VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221754 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-46173 redhat_vex kernel: exit: prevent preemption of oopsing TASK_DEAD task fixed: 1658 known affected: 36 known not affected: 76 2026-07-14T18:04:39+00:00 Vulnerability · Source
CVE-2026-43414 redhat_vex kernel: scsi: qla2xxx: Completely fix fcport double free fixed: 1224 known affected: 36 known not affected: 76 2026-07-14T18:04:33+00:00 Vulnerability · Source
CVE-2026-43330 redhat_vex kernel: crypto: caam - fix overflow on long hmac keys fixed: 616 known not affected: 198 2026-07-14T18:04:31+00:00 Vulnerability · Source
CVE-2025-68724 redhat_vex kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id fixed: 1930 known affected: 23 known not affected: 42 2026-07-14T18:04:21+00:00 Vulnerability · Source
CVE-2025-38653 redhat_vex kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al fixed: 1503 known affected: 36 known not affected: 76 2026-07-14T18:04:17+00:00 Vulnerability · Source
CVE-2026-46086 redhat_vex kernel: net: bridge: use a stable FDB dst snapshot in RCU readers fixed: 453 known affected: 140 2026-07-14T18:04:13+00:00 Vulnerability · Source
CVE-2026-27143 redhat_vex golang: cmd/compile: possible memory corruption after bound check elimination fixed: 3329 known affected: 5 known not affected: 226 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-27144 redhat_vex golang: cmd/compile: no-op interface conversion bypasses overlap checking fixed: 3333 known affected: 5 known not affected: 222 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-42583 redhat_vex netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder fixed: 5 known affected: 36 known not affected: 87 2026-07-14T17:42:10+00:00 Vulnerability · Source
CVE-2026-24308 redhat_vex Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values fixed: 6 known affected: 7 known not affected: 210 2026-07-14T17:41:40+00:00 Vulnerability · Source
CVE-2026-62643 redhat_vex roundcubemail: Roundcube Webmail: Server-Side Request Forgery via insufficient CSS sanitization known not affected: 1 2026-07-14T17:40:12+00:00 Vulnerability · Source
CVE-2026-44825 redhat_vex solr: Apache Solr: Remote attacker gains administrative access via hardcoded credentials in Basic Authentication setup. known not affected: 2 2026-07-14T17:38:46+00:00 Vulnerability · Source
CVE-2026-52972 redhat_vex kernel: crypto: af_alg - Cap AEAD AD length to 0x80000000 known affected: 232 known not affected: 42 2026-07-14T17:38:42+00:00 Vulnerability · Source
CVE-2026-54433 redhat_vex roundcubemail: Roundcube Webmail: Arbitrary code execution via zero-click cross-site scripting known not affected: 1 2026-07-14T17:38:40+00:00 Vulnerability · Source
CVE-2026-46316 redhat_vex kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry fixed: 1224 known affected: 24 known not affected: 90 2026-07-14T17:33:06+00:00 Vulnerability · Source
CVE-2026-43074 redhat_vex kernel: eventpoll: defer struct eventpoll free to RCU grace period fixed: 1504 known affected: 22 known not affected: 76 under investigation: 14 2026-07-14T17:32:55+00:00 Vulnerability · Source
CVE-2026-46116 redhat_vex kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete fixed: 760 known affected: 126 under investigation: 14 2026-07-14T17:32:42+00:00 Vulnerability · Source
CVE-2026-41159 redhat_vex mermaid: Mermaid: Information disclosure and page defacement via CSS injection known affected: 3 2026-07-14T16:31:17+00:00 Vulnerability · Source
CVE-2026-44897 redhat_vex mistune: Mistune: Cross-site scripting (XSS) via improper sanitization of HTML heading ID attribute known affected: 23 known not affected: 2 2026-07-14T16:31:15+00:00 Vulnerability · Source
CVE-2026-9358 redhat_vex postcss-selector-parser: Postcss: Denial of Service via uncontrolled recursion in AST Serialization fixed: 4 known affected: 164 known not affected: 57 2026-07-14T16:31:03+00:00 Vulnerability · Source
CVE-2026-53439 redhat_vex jenkins: Jenkins: Information Disclosure via Missing Permission Checks known affected: 1 2026-07-14T16:30:56+00:00 Vulnerability · Source
CVE-2026-52962 redhat_vex kernel: ceph: fix a buffer leak in __ceph_setxattr() known affected: 260 known not affected: 14 2026-07-14T16:28:48+00:00 Vulnerability · Source
CVE-2026-56140 redhat_vex org.apache.camel/camel-aws2-sns: Apache Camel AWS SNS Component: Defense-in-depth hardening due to improper input validation known not affected: 4 2026-07-14T16:28:46+00:00 Vulnerability · Source
CVE-2026-48775 redhat_vex langgraph: langgraph-checkpoint: LangGraph: Arbitrary code execution via insecure deserialization of modified checkpoint bytes known affected: 7 2026-07-14T16:28:40+00:00 Vulnerability · Source
CVE-2025-71330 redhat_vex image-size: image-size: Denial of Service via crafted ICNS image buffer known affected: 28 2026-07-14T16:28:38+00:00 Vulnerability · Source
