VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221830 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2025-32415 | redhat_vex | libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables | fixed: 568 known affected: 5 known not affected: 18 | 2026-07-08T15:02:27+00:00 | Vulnerability · Source |
| CVE-2026-50229 | redhat_vex | tomcat: Apache Tomcat: Cross-Site Scripting vulnerability in number guess example | fixed: 2 known affected: 78 known not affected: 3 | 2026-07-08T14:58:37+00:00 | Vulnerability · Source |
| CVE-2025-59464 | redhat_vex | nodejs: Nodejs memory leak | fixed: 16 known affected: 6 known not affected: 68 | 2026-07-08T14:58:33+00:00 | Vulnerability · Source |
| CVE-2026-40226 | redhat_vex | systemd: systemd nspawn: Escape-to-host action via crafted config file | fixed: 4 known not affected: 131 | 2026-07-08T14:58:31+00:00 | Vulnerability · Source |
| CVE-2025-59466 | redhat_vex | nodejs: Nodejs denial of service | fixed: 456 | 2026-07-08T14:58:29+00:00 | Vulnerability · Source |
| CVE-2026-21636 | redhat_vex | nodejs: Nodejs network segmentation bypass | fixed: 16 known not affected: 74 | 2026-07-08T14:58:28+00:00 | Vulnerability · Source |
| CVE-2026-21637 | redhat_vex | nodejs: Nodejs denial of service | fixed: 567 | 2026-07-08T14:58:17+00:00 | Vulnerability · Source |
| CVE-2025-68972 | redhat_vex | gnupg: GnuPG: Signature bypass via form feed character in signed messages | fixed: 3 known affected: 15 | 2026-07-08T14:58:14+00:00 | Vulnerability · Source |
| CVE-2026-55955 | redhat_vex | tomcat: Apache Tomcat: Replay attack via improper authentication in EncryptionInterceptor | fixed: 4 known affected: 78 known not affected: 2 | 2026-07-08T14:58:11+00:00 | Vulnerability · Source |
| CVE-2026-53143 | redhat_vex | kernel: drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 | known not affected: 274 | 2026-07-08T14:56:15+00:00 | Vulnerability · Source |
| CVE-2026-53148 | redhat_vex | kernel: thunderbolt: Clamp XDomain response data copy to allocation size | known not affected: 274 | 2026-07-08T14:54:57+00:00 | Vulnerability · Source |
| CVE-2026-40225 | redhat_vex | systemd: udev in systemd: Privilege escalation via malicious hardware devices and unsanitized kernel output | fixed: 4 known affected: 4 known not affected: 127 | 2026-07-08T14:54:07+00:00 | Vulnerability · Source |
| CVE-2026-40224 | redhat_vex | systemd: systemd-machined: Local privilege escalation via varlink | fixed: 4 known not affected: 131 | 2026-07-08T14:52:59+00:00 | Vulnerability · Source |
| CVE-2025-64503 | redhat_vex | cups: cups-filters: cups-filters: Out-of-bounds write via crafted PDF MediaBox | fixed: 4 known affected: 14 | 2026-07-08T14:52:57+00:00 | Vulnerability · Source |
| CVE-2025-64506 | redhat_vex | libpng: LIBPNG heap buffer over-read | fixed: 3 known affected: 241 | 2026-07-08T14:52:53+00:00 | Vulnerability · Source |
| CVE-2026-40223 | redhat_vex | systemd: systemd: Local unprivileged user can cause Denial of Service | fixed: 4 known not affected: 131 | 2026-07-08T14:52:53+00:00 | Vulnerability · Source |
| CVE-2026-40161 | redhat_vex | github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure of Git API token via user-controlled serverURL | fixed: 32 known affected: 21 known not affected: 59 | 2026-07-08T14:52:50+00:00 | Vulnerability · Source |
