],{"url":31,"source":26},"https://access.redhat.com/security/cve/CVE-2026-48914",{"source":26,"url":33},"https://bugzilla.redhat.com/show_bug.cgi?id=2488283",{"url":35,"source":26},"https://lore.kernel.org/qemu-devel/20260526154957.1741622-1-stefanha@redhat.com/","3.1",3,[39,26],"cvelist","Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling","53f830b8-0a3f-465b-8143-3b8a9948e749","A flaw was found in QEMU's virtio-blk device. The issue arises because the device does not properly validate the size of input descriptors before writing data. A malicious guest with high privileges could exploit this vulnerability by submitting a malformed virtio-blk SCSI request, leading to an out-of-bounds write in the host heap memory and a potential denial of service (DoS) for the QEMU process.",[44],{"cwe_id":45,"name":21},"CWE-122",[47,48,53,55,57],{"vendor":21,"product":21},{"deployment":49,"vendor":50,"product":51,"sector":10,"subsector":52},"on-prem","Red Hat","Red Hat Enterprise Linux 10","linux-distro",{"vendor":50,"product":54,"sector":10,"subsector":52,"deployment":49},"Red Hat Enterprise Linux 6",{"vendor":50,"product":56,"sector":10,"subsector":52,"deployment":49},"Red Hat Enterprise Linux 7",{"subsector":52,"deployment":49,"vendor":50,"product":58,"sector":10},"Red Hat Enterprise Linux 8","2026-06-12T10:16:22Z",8,[62],{"vendor_type":63,"country":64,"aliases":65,"sector":10,"subsector":52,"vendor":66},"commercial","US",[66],"red hat",{"cve_id":4,"items":68,"total":27},[]]