VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221769 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-31229 | redhat_vex | adversarial-robustness-toolbox: kubeflow: python: Adversarial Robustness Toolbox (ART): Remote code execution via insecure deserialization in Kubeflow component | known not affected: 4 | 2026-07-08T07:15:59+00:00 | Vulnerability · Source |
| CVE-2026-4137 | redhat_vex | mlflow/mlflow: mlflow/mlflow: Arbitrary code execution via insecure temporary directory permissions | known affected: 1 known not affected: 16 | 2026-07-08T07:15:32+00:00 | Vulnerability · Source |
| CVE-2026-2652 | redhat_vex | mlflow: mlflow: Authentication bypass allows unauthorized job management and data injection | known not affected: 19 | 2026-07-08T07:15:26+00:00 | Vulnerability · Source |
| CVE-2026-49365 | redhat_vex | org.apache.camel/camel-netty-http: Apache Camel Netty HTTP: Information disclosure via error messages containing sensitive data | known affected: 3 | 2026-07-08T07:10:35+00:00 | Vulnerability · Source |
| CVE-2026-12479 | redhat_vex | keras: Path Traversal in keras-team/keras | known affected: 5 known not affected: 4 | 2026-07-08T07:05:31+00:00 | Vulnerability · Source |
| CVE-2026-40171 | redhat_vex | Jupyter Notebook: JupyterLab: @jupyter-notebook/help-extension: @jupyterlab/help-extension: Jupyter Notebook and JupyterLab: Session takeover via stored cross-site scripting | known affected: 14 known not affected: 2 | 2026-07-08T07:00:21+00:00 | Vulnerability · Source |
| CVE-2026-46726 | redhat_vex | camel-vertx-websocket: Apache Camel Vertx Websocket: Server-Side Request Forgery and sensitive data exposure | known affected: 2 | 2026-07-08T06:55:16+00:00 | Vulnerability · Source |
| CVE-2026-49098 | redhat_vex | camel-kafka: Apache Camel Kafka Component: Message redirection and injection via header manipulation | known affected: 2 | 2026-07-08T06:40:49+00:00 | Vulnerability · Source |
| CVE-2026-48746 | redhat_vex | vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API access | fixed: 6 known affected: 54 known not affected: 15 | 2026-07-08T06:40:39+00:00 | Vulnerability · Source |
| CVE-2026-14647 | redhat_vex | onnx: onnxruntime: ONNX: Information disclosure via out-of-bounds read | known affected: 16 known not affected: 2 | 2026-07-08T06:15:51+00:00 | Vulnerability · Source |
| CVE-2026-41283 | redhat_vex | openstack-mistral: OpenStack Mistral: Arbitrary Remote Code Execution via exposed API endpoints | known not affected: 8 | 2026-07-08T05:55:48+00:00 | Vulnerability · Source |
| CVE-2026-8147 | redhat_vex | mlflow: MLflow: Unauthorized access to trace data due to missing authorization validation | known affected: 1 known not affected: 18 | 2026-07-08T05:55:25+00:00 | Vulnerability · Source |
| CVE-2024-24788 | redhat_vex | golang: net: malformed DNS message can cause infinite loop | fixed: 877 known affected: 86 known not affected: 406 | 2026-07-08T05:41:12+00:00 | Vulnerability · Source |
| CVE-2026-55646 | redhat_vex | vllm: vLLM: Denial of Service due to excessive memory allocation via oversized audio file uploads | known not affected: 26 | 2026-07-08T05:33:45+00:00 | Vulnerability · Source |
| CVE-2026-4944 | redhat_vex | vllm: vllm-project/vllm: Remote Code Execution via malicious HuggingFace model repositories | known affected: 11 known not affected: 15 | 2026-07-08T05:30:59+00:00 | Vulnerability · Source |
| CVE-2026-31419 | redhat_vex | kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service | fixed: 2416 known affected: 22 known not affected: 42 | 2026-07-08T05:25:54+00:00 | Vulnerability · Source |
| CVE-2026-31402 | redhat_vex | kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache | fixed: 3227 known affected: 22 | 2026-07-08T05:25:47+00:00 | Vulnerability · Source |
| CVE-2026-23401 | redhat_vex | kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling | fixed: 2404 known affected: 22 known not affected: 42 | 2026-07-08T05:25:36+00:00 | Vulnerability · Source |
| CVE-2026-55514 | redhat_vex | vllm: vLLM: Denial of Service via crafted prompt in /v1/completions request | known affected: 20 known not affected: 6 | 2026-07-08T05:00:52+00:00 | Vulnerability · Source |
