VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221679 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-6845 redhat_vex binutils: Binutils: Denial of Service via crafted ELF file fixed: 3 known affected: 73 2026-07-13T20:58:49+00:00 Vulnerability · Source
CVE-2026-3442 redhat_vex binutils: GNU Binutils: Information disclosure or denial of service via out-of-bounds read in bfd linker fixed: 3 known affected: 2 known not affected: 71 2026-07-13T20:58:44+00:00 Vulnerability · Source
CVE-2026-6846 redhat_vex binutils: Binutils: Arbitrary code execution via malformed XCOFF object file processing fixed: 3 known affected: 17 known not affected: 56 2026-07-13T20:58:34+00:00 Vulnerability · Source
CVE-2026-6476 redhat_vex postgresql: PostgreSQL: SQL injection in pg_createsubscriber allows arbitrary SQL execution as superuser fixed: 4 known not affected: 187 2026-07-13T20:58:34+00:00 Vulnerability · Source
CVE-2026-3441 redhat_vex binutils: GNU Binutils: Information disclosure via specially crafted XCOFF object file fixed: 3 known affected: 2 known not affected: 71 2026-07-13T20:58:29+00:00 Vulnerability · Source
CVE-2025-11082 redhat_vex binutils: GNU Binutils Linker heap-based overflow fixed: 97 known affected: 62 known not affected: 13 2026-07-13T20:58:29+00:00 Vulnerability · Source
CVE-2025-11083 redhat_vex binutils: GNU Binutils Linker heap-based overflow fixed: 700 known affected: 19 known not affected: 27 2026-07-13T20:58:29+00:00 Vulnerability · Source
CVE-2026-27141 redhat_vex golang.org/x/net/http2: golang.org/x/net/http2: Denial of Service due to malformed HTTP/2 frames fixed: 121 known affected: 2 known not affected: 160 under investigation: 278 2026-07-13T20:50:48+00:00 Vulnerability · Source
CVE-2026-33245 redhat_vex react-router: React Router: Cross-Site Scripting vulnerability via untrusted React Server Component redirects fixed: 44 known affected: 65 known not affected: 520 under investigation: 93 2026-07-13T19:20:43+00:00 Vulnerability · Source
CVE-2026-34077 redhat_vex react-router: React Router: Denial of Service via client-side Cross-Site Scripting in RSC redirect handling known affected: 65 known not affected: 8 under investigation: 101 2026-07-13T19:20:42+00:00 Vulnerability · Source
CVE-2026-22979 redhat_vex kernel: Linux kernel: Memory leak in networking due to incorrect GRO packet handling fixed: 303 known affected: 160 known not affected: 28 2026-07-13T17:39:20+00:00 Vulnerability · Source
CVE-2025-27144 redhat_vex go-jose: Go JOSE's Parsing Vulnerable to Denial of Service fixed: 796 known affected: 29 known not affected: 5241 2026-07-13T17:33:57+00:00 Vulnerability · Source
CVE-2026-50031 redhat_vex freeipmi: FreeIPMI: Denial of service via buffer overflow in ipmi-oem client fixed: 427 known affected: 9 2026-07-13T17:32:25+00:00 Vulnerability · Source
CVE-2026-33554 redhat_vex freeipmi: buffer overflows on response messages via ipmi-oem fixed: 561 known affected: 9 2026-07-13T17:32:25+00:00 Vulnerability · Source
CVE-2026-43279 redhat_vex kernel: ALSA: usb-audio: Add sanity check for OOB writes at silencing fixed: 1623 known affected: 64 2026-07-13T17:32:06+00:00 Vulnerability · Source
CVE-2026-44289 redhat_vex protobufjs: protobufjs: Denial of Service via uncontrolled recursion in protobuf decoding known affected: 33 known not affected: 8 2026-07-13T17:15:58+00:00 Vulnerability · Source