CVE-2026-52963 redhat_vex kernel: ALSA: usb-audio: Bound MIDI endpoint descriptor scans known affected: 246 known not affected: 28 2026-07-14T16:28:35+00:00 Vulnerability · Source
CVE-2026-48776 redhat_vex langgraph: langgraph-sdk: LangGraph Python SDK: Unsafe URL path construction leads to unauthorized resource access known affected: 7 2026-07-14T16:28:32+00:00 Vulnerability · Source
CVE-2026-12199 redhat_vex nltk: NLTK: Remote unauthenticated denial of service in WordNet Browser HTTP server known affected: 11 2026-07-14T16:28:27+00:00 Vulnerability · Source
CVE-2026-52964 redhat_vex kernel: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans known affected: 184 known not affected: 90 2026-07-14T16:28:24+00:00 Vulnerability · Source
CVE-2026-10142 redhat_vex kafka-python: kafka-python: Denial of Service due to crafted frame length in protocol parser known affected: 2 2026-07-14T16:28:14+00:00 Vulnerability · Source
CVE-2025-71329 redhat_vex image-size: image-size: Denial of Service via crafted image buffer with zero-valued size field known affected: 5 known not affected: 23 2026-07-14T16:28:13+00:00 Vulnerability · Source
CVE-2026-42567 redhat_vex svelte: Svelte: Regular Expression Denial of Service (ReDoS) known affected: 2 2026-07-14T16:28:09+00:00 Vulnerability · Source
CVE-2026-10732 redhat_vex decompress: Decompress: Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip) known affected: 6 known not affected: 16 2026-07-14T16:28:02+00:00 Vulnerability · Source
CVE-2026-53364 redhat_vex kernel: Bluetooth: hci_conn: Fix memory leak in hci_le_big_terminate() known affected: 184 known not affected: 90 2026-07-14T16:22:38+00:00 Vulnerability · Source
CVE-2026-6653 redhat_vex libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free known affected: 14 known not affected: 11 2026-07-14T16:17:24+00:00 Vulnerability · Source
CVE-2024-21529 redhat_vex dset: Prototype Pollution fixed: 1 known not affected: 4 2026-07-14T16:06:30+00:00 Vulnerability · Source
CVE-2026-40977 redhat_vex Spring Boot: Spring Boot: Local file corruption via PID file manipulation fixed: 1 known affected: 21 2026-07-14T16:03:28+00:00 Vulnerability · Source
CVE-2026-42041 redhat_vex axios: Axios: Authentication bypass due to prototype pollution of HTTP error handling fixed: 142 known affected: 37 known not affected: 2448 2026-07-14T15:56:21+00:00 Vulnerability · Source
CVE-2026-35172 redhat_vex github.com/distribution/distribution: Distribution: Information disclosure via stale references after content deletion fixed: 122 known affected: 3 known not affected: 2374 under investigation: 4 2026-07-14T15:41:22+00:00 Vulnerability · Source
CVE-2026-44973 redhat_vex github.com/go-git/go-billy: Go-billy: Arbitrary file access due to path traversal vulnerability under investigation: 2 2026-07-14T15:41:04+00:00 Vulnerability · Source
CVE-2026-44293 redhat_vex protobufjs: protobufjs: Arbitrary code execution due to unsafe expression generation from crafted protobuf descriptors fixed: 29 known affected: 20 known not affected: 2159 2026-07-14T15:21:20+00:00 Vulnerability · Source
CVE-2026-9595 redhat_vex webpack-dev-server: webpack-dev-server: Information disclosure and denial of service via improper proxy configuration fixed: 12 known affected: 68 known not affected: 1972 2026-07-14T15:21:03+00:00 Vulnerability · Source
CVE-2026-11332 redhat_vex ansible-core: argument injection in ansible-galaxy role install leads to arbitrary code execution known affected: 47 under investigation: 12 2026-07-14T15:01:48+00:00 Vulnerability · Source
CVE-2026-39245 redhat_vex decompress: decompress: path traversal via indexOf containment bypass allows arbitrary file write (bypass of CVE-2020-12265 fix) fixed: 3 known affected: 1 known not affected: 2 2026-07-14T14:58:03+00:00 Vulnerability · Source
CVE-2026-42771 redhat_vex openssl: Possible Out of Bounds Read in X509_VERIFY_PARAM_set1_email() known affected: 56 known not affected: 5 2026-07-14T14:21:22+00:00 Vulnerability · Source
CVE-2026-15605 redhat_vex wandb: wandb: Information disclosure due to weak hash in artifact integrity validation known affected: 3 2026-07-14T14:14:12+00:00 Vulnerability · Source
CVE-2025-8224 redhat_vex binutils: Binutils BFD Null Pointer Dereference known affected: 10 known not affected: 67 2026-07-14T14:14:03+00:00 Vulnerability · Source
CVE-2025-66382 redhat_vex libexpat: libexpat: Denial of service via crafted file processing known affected: 44 2026-07-14T14:14:03+00:00 Vulnerability · Source
CVE-2025-26465 redhat_vex openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled fixed: 285 known affected: 18 known not affected: 9 2026-07-14T14:13:58+00:00 Vulnerability · Source
CVE-2025-46836 redhat_vex net-tools: net-tools Stack Buffer Overflow known affected: 4 known not affected: 2 2026-07-14T14:13:56+00:00 Vulnerability · Source