VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221796 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-44170 redhat_vex mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine fixed: 531 known not affected: 37 2026-07-10T16:45:42+00:00 Vulnerability · Source
CVE-2025-71319 redhat_vex image-size: image-size: Denial of Service due to infinite loop when processing specially crafted images. fixed: 3 known affected: 28 known not affected: 34 2026-07-10T16:14:53+00:00 Vulnerability · Source
CVE-2026-15143 redhat_vex guardrails-detectors: guardrails-detectors: SSRF and local file read via user-supplied XML Schema (xml-with-schema:) known affected: 2 2026-07-10T16:05:37+00:00 Vulnerability · Source
CVE-2026-57280 redhat_vex jenkins-script-security-plugin: Jenkins Script Security Plugin: Sandbox bypass leading to arbitrary code execution known affected: 5 2026-07-10T15:59:59+00:00 Vulnerability · Source
CVE-2026-54423 redhat_vex openstack-ironic: openstack-ironic: Arbitrary IPMI command execution via send_raw deployment step known affected: 5 known not affected: 9 2026-07-10T15:30:05+00:00 Vulnerability · Source
CVE-2026-14535 redhat_vex fickling: Fickling: Arbitrary code execution via pickle deserialization bypass known affected: 1 2026-07-10T15:20:09+00:00 Vulnerability · Source
CVE-2026-56297 redhat_vex FreeRDP: FreeRDP: Remote code execution or denial of service via use-after-free race condition known affected: 31 2026-07-10T14:44:54+00:00 Vulnerability · Source
CVE-2026-8926 microsoft_vex password leak with netrc and user in URL known affected: 1 known not affected: 3 2026-07-10T14:40:29+00:00 Vulnerability · Source
CVE-2026-57585 microsoft_vex MessagePack: Out-of-bounds read/crash on Unpacker reuse after caught error fixed: 1 known affected: 1 2026-07-10T14:40:08+00:00 Vulnerability · Source
CVE-2026-58014 microsoft_vex Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list" fixed: 1 known affected: 1 2026-07-10T14:40:00+00:00 Vulnerability · Source
CVE-2026-58013 microsoft_vex Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend" fixed: 1 known affected: 1 2026-07-10T14:39:52+00:00 Vulnerability · Source
CVE-2026-58011 microsoft_vex Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime fixed: 1 known affected: 1 2026-07-10T14:39:45+00:00 Vulnerability · Source
CVE-2026-58012 microsoft_vex Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char() fixed: 1 known affected: 1 2026-07-10T14:39:37+00:00 Vulnerability · Source
CVE-2026-58016 microsoft_vex Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml" fixed: 1 known affected: 1 2026-07-10T14:39:30+00:00 Vulnerability · Source
CVE-2026-58015 microsoft_vex Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive fixed: 1 known affected: 1 2026-07-10T14:39:22+00:00 Vulnerability · Source
CVE-2026-58010 microsoft_vex Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal() fixed: 1 known affected: 1 2026-07-10T14:39:14+00:00 Vulnerability · Source
CVE-2026-11525 microsoft_vex undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching fixed: 1 known affected: 1 under investigation: 1 2026-07-10T14:39:01+00:00 Vulnerability · Source
CVE-2026-59935 redhat_vex pypdf: pypdf: Denial of Service via crafted PDF with unterminated inline image known affected: 5 under investigation: 6 2026-07-10T14:34:53+00:00 Vulnerability · Source
CVE-2026-53878 redhat_vex django: Django: HTTP header injection via DomainNameValidator accepting newlines known affected: 20 2026-07-10T14:25:02+00:00 Vulnerability · Source
CVE-2026-53877 redhat_vex django: Django: Information disclosure via heap buffer over-read in GDALRaster known affected: 20 2026-07-10T14:24:58+00:00 Vulnerability · Source
CVE-2026-59937 redhat_vex pypdf: pypdf: Denial of Service via crafted PDF with malformed cross-reference streams known affected: 11 2026-07-10T14:24:52+00:00 Vulnerability · Source
CVE-2026-59938 redhat_vex pypdf: pypdf: Possible large memory usage for wrong image dimensions known affected: 11 2026-07-10T14:10:27+00:00 Vulnerability · Source
CVE-2026-15164 redhat_vex wireshark: Wireshark: Denial of Service vulnerability in ciscodump known affected: 20 2026-07-10T14:05:41+00:00 Vulnerability · Source
CVE-2026-15165 redhat_vex wireshark: Wireshark: Denial of Service via TLS ECH decryptor crash known affected: 20 2026-07-10T14:05:30+00:00 Vulnerability · Source
CVE-2026-47712 redhat_vex dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch known affected: 24 under investigation: 1 2026-07-10T14:00:38+00:00 Vulnerability · Source
