VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221675 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-53012 redhat_vex kernel: nexthop: fix IPv6 route referencing IPv4 nexthop known affected: 184 known not affected: 90 2026-07-14T18:07:09+00:00 Vulnerability · Source
CVE-2026-52961 redhat_vex kernel: ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size known affected: 232 known not affected: 42 2026-07-14T18:05:08+00:00 Vulnerability · Source
CVE-2026-54432 redhat_vex roundcubemail: Roundcube Webmail: Stored Cross-Site Scripting via unescaped attachment MIME type known not affected: 1 2026-07-14T18:05:07+00:00 Vulnerability · Source
CVE-2026-52990 redhat_vex kernel: fsnotify: fix inode reference leak in fsnotify_recalc_mask() known affected: 184 known not affected: 90 2026-07-14T18:05:06+00:00 Vulnerability · Source
CVE-2026-62641 redhat_vex roundcubemail: Roundcube Webmail: Denial of Service via crafted TNEF compressed-RTF size known not affected: 1 2026-07-14T18:05:04+00:00 Vulnerability · Source
CVE-2026-52977 redhat_vex kernel: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup known affected: 184 known not affected: 90 2026-07-14T18:05:03+00:00 Vulnerability · Source
CVE-2026-52980 redhat_vex kernel: sched/fair: Clear rel_deadline when initializing forked entities known affected: 76 known not affected: 198 2026-07-14T18:05:02+00:00 Vulnerability · Source
CVE-2026-62644 redhat_vex roundcubemail: Roundcube Webmail: Account takeover via username spoofing in password plugin known not affected: 1 2026-07-14T18:05:01+00:00 Vulnerability · Source
CVE-2026-62642 redhat_vex roundcubemail: Roundcube Webmail: Denial of Service via infinite loop in TNEF decoder known not affected: 1 2026-07-14T18:05:01+00:00 Vulnerability · Source
CVE-2026-46173 redhat_vex kernel: exit: prevent preemption of oopsing TASK_DEAD task fixed: 1658 known affected: 36 known not affected: 76 2026-07-14T18:04:39+00:00 Vulnerability · Source
CVE-2026-43414 redhat_vex kernel: scsi: qla2xxx: Completely fix fcport double free fixed: 1224 known affected: 36 known not affected: 76 2026-07-14T18:04:33+00:00 Vulnerability · Source
CVE-2026-43330 redhat_vex kernel: crypto: caam - fix overflow on long hmac keys fixed: 616 known not affected: 198 2026-07-14T18:04:31+00:00 Vulnerability · Source
CVE-2026-31408 redhat_vex kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold fixed: 1908 known affected: 64 2026-07-14T18:04:25+00:00 Vulnerability · Source
CVE-2025-68724 redhat_vex kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id fixed: 1930 known affected: 23 known not affected: 42 2026-07-14T18:04:21+00:00 Vulnerability · Source
CVE-2025-38653 redhat_vex kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al fixed: 1503 known affected: 36 known not affected: 76 2026-07-14T18:04:17+00:00 Vulnerability · Source
CVE-2026-46086 redhat_vex kernel: net: bridge: use a stable FDB dst snapshot in RCU readers fixed: 453 known affected: 140 2026-07-14T18:04:13+00:00 Vulnerability · Source
CVE-2026-27143 redhat_vex golang: cmd/compile: possible memory corruption after bound check elimination fixed: 3329 known affected: 5 known not affected: 226 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-27144 redhat_vex golang: cmd/compile: no-op interface conversion bypasses overlap checking fixed: 3333 known affected: 5 known not affected: 222 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-42583 redhat_vex netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder fixed: 5 known affected: 36 known not affected: 87 2026-07-14T17:42:10+00:00 Vulnerability · Source
CVE-2026-24308 redhat_vex Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values fixed: 6 known affected: 7 known not affected: 210 2026-07-14T17:41:40+00:00 Vulnerability · Source
CVE-2026-62643 redhat_vex roundcubemail: Roundcube Webmail: Server-Side Request Forgery via insufficient CSS sanitization known not affected: 1 2026-07-14T17:40:12+00:00 Vulnerability · Source
CVE-2026-44825 redhat_vex solr: Apache Solr: Remote attacker gains administrative access via hardcoded credentials in Basic Authentication setup. known not affected: 2 2026-07-14T17:38:46+00:00 Vulnerability · Source
CVE-2026-52972 redhat_vex kernel: crypto: af_alg - Cap AEAD AD length to 0x80000000 known affected: 232 known not affected: 42 2026-07-14T17:38:42+00:00 Vulnerability · Source
CVE-2026-54433 redhat_vex roundcubemail: Roundcube Webmail: Arbitrary code execution via zero-click cross-site scripting known not affected: 1 2026-07-14T17:38:40+00:00 Vulnerability · Source
CVE-2026-46316 redhat_vex kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry fixed: 1224 known affected: 24 known not affected: 90 2026-07-14T17:33:06+00:00 Vulnerability · Source