CVE-2025-67030 redhat_vex org.codehaus.plexus:plexus-utils: Plexus-utils: Directory Traversal in extractFile method fixed: 470 known affected: 214 known not affected: 357 2026-07-13T17:09:44+00:00 Vulnerability · Source
CVE-2026-46152 redhat_vex kernel: wifi: mac80211: drop stray 'static' from fast-RX rx_result fixed: 1300 known affected: 22 known not affected: 28 under investigation: 14 2026-07-13T17:07:03+00:00 Vulnerability · Source
CVE-2026-45984 redhat_vex kernel: gfs2: Fix use-after-free in iomap inline data write path fixed: 1041 known affected: 50 known not affected: 76 under investigation: 17 2026-07-13T17:06:53+00:00 Vulnerability · Source
CVE-2026-4046 redhat_vex glibc: glibc: Denial of Service via iconv() function with specific character sets fixed: 3045 known affected: 22 known not affected: 2 under investigation: 1 2026-07-13T16:37:08+00:00 Vulnerability · Source
CVE-2025-47913 redhat_vex golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS fixed: 1917 known affected: 86 known not affected: 827 under investigation: 1 2026-07-13T16:36:45+00:00 Vulnerability · Source
CVE-2026-33845 redhat_vex gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment fixed: 738 known affected: 1 known not affected: 67 under investigation: 1 2026-07-13T16:36:23+00:00 Vulnerability · Source
CVE-2026-4437 redhat_vex glibc: glibc: Incorrect DNS response parsing via crafted DNS server response fixed: 2028 known affected: 237 known not affected: 2 under investigation: 1 2026-07-13T16:27:53+00:00 Vulnerability · Source
CVE-2026-42011 redhat_vex gnutls: gnutls: Security bypass due to incorrect name constraint handling fixed: 700 known affected: 12 known not affected: 55 under investigation: 1 2026-07-13T16:27:30+00:00 Vulnerability · Source
CVE-2026-33846 redhat_vex gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly fixed: 738 known affected: 1 known not affected: 67 under investigation: 1 2026-07-13T16:26:36+00:00 Vulnerability · Source
CVE-2026-39833 redhat_vex golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to unenforced key confirmation fixed: 143 known affected: 907 known not affected: 224 under investigation: 3 2026-07-13T16:23:24+00:00 Vulnerability · Source
CVE-2026-44024 redhat_vex fluentd: Fluentd: Remote Code Execution via arbitrary file write due to insufficient tag validation known not affected: 1 2026-07-13T16:20:42+00:00 Vulnerability · Source
CVE-2026-4740 redhat_vex rhacm: Open Cluster Management (OCM): Cross-cluster privilege escalation via improper Kubernetes client certificate renewal validation under investigation: 7 2026-07-13T16:01:17+00:00 Vulnerability · Source
CVE-2026-54293 redhat_vex nltk: NLTK: Information Disclosure via Path Traversal in `nltk.data.load()` known affected: 8 known not affected: 3 2026-07-13T15:56:32+00:00 Vulnerability · Source
CVE-2026-56366 redhat_vex ImageMagick: ImageMagick: Denial of Service via memory leak in APP1JPEG image processing known affected: 14 2026-07-13T15:27:12+00:00 Vulnerability · Source
CVE-2026-56373 redhat_vex ImageMagick: ImageMagick: Use-after-free vulnerability in PDB decoder allows denial of service or limited data corruption. known affected: 14 2026-07-13T15:26:59+00:00 Vulnerability · Source
CVE-2026-54911 redhat_vex UltraJSON: Malformed/Truncated UTF-8 Accepted and Silently Rewritten in ujson.dumps() known not affected: 1 2026-07-13T15:21:09+00:00 Vulnerability · Source
