CVE-2026-43493
CRITICAL
Published May 19, 2026
Modified May 20, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that value and filtering out EINPROGRESS notifications.
CVSS v3.1 Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS — Exploit Prediction
0.0006
Probability of exploitation
0.19%
Percentile rank
EPSS estimates the probability that this vulnerability will be exploited in the wild within the next 30 days. A higher score means more likely to be exploited.
References
Other References
https://git.kernel.org/stable/c/46271895ddfb1ba41f89f7e0dffbe9c2bcf7380a
https://git.kernel.org/stable/c/77d55bc8675ee851ed639dc9be77325a8024cf67
https://git.kernel.org/stable/c/915b692e6cb723aac658c25eb82c58fd81235110
https://git.kernel.org/stable/c/9f1cbca178c03188e201ed175251372149bb25f2
https://git.kernel.org/stable/c/eb34e243df57e32f4c08fa191f3602ea19076276
Frequently Asked Questions
What is CVE-2026-43493? +
In the Linux kernel, the following vulnerability has been resolved:
crypto: pcrypt - Fix handling of MAY_BACKLOG requests
MAY_BACKLOG requests can return EBUSY. Handle them by checking
for that value and filtering out EINPROGRESS notifications. It has a CVSS v3.1 base score of 9.8 (CRITICAL).
How severe is CVE-2026-43493? +
CVE-2026-43493 has a CVSS v3.1 score of 9.8 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately. The EPSS score is 0.0006, placing it in the 0th percentile for exploitation probability.
How do I check if I'm vulnerable to CVE-2026-43493? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.