VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221676 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-50721 | redhat_vex | librenswan: IKEv1 Denial of Service via RSA-SHA1 (PKCS#1 Version 1.5 Encrypted) authentication payload | known affected: 13 | 2026-07-14T06:00:42+00:00 | Vulnerability · Source |
| CVE-2026-45292 | redhat_vex | opentelemetry-java: opentelemetry-api: opentelemetry-extension-trace-propagators: OpenTelemetry Java: Denial of Service due to unbounded memory allocation when parsing oversized baggage | fixed: 10 known affected: 31 known not affected: 84 under investigation: 17 | 2026-07-14T05:51:06+00:00 | Vulnerability · Source |
| CVE-2025-55005 | redhat_vex | imagemagick: ImageMagick: heap-buffer overflow | known affected: 14 | 2026-07-14T05:37:06+00:00 | Vulnerability · Source |
| CVE-2025-53101 | redhat_vex | ImageMagick: ImageMagick Stack Buffer Overflow | known affected: 14 | 2026-07-14T05:37:02+00:00 | Vulnerability · Source |
| CVE-2025-53019 | redhat_vex | ImageMagick: ImageMagick Memory Leak | known affected: 14 | 2026-07-14T05:37:02+00:00 | Vulnerability · Source |
| CVE-2025-55298 | redhat_vex | ImageMagick: ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution | known affected: 7 known not affected: 7 | 2026-07-14T05:36:58+00:00 | Vulnerability · Source |
| CVE-2025-55004 | redhat_vex | imagemagick: ImageMagick: heap-buffer overflow | known affected: 7 known not affected: 7 | 2026-07-14T05:36:57+00:00 | Vulnerability · Source |
| CVE-2025-53015 | redhat_vex | ImageMagick: ImageMagick unbounded loop | known affected: 14 | 2026-07-14T05:36:53+00:00 | Vulnerability · Source |
| CVE-2025-55160 | redhat_vex | imagemagick: ImageMagick: Undefined Behavior | known affected: 14 | 2026-07-14T05:36:52+00:00 | Vulnerability · Source |
| CVE-2026-42055 | redhat_vex | nginx: NGINX: Arbitrary code execution or Denial of Service via heap-based buffer overflow with crafted HTTP/2 headers | fixed: 395 known affected: 1 known not affected: 2 | 2026-07-14T05:36:49+00:00 | Vulnerability · Source |
| CVE-2025-55154 | redhat_vex | imagemagick: ImageMagick: integer overflows in MNG magnification | fixed: 51 known affected: 7 | 2026-07-14T05:36:25+00:00 | Vulnerability · Source |
| CVE-2023-39326 | redhat_vex | golang: net/http/internal: Denial of Service (DoS) via Resource Consumption via HTTP requests | fixed: 2570 known affected: 71 known not affected: 987 | 2026-07-14T05:00:40+00:00 | Vulnerability · Source |
| CVE-2026-14461 | microsoft_vex | Out-of-bound read in mtr | fixed: 1 known affected: 1 | 2026-07-14T01:39:17+00:00 | Vulnerability · Source |
| CVE-2026-12480 | microsoft_vex | Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras | fixed: 1 known affected: 1 | 2026-07-14T01:38:59+00:00 | Vulnerability · Source |
| CVE-2026-55689 | redhat_vex | openfga: OpenFGA: OIDC audience validation skipped when --authn-oidc-audience is unset | known affected: 9 | 2026-07-14T01:35:32+00:00 | Vulnerability · Source |
| CVE-2026-55170 | redhat_vex | github.com/openfga/openfga: OpenFGA: Incorrect authorization decisions due to case-insensitive comparisons in MySQL datastore | known affected: 9 | 2026-07-14T01:35:32+00:00 | Vulnerability · Source |
| CVE-2026-57156 | redhat_vex | FreeRDP: FreeRDP: Arbitrary code execution or denial of service via integer overflow in RDP message processing | known affected: 31 | 2026-07-14T01:25:33+00:00 | Vulnerability · Source |
| CVE-2026-40467 | microsoft_vex | Use after free in gawk | known affected: 1 | 2026-07-14T01:01:41+00:00 | Vulnerability · Source |
| CVE-2026-40468 | microsoft_vex | Heap buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:35+00:00 | Vulnerability · Source |
| CVE-2026-40469 | microsoft_vex | Heap buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:29+00:00 | Vulnerability · Source |
| CVE-2026-40553 | microsoft_vex | Stack-based buffer overflow in gawk | known affected: 1 | 2026-07-14T01:01:22+00:00 | Vulnerability · Source |
| CVE-2026-57158 | redhat_vex | FreeRDP: FreeRDP: Information disclosure via truncated RDPGFX planar payload | known affected: 31 | 2026-07-13T23:25:46+00:00 | Vulnerability · Source |
| CVE-2026-57157 | redhat_vex | FreeRDP: FreeRDP: Out-of-bounds read leads to information disclosure and denial of service | known affected: 31 | 2026-07-13T23:25:45+00:00 | Vulnerability · Source |
| CVE-2023-48795 | redhat_vex | ssh: Prefix truncation attack on Binary Packet Protocol (BPP) | fixed: 2195 known affected: 153 known not affected: 12094 | 2026-07-13T23:21:57+00:00 | Vulnerability · Source |
| CVE-2026-55827 | redhat_vex | FreeRDP: FreeRDP: Remote code execution via heap out-of-bounds write in RemoteFX decoding | known affected: 31 | 2026-07-13T23:13:09+00:00 | Vulnerability · Source |
| CVE-2026-42216 | redhat_vex | OpenEXR: OpenEXR: Information disclosure and denial of service via malformed EXR files | fixed: 214 known affected: 3 known not affected: 7 | 2026-07-13T23:11:46+00:00 | Vulnerability · Source |
