CVE-2026-0438

Updated May 15, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-0438

AIGC Shenlong Model
NVD (National Vulnerability Database)

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A System Management Mode (SMM) handler could perform a callout to code located in non-SMM/untrusted memory. A highly privileged attacker could, with active user interaction and under high complexity and present preconditions, trigger execution of attacker-controlled code in SMM, potentially compromising the system’s confidentiality, integrity, and availability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

不使用连接池访问数据资源

Source: NVD (National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
AMD	AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ 7045 Series Mobile Processors with Radeon™ Graphics	DragonRangeFL1PI 1.0.0.3k	-
AMD	AMD Ryzen™ 7000 Series Desktop Processors	ComboAM5PI 1.0.0.d	-
AMD	AMD Ryzen™ 9000HX Series Processors	FireRangeFL1PI 1.0.0.0d	-
AMD	AMD Ryzen™ AI 300 Series Processors	StrixKrackanPI-FP8_1.1.0.0e	-
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	StormPeakPI-SP6 1.0.0.1m	-
AMD	AMD Ryzen™ 7000 Series Desktop Processors	ComboAM5PI 1.1.0.3f	-
AMD	AMD Ryzen™ 7000 Series Desktop Processors	ComboAM5PI_1.2.0.3i	-
AMD	AMD Ryzen™ 8000 Series Desktop Processors	ComboAM5PI 1.1.0.3f	-
AMD	AMD Ryzen™ 8000 Series Desktop Processors	ComboAM5PI_1.2.0.3i	-
AMD	AMD Ryzen™ 9000 Series Desktop Processors	ComboAM5PI_1.2.0.3i	-
AMD	AMD Ryzen™ 8040 Series Mobile Processors with Radeon™ Graphics	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ AI Max 300 Series Processors	StrixHaloPI-FP11_1.0.0.2a	-
AMD	AMD Ryzen™ Z1 Series Processors	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ Z1 Series Processors	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ Z2 Series Processors Extreme	StrixKrackanPI-FP8_1.1.0.2d	-
AMD	AMD Ryzen™ Z2 Series Processors	PhoenixPI-FP8-FP7_1.2.0.0f	-
AMD	AMD Ryzen™ Threadripper™ PRO 7000 WX-Series Processors	ShimadaPeakPI-SP6 1.0.0.1c	-
AMD	AMD Ryzen™ Threadripper™ 7000 Processors	ShimadaPeakPI-SP6 1.0.0.1c	-
AMD	Not public	StrixKrackanPI-FP8_1.1.0.2d	-
AMD	AMD Ryzen™ Threadripper™ 9000 Processors	ShimadaPeakPI-SP6 1.0.0.1c	-
AMD	AMD Ryzen™ Threadripper™ PRO 9000 WX-Series Processors	ShimadaPeakPI-SP6 1.0.0.1c	-
AMD	AMD Ryzen™ 7000 Series Desktop Processors (formerly codenamed "Raphael")	ComboAM5PI_1.3.0.0	-
AMD	AMD Ryzen™ 8000 Series Desktop Processors (formerly codenamed "Phoenix")	ComboAM5PI_1.3.0.0	-
AMD	AMD Ryzen™ 9000 Series Desktop Processors (formerly codenamed "Granite Ridge")	ComboAM5PI_1.3.0.0	-
AMD	AMD Ryzen™ Embedded 9000 Series Processors	EmbeddedAM5PI 1.0.0.5	-
AMD	AMD Ryzen™ Embedded 8000 Series Processors	EmbeddedPhoenixPI-FP7r2_1.0.0.4	-
AMD	AMD Ryzen™ Embedded 7000 Series Processors	EmbeddedAM5PI 1.0.0.5	-
AMD	AMD EPYC™ 4004 Series Processors	ComboAM5PI 1.0.0.d / ComboAM5PI 1.1.0.3f / ComboAM5PI_1.2.0.3i	-
AMD	AMD EPYC™ 4005 Series Processors	ComboAM5PI_1.2.0.3i	-

II. Public POCs for CVE-2026-0438

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-0438

请登录查看更多情报信息。

Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total

CVE-2025-48513		AMD PMF未初始化资源漏洞
CVE-2021-26380		Trusted OS驱动内存越界致完整性丢失
CVE-2025-0040		NXP JTAG-AXI访问控制漏洞
CVE-2024-21962		AMD RAID驱动输入验证缺陷致提权与代码执行
CVE-2025-29935		AMD PMF越界写入漏洞（影响代码执行）
CVE-2025-29944		AMD Sensor Fusion Hub 驱动缓冲区溢出致系统崩溃
CVE-2025-29938		AMD PMF 版本未指定：未检查返回值致任意代码执行
CVE-2025-29937		AMD PMF越界读取漏洞
CVE-2025-0028		AMD PMF框架越界读写漏洞
CVE-2025-29936		AMD平台管理框架输入验证缺陷导致权限提升
CVE-2022-23826		Graphics TOCTOU漏洞可致完整性破坏
CVE-2025-52540		AMD PMF驱动越界写入致提权
CVE-2025-48520		AMD平台管理框架驱动越界读取漏洞
CVE-2025-48519		AMD PMF驱动越界读写致提权漏洞
CVE-2025-0045		AMD Secure Processor驱动输入验证漏洞致拒绝服务
CVE-2026-0432		AMD芯片组驱动权限错误致提权
CVE-2025-48521		ASP PCI驱动Use-After-Free漏洞致平台完整性丧失
CVE-2025-48512		AMD GPIO控制器权限配置错误致提权
CVE-2024-36345		AMD OverDrive SMM模块越界读取漏洞
CVE-2023-31309		Power Management Firmware多版本信息泄露与可用性受损漏洞

Showing top 20 of 39 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: AMD Ryzen™ 7040 Series Mobile Processors with Radeon™ Graphics

Same vendor: AMD

V. Comments for CVE-2026-0438

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-0438

I. Basic Information for CVE-2026-0438

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-0438

III. Intelligence Information for CVE-2026-0438

Same Patch Batch · AMD · 2026-05-15 · 39 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-0438

Leave a comment