What is CVE-2026-46040?

CVE-2026-46040 is a unscored severity Linux kernel vulnerability, affecting Linux kernel versions from 4.11 onward and patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-46040 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

What is the CVSS score for CVE-2026-46040?

CVE-2026-46040 has a CVSS score of pending NVD analysis out of 10, rated awaiting scoring severity.

Is there a patch available for CVE-2026-46040?

Yes, CVE-2026-46040 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.11 or later up to the fix versions, apply the relevant patch for your kernel branch.

Is CVE-2026-46040 actively exploited?

CVE-2026-46040 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotify_add_inode_mark_locked() fails When fsnotify_add_inode_mark_locked() fails in inotify_new_watch(), the error path calls inotify_remove_from_idr() but does not call dec_inotify_watches() to undo the preceding inc_inotify_watches(). This leaks a watch count, and repeated failures can exhaust the max_user_watches limit with -ENOSPC even when no watches are active. Prior to commit 1cce1eea0aff ("inotify: Convert to using per-namespace limits"), the watch count was incremented after fsnotify_add_mark_locked() succeeded, so this path was not affected. The conversion moved inc_inotify_watches() before the mark insertion without adding the corresponding rollback. Add the missing dec_inotify_watches() call in the error path.

Package Linux Kernel

Published 2026-05-27

Last modified 2026-06-01

Patch available

Yes

Affected versions

Linux kernel versions 4.11 and later are affected. Fixed in 5.10.258, 5.15.209, 6.1.175, 6.6.140, 6.12.86, 6.18.27, 7.0.4, 7.1-rc1 and their respective stable series.

Affected from

≥ 4.11

Fixed in

✓ 5.10.258 5.10.x ✓ 5.15.209 5.15.x ✓ 6.1.175 6.1.x ✓ 6.6.140 6.6.x ✓ 6.12.86 6.12.x ✓ 6.18.27 6.18.x ✓ 7.0.4 7.0.x ✓ 7.1-rc1

References

The following references provide additional information about CVE-2026-46040 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

Kernel patch commit
https://git.kernel.org/stable/c/10edf7e0ffdc7faa18e2244b17722c1b882b8273
Patch
Kernel patch commit
https://git.kernel.org/stable/c/3ab58cf42c46bf2366d2f55ae5c59299d5e178b7
Patch
Kernel patch commit
https://git.kernel.org/stable/c/3ad9ccea1b25435f6179b57aa891960beb7ce8f9
Patch

8 patch commits total View all on NVD

Frequently asked questions

What is CVE-2026-46040?

CVE-2026-46040 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 4.11 onward and has been patched in 5.10.258, 5.15.209, 6.1.175 and others. CVE-2026-46040 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.
Is there a patch available for CVE-2026-46040?

Yes — CVE-2026-46040 has been patched. Fixed versions include 5.10.258, 5.15.209, 6.1.175 and others. If you are running Linux kernel 4.11 or later up to the fix versions, apply the relevant patch for your kernel branch.
Is CVE-2026-46040 actively exploited?

No — CVE-2026-46040 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.