| CVE-2025-64505 | redhat_vex | libpng: LIBPNG heap buffer overflow via malformed palette index | fixed: 3 known affected: 241 | 2026-07-08T14:52:35+00:00 | Vulnerability · Source |
| CVE-2025-11230 | redhat_vex | haproxy: denial of service vulnerability in HAProxy mjson library | fixed: 98 known affected: 9 known not affected: 17 | 2026-07-08T14:52:02+00:00 | Vulnerability · Source |
| CVE-2025-70103 | redhat_vex | libjxl: libjxl: Arbitrary code execution via crafted PBM images | known affected: 8 | 2026-07-08T14:51:54+00:00 | Vulnerability · Source |
| CVE-2025-12818 | redhat_vex | postgresql: libpq: libpq undersizes allocations, via integer wraparound | fixed: 3265 known affected: 11 known not affected: 40 | 2026-07-08T14:47:53+00:00 | Vulnerability · Source |
| CVE-2026-33211 | redhat_vex | Tekton Pipelines: github.com/tektoncd/pipeline: Tekton Pipelines: Information disclosure via path traversal in git resolver | fixed: 32 known affected: 27 known not affected: 457 | 2026-07-08T14:47:22+00:00 | Vulnerability · Source |
| CVE-2026-53362 | microsoft_vex | ipv6: account for fraggap on the paged allocation path | fixed: 1 known affected: 1 | 2026-07-08T14:47:02+00:00 | Vulnerability · Source |
| CVE-2026-53361 | microsoft_vex | af_unix: Set gc_in_progress to true in unix_gc(). | fixed: 1 known affected: 1 | 2026-07-08T14:46:54+00:00 | Vulnerability · Source |
| CVE-2025-13699 | redhat_vex | mariadb: MariaDB: mariadb-dump utility vulnerable to remote code execution via improper path validation | fixed: 2284 known not affected: 19 | 2026-07-08T14:46:39+00:00 | Vulnerability · Source |
| CVE-2025-64720 | redhat_vex | libpng: LIBPNG buffer overflow | fixed: 3648 known affected: 25 known not affected: 27 | 2026-07-08T14:46:25+00:00 | Vulnerability · Source |
| CVE-2026-53325 | microsoft_vex | agp/amd64: Fix broken error propagation in agp_amd64_probe() | fixed: 1 known affected: 1 | 2026-07-08T14:43:54+00:00 | Vulnerability · Source |
| CVE-2026-52909 | microsoft_vex | ip6_vti: set netns_immutable on the fallback device. | fixed: 1 known affected: 1 | 2026-07-08T14:43:42+00:00 | Vulnerability · Source |
| CVE-2025-58186 | redhat_vex | golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http | fixed: 8 known affected: 73 known not affected: 50 under investigation: 1395 | 2026-07-08T14:43:00+00:00 | Vulnerability · Source |
| CVE-2026-53163 | microsoft_vex | locking/rtmutex: Skip remove_waiter() when waiter is not enqueued | fixed: 1 known affected: 2 | 2026-07-08T14:43:00+00:00 | Vulnerability · Source |
| CVE-2025-57812 | redhat_vex | cups: CUPS-Filters: Information disclosure and data corruption via crafted TIFF image file processing | fixed: 4 known affected: 15 | 2026-07-08T14:42:55+00:00 | Vulnerability · Source |
| CVE-2025-43718 | redhat_vex | poppler: Poppler stack overflow | fixed: 4 known affected: 11 known not affected: 48 | 2026-07-08T14:42:54+00:00 | Vulnerability · Source |
| CVE-2026-53138 | microsoft_vex | drm/amd/display: Bound VBIOS record-chain walk loops | fixed: 1 known affected: 2 | 2026-07-08T14:42:49+00:00 | Vulnerability · Source |
| CVE-2026-53157 | microsoft_vex | net: phonet: free phonet_device after RCU grace period | fixed: 1 known affected: 1 under investigation: 1 | 2026-07-08T14:42:25+00:00 | Vulnerability · Source |