CVE-2026-54518 redhat_vex jackson-databind: jackson-databind: Information disclosure and data manipulation via view-based access control bypass known affected: 88 known not affected: 14 2026-07-13T15:16:19+00:00 Vulnerability · Source
CVE-2026-59876 redhat_vex protobufjs: protobufjs: Prototype pollution vulnerability in Text Format extension known not affected: 5 under investigation: 32 2026-07-13T15:16:15+00:00 Vulnerability · Source
CVE-2026-59818 redhat_vex etcd: etcd: Authentication bypass due to improper Certificate Revocation List enforcement on gRPC listener known affected: 4 2026-07-13T15:05:46+00:00 Vulnerability · Source
CVE-2026-50168 redhat_vex @angular/platform-server: Angular @angular/platform-server: Server-Side Request Forgery (SSRF) via malformed URL parsing known not affected: 1 2026-07-13T15:00:27+00:00 Vulnerability · Source
CVE-2026-54514 redhat_vex jackson-databind: jackson-databind: Information Disclosure via Eager DNS Resolution known affected: 101 known not affected: 1 2026-07-13T14:55:58+00:00 Vulnerability · Source
CVE-2026-58459 redhat_vex gpsd: gpsd: Command Injection via GPS device subtype allows arbitrary code execution known affected: 7 2026-07-13T14:55:43+00:00 Vulnerability · Source
CVE-2026-52846 redhat_vex github.com/caddyserver/caddy: Caddy: Client-side Cross-Site Scripting (XSS) due to incomplete HTML tag stripping known not affected: 1 2026-07-13T14:50:46+00:00 Vulnerability · Source
CVE-2026-11998 redhat_vex angularjs: AngularJS: Arbitrary JavaScript execution due to Strict Contextual Escaping (SCE) bypass known affected: 22 known not affected: 26 2026-07-13T14:50:43+00:00 Vulnerability · Source
CVE-2026-44169 redhat_vex mariadb: MariaDB server: Information disclosure of stored routine definitions due to insufficient privilege check fixed: 199 known not affected: 106 2026-07-13T14:45:52+00:00 Vulnerability · Source
CVE-2026-59874 microsoft_vex node-tar: Negative tar entry size causes infinite loop in archive replace known affected: 1 2026-07-13T14:41:33+00:00 Vulnerability · Source
CVE-2026-59873 microsoft_vex node-tar: Decompression/parse DoS via unlimited input known affected: 1 2026-07-13T14:41:27+00:00 Vulnerability · Source
CVE-2026-59871 microsoft_vex node-tar: Process crash via PAX numeric path type confusion known affected: 1 2026-07-13T14:41:21+00:00 Vulnerability · Source
CVE-2026-59890 microsoft_vex setuptools: MANIFEST.in exclusion bypass in sdist via Unicode normalization collision (NFC/NFD) on macOS APFS/HFS+ fixed: 1 known affected: 5 2026-07-13T14:40:57+00:00 Vulnerability · Source
CVE-2026-32829 redhat_vex lz4_flex: lz4_flex's decompression can leak information from uninitialized memory or reused output buffer fixed: 14 known affected: 2 known not affected: 357 2026-07-13T14:40:47+00:00 Vulnerability · Source
CVE-2026-56002 redhat_vex libXfont2: PCF Font Parsing Heap Buffer Overflow under investigation: 9 2026-07-13T14:06:00+00:00 Vulnerability · Source
CVE-2026-15538 redhat_vex primereact: PrimeReact: Remote attacker can modify object prototype attributes known affected: 4 2026-07-13T13:56:42+00:00 Vulnerability · Source
CVE-2026-59821 redhat_vex litellm: LiteLLM: Arbitrary code execution and information disclosure via custom code guardrails known not affected: 7 2026-07-13T13:56:31+00:00 Vulnerability · Source
CVE-2026-59820 redhat_vex litellm: LiteLLM: Directory traversal via crafted skill archive upload known affected: 1 known not affected: 6 2026-07-13T13:36:04+00:00 Vulnerability · Source