CVE-2026-46242 redhat_vex kernel: eventpoll: fix ep_remove struct eventpoll / struct file UAF fixed: 1504 known affected: 23 known not affected: 90 2026-07-14T17:33:00+00:00 Vulnerability · Source
CVE-2026-43074 redhat_vex kernel: eventpoll: defer struct eventpoll free to RCU grace period fixed: 1504 known affected: 22 known not affected: 76 under investigation: 14 2026-07-14T17:32:55+00:00 Vulnerability · Source
CVE-2026-46116 redhat_vex kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete fixed: 760 known affected: 126 under investigation: 14 2026-07-14T17:32:42+00:00 Vulnerability · Source
CVE-2026-8643 redhat_vex python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite fixed: 92 known affected: 94 known not affected: 660 2026-07-14T16:54:27+00:00 Vulnerability · Source
CVE-2026-41159 redhat_vex mermaid: Mermaid: Information disclosure and page defacement via CSS injection known affected: 3 2026-07-14T16:31:17+00:00 Vulnerability · Source
CVE-2026-44897 redhat_vex mistune: Mistune: Cross-site scripting (XSS) via improper sanitization of HTML heading ID attribute known affected: 23 known not affected: 2 2026-07-14T16:31:15+00:00 Vulnerability · Source
CVE-2026-9358 redhat_vex postcss-selector-parser: Postcss: Denial of Service via uncontrolled recursion in AST Serialization fixed: 4 known affected: 164 known not affected: 57 2026-07-14T16:31:03+00:00 Vulnerability · Source
CVE-2026-53439 redhat_vex jenkins: Jenkins: Information Disclosure via Missing Permission Checks known affected: 1 2026-07-14T16:30:56+00:00 Vulnerability · Source
CVE-2026-52962 redhat_vex kernel: ceph: fix a buffer leak in __ceph_setxattr() known affected: 260 known not affected: 14 2026-07-14T16:28:48+00:00 Vulnerability · Source
CVE-2026-56140 redhat_vex org.apache.camel/camel-aws2-sns: Apache Camel AWS SNS Component: Defense-in-depth hardening due to improper input validation known not affected: 4 2026-07-14T16:28:46+00:00 Vulnerability · Source
CVE-2026-48775 redhat_vex langgraph: langgraph-checkpoint: LangGraph: Arbitrary code execution via insecure deserialization of modified checkpoint bytes known affected: 7 2026-07-14T16:28:40+00:00 Vulnerability · Source
CVE-2025-71330 redhat_vex image-size: image-size: Denial of Service via crafted ICNS image buffer known affected: 28 2026-07-14T16:28:38+00:00 Vulnerability · Source
CVE-2026-52963 redhat_vex kernel: ALSA: usb-audio: Bound MIDI endpoint descriptor scans known affected: 246 known not affected: 28 2026-07-14T16:28:35+00:00 Vulnerability · Source
CVE-2026-48776 redhat_vex langgraph: langgraph-sdk: LangGraph Python SDK: Unsafe URL path construction leads to unauthorized resource access known affected: 7 2026-07-14T16:28:32+00:00 Vulnerability · Source
CVE-2026-12199 redhat_vex nltk: NLTK: Remote unauthenticated denial of service in WordNet Browser HTTP server known affected: 11 2026-07-14T16:28:27+00:00 Vulnerability · Source
CVE-2026-52964 redhat_vex kernel: ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans known affected: 184 known not affected: 90 2026-07-14T16:28:24+00:00 Vulnerability · Source
CVE-2026-10142 redhat_vex kafka-python: kafka-python: Denial of Service due to crafted frame length in protocol parser known affected: 2 2026-07-14T16:28:14+00:00 Vulnerability · Source
CVE-2025-71329 redhat_vex image-size: image-size: Denial of Service via crafted image buffer with zero-valued size field known affected: 5 known not affected: 23 2026-07-14T16:28:13+00:00 Vulnerability · Source
CVE-2026-42567 redhat_vex svelte: Svelte: Regular Expression Denial of Service (ReDoS) known affected: 2 2026-07-14T16:28:09+00:00 Vulnerability · Source
CVE-2026-10732 redhat_vex decompress: Decompress: Arbitrary file write leading to remote code execution via crafted ZIP archive (Zip Slip) known affected: 6 known not affected: 16 2026-07-14T16:28:02+00:00 Vulnerability · Source
CVE-2026-53364 redhat_vex kernel: Bluetooth: hci_conn: Fix memory leak in hci_le_big_terminate() known affected: 184 known not affected: 90 2026-07-14T16:22:38+00:00 Vulnerability · Source
CVE-2026-54060 redhat_vex python-pillow: Pillow: Denial of Service via excessive memory allocation when processing font files fixed: 52 known affected: 79 known not affected: 5 2026-07-14T16:17:28+00:00 Vulnerability · Source
CVE-2026-6653 redhat_vex libxml2: mingw-libxml2: libxml2: Denial of Service via crafted XML input due to use-after-free known affected: 14 known not affected: 11 2026-07-14T16:17:24+00:00 Vulnerability · Source
CVE-2026-55379 redhat_vex python-pillow: Pillow: Denial of Service via crafted BDF font file fixed: 52 known affected: 79 known not affected: 5 2026-07-14T16:16:54+00:00 Vulnerability · Source
CVE-2024-21529 redhat_vex dset: Prototype Pollution fixed: 1 known not affected: 4 2026-07-14T16:06:30+00:00 Vulnerability · Source