VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221679 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-29009 redhat_vex u-boot: U-Boot: Memory corruption via NFS readlink buffer overflow known not affected: 1 2026-07-13T13:35:48+00:00 Vulnerability · Source
CVE-2026-29008 redhat_vex U-Boot: U-Boot: Integer underflow leads to Denial of Service known not affected: 1 2026-07-13T13:35:41+00:00 Vulnerability · Source
CVE-2024-45338 redhat_vex golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html fixed: 2392 known affected: 157 known not affected: 16028 2026-07-13T13:27:24+00:00 Vulnerability · Source
CVE-2026-59819 redhat_vex litellm: LiteLLM: Information disclosure via local file read in test connection endpoint known not affected: 7 2026-07-13T13:26:19+00:00 Vulnerability · Source
CVE-2026-23562 redhat_vex xen: Xen: VM administrator gains unauthorized host hardware access via PCI passthrough known not affected: 1 2026-07-13T13:26:15+00:00 Vulnerability · Source
CVE-2026-42486 redhat_vex xen: Xen: Arbitrary dom0 file write due to improper restriction of VM parameter known not affected: 1 2026-07-13T13:21:16+00:00 Vulnerability · Source
CVE-2026-23560 redhat_vex xen: Xen: VM-admin can hide virtual machines from management and operations known not affected: 1 2026-07-13T13:21:01+00:00 Vulnerability · Source
CVE-2026-60108 redhat_vex zeek: Zeek: Denial of Service via uncontrolled memory consumption in FTP analyzer known not affected: 1 2026-07-13T13:20:44+00:00 Vulnerability · Source
CVE-2026-60109 redhat_vex zeek: Zeek: Denial of Service via crafted Kerberos KRB_ERROR message known not affected: 1 2026-07-13T13:20:38+00:00 Vulnerability · Source
CVE-2026-46384 redhat_vex github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: Integer Overflow in Avro Decoder fixed: 4 known affected: 3 known not affected: 193 2026-07-13T13:16:26+00:00 Vulnerability · Source
CVE-2026-46385 redhat_vex github.com/hamba/avro/v2: github.com/linkedin/goavro/v2: CPU Exhaustion in Avro Decoder via Unbounded Block-Count Iteration fixed: 4 known affected: 3 known not affected: 193 2026-07-13T13:16:23+00:00 Vulnerability · Source
CVE-2026-15584 redhat_vex RedHatInsights/incluster-checks: incluster-checks: Privileged host-chroot debug pods created in shared default namespace enable privilege escalation to node root known affected: 1 2026-07-13T13:12:29+00:00 Vulnerability · Source
CVE-2026-42561 redhat_vex python-multipart: python-multipart: Denial of Service via excessive multipart part headers fixed: 2 known affected: 31 known not affected: 242 2026-07-13T13:11:41+00:00 Vulnerability · Source
CVE-2026-55807 redhat_vex Drupal core: Drupal core: Server-Side Request Forgery vulnerability known not affected: 1 2026-07-13T12:53:27+00:00 Vulnerability · Source
CVE-2026-55808 redhat_vex drupal: Drupal core: Cross-site Scripting (XSS) via improper input neutralization known not affected: 1 2026-07-13T12:47:54+00:00 Vulnerability · Source
CVE-2026-40973 redhat_vex Spring Boot: Spring Boot: Arbitrary Code Execution and Session Hijacking via predictable temporary directory fixed: 10 known affected: 2 known not affected: 68 2026-07-13T12:25:53+00:00 Vulnerability · Source
CVE-2026-62147 redhat_vex tempo-operator: Tempo Operator: Query RBAC bypass known affected: 2 2026-07-13T12:06:35+00:00 Vulnerability · Source
CVE-2026-53538 redhat_vex python-multipart: Python-Multipart: Information disclosure due to parser differential in form data handling known affected: 39 known not affected: 18 2026-07-13T11:56:42+00:00 Vulnerability · Source
CVE-2026-41695 redhat_vex Spring Data Commons: Spring Data Commons: Denial of Service via crafted property path strings known affected: 3 known not affected: 2 2026-07-13T11:51:12+00:00 Vulnerability · Source
CVE-2026-41716 redhat_vex Spring Data Commons: Spring Data Commons: Denial of Service due to cache exhaustion via attacker-supplied strings known affected: 3 known not affected: 2 2026-07-13T11:50:40+00:00 Vulnerability · Source
CVE-2026-14613 redhat_vex keycloak-services: keycloak-services: Keycloak: FGAP v2 role groups endpoint discloses hidden group metadata without group view permission known affected: 1 known not affected: 5 2026-07-13T11:46:27+00:00 Vulnerability · Source
CVE-2026-14615 redhat_vex keycloak-services: keycloak: FGAP v2 parent group children endpoint bypasses per-child view permission filter known affected: 1 2026-07-13T11:46:19+00:00 Vulnerability · Source
CVE-2026-55223 redhat_vex c3p0: c3p0: Remote code execution via deserialization vulnerability known affected: 5 known not affected: 7 2026-07-13T11:41:36+00:00 Vulnerability · Source
CVE-2026-46584 redhat_vex org.apache.camel/camel-mail: Apache Camel Mail Component: Credential exposure and information disclosure via improper input validation of mail headers known affected: 2 known not affected: 1 2026-07-13T11:21:44+00:00 Vulnerability · Source