CVE-2026-7492 redhat_vex gitlab-ee: gitlab: GitLab: Information disclosure of private project existence via improper authorization known not affected: 4 2026-07-10T13:50:51+00:00 Vulnerability · Source
CVE-2026-48588 redhat_vex django: Django: Information disclosure due to improper caching of Set-Cookie responses known affected: 20 2026-07-10T13:46:05+00:00 Vulnerability · Source
CVE-2026-58207 redhat_vex github.com/nats-io/nats-server: NATS Server: Denial of Service via arithmetic overflow in connection monitoring pagination known affected: 6 known not affected: 3 2026-07-10T13:46:03+00:00 Vulnerability · Source
CVE-2026-12590 redhat_vex body-parser: body-parser: Denial of Service via invalid limit option known affected: 132 known not affected: 1 2026-07-10T13:46:00+00:00 Vulnerability · Source
CVE-2026-39197 redhat_vex vector: Vector: Denial of Service via crafted request to HTTP endpoint known not affected: 1 2026-07-10T13:15:17+00:00 Vulnerability · Source
CVE-2026-52924 redhat_vex kernel: sctp: purge outqueue on stale COOKIE-ECHO handling known affected: 232 known not affected: 42 2026-07-10T13:07:12+00:00 Vulnerability · Source
CVE-2026-59929 redhat_vex mistune: Mistune: Cross-site scripting via incomplete URL scheme filtering known affected: 24 2026-07-10T12:59:58+00:00 Vulnerability · Source
CVE-2026-59262 redhat_vex AFFiNE: AFFiNE: Information disclosure via histories GraphQL field known not affected: 11 2026-07-10T12:24:52+00:00 Vulnerability · Source
CVE-2026-52973 redhat_vex kernel: futex: Drop CLONE_THREAD requirement for private default hash alloc known affected: 184 known not affected: 90 2026-07-10T11:55:23+00:00 Vulnerability · Source
CVE-2026-59923 redhat_vex mistune: Mistune: Arbitrary code execution through crafted Markdown links known affected: 24 under investigation: 1 2026-07-10T11:34:11+00:00 Vulnerability · Source
CVE-2026-59926 redhat_vex mistune: Mistune: Cross-Site Scripting via unescaped HTML class attribute in Admonition directive known affected: 24 under investigation: 1 2026-07-10T11:34:08+00:00 Vulnerability · Source
CVE-2026-59930 redhat_vex mistune: Mistune: Same-page navigation redirection due to predictable heading IDs known affected: 10 known not affected: 1 under investigation: 14 2026-07-10T11:34:07+00:00 Vulnerability · Source
CVE-2026-15378 redhat_vex guardrails-detectors: guardrails-detectors: SSRF and local file read via user-supplied XML Schema (xml-with-schema:) known affected: 1 2026-07-10T11:05:10+00:00 Vulnerability · Source
CVE-2026-59725 redhat_vex socket.io: engine.io: Socket.IO: Denial of Service via invalid binary POST requests fixed: 3 known affected: 4 2026-07-10T10:59:12+00:00 Vulnerability · Source
CVE-2023-5685 redhat_vex xnio: StackOverflowException when the chain of notifier states becomes problematically big fixed: 93 known affected: 5 known not affected: 240 2026-07-10T10:44:22+00:00 Vulnerability · Source
CVE-2026-59152 redhat_vex langsmith: LangSmith SDK TracingMiddleware: Information Disclosure via Arbitrary Server-Side File Read known affected: 14 2026-07-10T10:00:54+00:00 Vulnerability · Source
CVE-2026-53511 redhat_vex calibre: Calibre: Arbitrary code execution via malicious e-book file processing known not affected: 1 2026-07-10T09:55:40+00:00 Vulnerability · Source
CVE-2026-58374 redhat_vex hostapd: hostapd: Denial of Service via malformed Wi-Fi 7 Multi-Link Operation association request known affected: 3 2026-07-10T09:50:26+00:00 Vulnerability · Source
CVE-2026-14362 redhat_vex github.com/hashicorp/memberlist: HashiCorp memberlist: Denial of Service via push/pull state handling known affected: 15 known not affected: 32 2026-07-10T09:30:01+00:00 Vulnerability · Source
CVE-2026-44512 redhat_vex onnx: ONNX: Denial of Service via crafted untrusted models known affected: 16 2026-07-10T07:54:47+00:00 Vulnerability · Source
CVE-2026-54528 redhat_vex jupyterlab-git: JupyterLab Git: Information disclosure via case-sensitivity bypass in excluded path enforcement known affected: 15 2026-07-10T07:09:53+00:00 Vulnerability · Source
CVE-2026-59925 redhat_vex mistune: Mistune: Denial of Service via crafted Markdown input known affected: 25 2026-07-10T07:05:12+00:00 Vulnerability · Source
CVE-2024-12125 redhat_vex 3scale-porta: Readonly fields not validated server-side known affected: 1 2026-07-10T06:25:28+00:00 Vulnerability · Source
CVE-2024-28176 redhat_vex jose: resource exhaustion fixed: 584 known affected: 3 known not affected: 2423 2026-07-10T04:58:12+00:00 Vulnerability · Source
CVE-2023-24536 redhat_vex golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption fixed: 1648 known affected: 101 known not affected: 1097 2026-07-10T04:58:01+00:00 Vulnerability · Source