| CVE-2026-52928 | microsoft_vex | af_unix: Reject SIOCATMARK on non-stream sockets | fixed: 1 known affected: 2 | 2026-07-08T14:42:16+00:00 | Vulnerability · Source |
| CVE-2026-53151 | microsoft_vex | rxrpc: Fix the ACK parser to extract the SACK table for parsing | fixed: 1 known affected: 2 | 2026-07-08T14:41:57+00:00 | Vulnerability · Source |
| CVE-2025-65018 | redhat_vex | libpng: LIBPNG heap buffer overflow | fixed: 3612 known affected: 8 known not affected: 48 | 2026-07-08T14:40:57+00:00 | Vulnerability · Source |
| CVE-2026-43186 | redhat_vex | kernel: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() | known affected: 90 known not affected: 184 | 2026-07-08T14:37:19+00:00 | Vulnerability · Source |
| CVE-2026-40215 | redhat_vex | openvpn: OpenVPN: Server crash or memory leak due to race condition and use-after-free | known not affected: 1 | 2026-07-08T14:32:11+00:00 | Vulnerability · Source |
| CVE-2026-52726 | redhat_vex | dulwich: Dulwich: Arbitrary code execution via crafted Git submodules | known affected: 10 known not affected: 7 | 2026-07-08T14:21:34+00:00 | Vulnerability · Source |
| CVE-2026-3713 | redhat_vex | libpng: libpng: Heap-based buffer overflow in pnm2png allows information disclosure and denial of service | fixed: 3 known not affected: 264 | 2026-07-08T14:21:25+00:00 | Vulnerability · Source |
| CVE-2025-9230 | redhat_vex | openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap | fixed: 632 known affected: 18 known not affected: 250 | 2026-07-08T14:12:33+00:00 | Vulnerability · Source |
| CVE-2026-3119 | redhat_vex | bind: BIND: Denial of Service via authenticated TKEY queries | fixed: 4 known affected: 9 known not affected: 77 | 2026-07-08T14:12:29+00:00 | Vulnerability · Source |
| CVE-2026-55655 | redhat_vex | openssh: Local MITM of X11 forwarding via abstract UNIX socket pre-binding in Red Hat Enterprise Linux OpenSSH client versions | fixed: 3 known affected: 40 under investigation: 1 | 2026-07-08T13:59:46+00:00 | Vulnerability · Source |
| CVE-2026-55654 | redhat_vex | openssh: Heap out-of-bounds read in Red Hat Enterprise Linux versions of OpenSSH GSSAPI indicator cleanup due to missing NULL sentinel termination | fixed: 3 known affected: 40 under investigation: 1 | 2026-07-08T13:59:46+00:00 | Vulnerability · Source |
| CVE-2026-55653 | redhat_vex | openssh: Double free in Red Hat Enterprise Linux versions of OpenSSH DH-GEX client path during FIPS known-group validation leads to client-side denial of service | fixed: 3 known affected: 41 | 2026-07-08T13:59:45+00:00 | Vulnerability · Source |
| CVE-2026-3591 | redhat_vex | bind: BIND: Unauthorized access due to use-after-return vulnerability in DNS query handling | fixed: 4 known affected: 9 known not affected: 77 | 2026-07-08T13:56:07+00:00 | Vulnerability · Source |
| CVE-2025-69720 | redhat_vex | ncurses: ncurses: Buffer overflow vulnerability may lead to arbitrary code execution. | fixed: 106 known not affected: 28 | 2026-07-08T13:51:52+00:00 | Vulnerability · Source |
| CVE-2025-14178 | redhat_vex | php: heap-based buffer overflow in array_merge() | fixed: 4178 known not affected: 83 | 2026-07-08T13:47:52+00:00 | Vulnerability · Source |
| CVE-2026-1642 | redhat_vex | nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections | fixed: 951 known affected: 1 known not affected: 72 | 2026-07-08T13:41:54+00:00 | Vulnerability · Source |