CVE-2026-46592 redhat_vex org.apache.camel/camel-cxf: Apache Camel CXF SOAP: Remote attacker can execute unintended operations via header manipulation known affected: 2 known not affected: 1 2026-07-13T11:21:36+00:00 Vulnerability · Source
CVE-2026-40859 redhat_vex org.apache.camel/camel-vertx-http: Apache Camel (camel-vertx-http): Remote Code Execution via Deserialization of Untrusted Data known affected: 2 known not affected: 1 2026-07-13T11:21:21+00:00 Vulnerability · Source
CVE-2026-15551 redhat_vex rlottie: rlottie: Buffer overflow due to integer overflow known not affected: 1 2026-07-13T11:16:30+00:00 Vulnerability · Source
CVE-2026-50263 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow() fixed: 779 known affected: 22 2026-07-13T11:04:49+00:00 Vulnerability · Source
CVE-2026-50262 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes fixed: 779 known affected: 22 2026-07-13T11:04:48+00:00 Vulnerability · Source
CVE-2026-56000 redhat_vex X.org: xorg-x11-server: GLX contextTags Use-After-Free in CommonMakeCurrent() fixed: 54 known affected: 39 2026-07-13T10:55:58+00:00 Vulnerability · Source
CVE-2026-55999 redhat_vex xorg: X11: xserver: X.org: glamor Font Atlas Heap Buffer Overflow fixed: 255 known affected: 19 2026-07-13T10:55:42+00:00 Vulnerability · Source
CVE-2026-58379 redhat_vex gimp: gimp: Heap buffer overflow in read_channel_data() fixed: 24 known not affected: 29 2026-07-13T10:55:38+00:00 Vulnerability · Source
CVE-2026-2050 redhat_vex gimp: GIMP: Arbitrary code execution via heap-based buffer overflow in HDR file parsing fixed: 57 known affected: 11 2026-07-13T10:55:33+00:00 Vulnerability · Source
CVE-2026-45700 redhat_vex freerdp: FreeRDP: Out-of-bounds write in planar bitmap decoder allows arbitrary code execution fixed: 195 known affected: 12 2026-07-13T10:55:17+00:00 Vulnerability · Source
CVE-2026-50260 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter() fixed: 779 known affected: 22 2026-07-13T10:55:03+00:00 Vulnerability · Source
CVE-2026-50259 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB SetMap request via mapWidths indexing fixed: 779 known affected: 22 2026-07-13T10:54:58+00:00 Vulnerability · Source
CVE-2026-50258 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in XKB key types due to unchecked shift levels fixed: 779 known affected: 22 2026-07-13T10:54:45+00:00 Vulnerability · Source
CVE-2026-50257 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence() fixed: 779 known affected: 22 2026-07-13T10:54:39+00:00 Vulnerability · Source
CVE-2026-50256 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libXfont2 name length mismatch fixed: 779 known affected: 22 2026-07-13T10:54:23+00:00 Vulnerability · Source
CVE-2026-50264 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds heap write in DRI2 DRIGetBuffers/DRIGetBuffersWithFormat fixed: 779 known affected: 22 2026-07-13T10:54:17+00:00 Vulnerability · Source
CVE-2026-50261 redhat_vex xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter() fixed: 779 known affected: 22 2026-07-13T10:54:03+00:00 Vulnerability · Source
CVE-2026-23745 redhat_vex node-tar: tar: node-tar: Arbitrary file overwrite and symlink poisoning via unsanitized linkpaths in archives fixed: 52 known affected: 25 known not affected: 654 2026-07-13T09:41:15+00:00 Vulnerability · Source
CVE-2026-43163 redhat_vex kernel: md/bitmap: fix GPF in write_page caused by resize race fixed: 2069 known affected: 33 known not affected: 14 2026-07-13T09:11:17+00:00 Vulnerability · Source
CVE-2026-15574 redhat_vex vllm-orchestrator-gateway: vllm-orchestrator-gateway: Authorization header and full chat payloads logged at hard-coded DEBUG default under investigation: 1 2026-07-13T09:05:52+00:00 Vulnerability · Source
CVE-2026-57231 redhat_vex podman: Podman: Information disclosure via malicious container image environment variables fixed: 349 known affected: 28 known not affected: 9 2026-07-13T08:57:07+00:00 Vulnerability · Source
CVE-2026-5497 redhat_vex vllm: vLLM: Denial of Service via unbounded video frame processing known affected: 24 known not affected: 4 2026-07-13T08:11:13+00:00 Vulnerability · Source
CVE-2026-58467 redhat_vex cockpit: Cockpit CMS: Arbitrary file read and code execution via path traversal known affected: 32 2026-07-13T07:20:57+00:00 Vulnerability · Source
CVE-2023-54365 redhat_vex github.com/traefik/traefik: net/http2: Traefik: Denial of Service via HTTP/2 Rapid Reset technique known not affected: 3 2026-07-13T07:15:40+00:00 Vulnerability · Source
CVE-2026-58253 redhat_vex github.com/nats-io/nats-server: NATS Server: Authentication bypass and privilege escalation via parser fast path known not affected: 2 2026-07-13T07:11:35+00:00 Vulnerability · Source
CVE-2026-58208 redhat_vex github.com/nats-io/nats-server: NATS Server: Denial of Service due to incorrect MQTT-over-WebSocket request routing known not affected: 2 2026-07-13T07:06:26+00:00 Vulnerability · Source