| CVE-2026-41142 | redhat_vex | OpenEXR: OpenEXR: Arbitrary code execution via integer overflow in image resizing | fixed: 214 known not affected: 10 | 2026-07-13T23:11:42+00:00 | Vulnerability · Source |
| CVE-2026-56372 | redhat_vex | ImageMagick: ImageMagick: Information Disclosure and Denial of Service | known affected: 14 | 2026-07-13T22:25:36+00:00 | Vulnerability · Source |
| CVE-2026-61465 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via crafted image due to missing memory allocation check | known affected: 14 | 2026-07-13T22:25:35+00:00 | Vulnerability · Source |
| CVE-2026-61858 | redhat_vex | ImageMagick: ImageMagick: Policy bypass allows unauthorized file writing via APNG encoder | known affected: 14 | 2026-07-13T22:15:55+00:00 | Vulnerability · Source |
| CVE-2026-61857 | redhat_vex | ImageMagick: ImageMagick: Application crashes via malicious XMP profiles | known affected: 14 | 2026-07-13T22:15:54+00:00 | Vulnerability · Source |
| CVE-2026-61861 | redhat_vex | ImageMagick: ImageMagick: Use-after-free vulnerability leading to denial of service or code execution | known affected: 14 | 2026-07-13T22:15:48+00:00 | Vulnerability · Source |
| CVE-2026-61870 | redhat_vex | ImageMagick: ImageMagick: Denial of Service via specially crafted VIFF images | known affected: 14 | 2026-07-13T22:15:46+00:00 | Vulnerability · Source |
| CVE-2025-61732 | redhat_vex | cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy | fixed: 5141 known affected: 3 known not affected: 985 | 2026-07-13T21:12:42+00:00 | Vulnerability · Source |
| CVE-2025-14087 | redhat_vex | glib: GLib: Buffer underflow in GVariant parser leads to heap corruption | fixed: 933 known affected: 20 known not affected: 24 under investigation: 1 | 2026-07-13T21:10:51+00:00 | Vulnerability · Source |
| CVE-2026-3833 | redhat_vex | gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison | fixed: 700 known affected: 12 known not affected: 55 under investigation: 1 | 2026-07-13T21:10:32+00:00 | Vulnerability · Source |
| CVE-2026-53489 | redhat_vex | github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore | fixed: 9 known affected: 17 known not affected: 187 under investigation: 4 | 2026-07-13T20:59:10+00:00 | Vulnerability · Source |
| CVE-2026-6845 | redhat_vex | binutils: Binutils: Denial of Service via crafted ELF file | fixed: 3 known affected: 73 | 2026-07-13T20:58:49+00:00 | Vulnerability · Source |
| CVE-2026-3442 | redhat_vex | binutils: GNU Binutils: Information disclosure or denial of service via out-of-bounds read in bfd linker | fixed: 3 known affected: 2 known not affected: 71 | 2026-07-13T20:58:44+00:00 | Vulnerability · Source |
| CVE-2026-6846 | redhat_vex | binutils: Binutils: Arbitrary code execution via malformed XCOFF object file processing | fixed: 3 known affected: 17 known not affected: 56 | 2026-07-13T20:58:34+00:00 | Vulnerability · Source |
| CVE-2026-6476 | redhat_vex | postgresql: PostgreSQL: SQL injection in pg_createsubscriber allows arbitrary SQL execution as superuser | fixed: 4 known not affected: 187 | 2026-07-13T20:58:34+00:00 | Vulnerability · Source |
| CVE-2026-3441 | redhat_vex | binutils: GNU Binutils: Information disclosure via specially crafted XCOFF object file | fixed: 3 known affected: 2 known not affected: 71 | 2026-07-13T20:58:29+00:00 | Vulnerability · Source |
| CVE-2025-11082 | redhat_vex | binutils: GNU Binutils Linker heap-based overflow | fixed: 97 known affected: 62 known not affected: 13 | 2026-07-13T20:58:29+00:00 | Vulnerability · Source |
| CVE-2025-11083 | redhat_vex | binutils: GNU Binutils Linker heap-based overflow | fixed: 700 known affected: 19 known not affected: 27 | 2026-07-13T20:58:29+00:00 | Vulnerability · Source |
| CVE-2026-27141 | redhat_vex | golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames | fixed: 121 known affected: 2 known not affected: 160 under investigation: 278 | 2026-07-13T20:50:48+00:00 | Vulnerability · Source |
| CVE-2026-33245 | redhat_vex | react-router: React Router: Cross-Site Scripting vulnerability via untrusted React Server Component redirects | fixed: 44 known affected: 65 known not affected: 520 under investigation: 93 | 2026-07-13T19:20:43+00:00 | Vulnerability · Source |
| CVE-2026-34077 | redhat_vex | react-router: React Router: Denial of Service via client-side Cross-Site Scripting in RSC redirect handling | known affected: 65 known not affected: 8 under investigation: 101 | 2026-07-13T19:20:42+00:00 | Vulnerability · Source |
| CVE-2026-22979 | redhat_vex | kernel: Linux kernel: Memory leak in networking due to incorrect GRO packet handling | fixed: 303 known affected: 160 known not affected: 28 | 2026-07-13T17:39:20+00:00 | Vulnerability · Source |
| CVE-2025-47907 | redhat_vex | database/sql: Postgres Scan Race Condition | fixed: 5222 known affected: 165 known not affected: 2217 | 2026-07-13T17:33:59+00:00 | Vulnerability · Source |
| CVE-2025-27144 | redhat_vex | go-jose: Go JOSE's Parsing Vulnerable to Denial of Service | fixed: 796 known affected: 29 known not affected: 5241 | 2026-07-13T17:33:57+00:00 | Vulnerability · Source |