| CVE-2026-53263 | redhat_vex | kernel: 6lowpan: fix off-by-one in multicast context address compression | known affected: 156 known not affected: 118 | 2026-07-08T04:15:14+00:00 | Vulnerability · Source |
| CVE-2026-53280 | redhat_vex | kernel: iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done() | known affected: 76 known not affected: 198 | 2026-07-08T04:06:18+00:00 | Vulnerability · Source |
| CVE-2026-53291 | redhat_vex | kernel: ALSA: hda/conexant: Fix missing error check for jack detection | known affected: 184 known not affected: 90 | 2026-07-08T04:06:17+00:00 | Vulnerability · Source |
| CVE-2026-53297 | redhat_vex | kernel: net: mana: Guard mana_remove against double invocation | known affected: 232 known not affected: 42 | 2026-07-08T04:06:14+00:00 | Vulnerability · Source |
| CVE-2026-53278 | redhat_vex | kernel: arm_mpam: Check whether the config array is allocated before destroying it | known affected: 184 known not affected: 90 | 2026-07-08T04:06:12+00:00 | Vulnerability · Source |
| CVE-2026-53285 | redhat_vex | kernel: drm/amd/display: Wrap DCN32 phantom-plane allocation in DC_RUN_WITH_PREEMPTION_ENABLED | known not affected: 274 | 2026-07-08T04:06:10+00:00 | Vulnerability · Source |
| CVE-2026-53282 | redhat_vex | kernel: x86/kexec: Push kjump return address even for non-kjump kexec | known not affected: 274 | 2026-07-08T04:06:08+00:00 | Vulnerability · Source |
| CVE-2026-53295 | redhat_vex | kernel: mailbox: add sanity check for channel array | known affected: 260 known not affected: 14 | 2026-07-08T04:06:06+00:00 | Vulnerability · Source |
| CVE-2026-53289 | redhat_vex | kernel: ice: fix NULL pointer dereference in ice_reset_all_vfs() | known affected: 232 known not affected: 42 | 2026-07-08T04:06:04+00:00 | Vulnerability · Source |
| CVE-2026-53279 | redhat_vex | kernel: drm/gma500/oaktrail_lvds: fix hang on init failure | known affected: 124 known not affected: 150 | 2026-07-08T04:06:02+00:00 | Vulnerability · Source |
| CVE-2026-53274 | redhat_vex | kernel: net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS | known affected: 232 known not affected: 42 | 2026-07-08T04:06:01+00:00 | Vulnerability · Source |
| CVE-2026-53293 | redhat_vex | kernel: drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG | known not affected: 274 | 2026-07-08T04:05:58+00:00 | Vulnerability · Source |
| CVE-2026-53269 | redhat_vex | kernel: netfilter: synproxy: add mutex to guard hook reference counting | known affected: 184 known not affected: 90 | 2026-07-08T04:05:56+00:00 | Vulnerability · Source |
| CVE-2026-53294 | redhat_vex | kernel: mailbox: mailbox-test: don't free the reused channel | known affected: 232 known not affected: 42 | 2026-07-08T04:05:55+00:00 | Vulnerability · Source |
| CVE-2026-53287 | redhat_vex | kernel: audit: fix incorrect inheritable capability in CAPSET records | known affected: 274 | 2026-07-08T04:05:54+00:00 | Vulnerability · Source |
| CVE-2026-53272 | redhat_vex | kernel: erofs: fix use-after-free on sbi->sync_decompress | known affected: 76 known not affected: 198 | 2026-07-08T04:05:48+00:00 | Vulnerability · Source |
| CVE-2026-53292 | redhat_vex | kernel: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind | known affected: 14 known not affected: 260 | 2026-07-08T04:05:46+00:00 | Vulnerability · Source |
| CVE-2026-53296 | redhat_vex | kernel: mailbox: mailbox-test: free channels on probe error | known affected: 232 known not affected: 42 | 2026-07-08T04:05:43+00:00 | Vulnerability · Source |
| CVE-2026-53283 | redhat_vex | kernel: iommu/amd: Bounds-check devid in __rlookup_amd_iommu() | known affected: 184 known not affected: 90 | 2026-07-08T04:05:43+00:00 | Vulnerability · Source |
| CVE-2026-53286 | redhat_vex | kernel: idpf: fix double free and use-after-free in aux device error paths | known affected: 184 known not affected: 90 | 2026-07-08T04:05:36+00:00 | Vulnerability · Source |
| CVE-2026-13595 | redhat_vex | util-linux: util-linux: heap use-after-free in libblkid nested partition probing | fixed: 3 known affected: 56 | 2026-07-08T03:45:13+00:00 | Vulnerability · Source |
| CVE-2026-13601 | redhat_vex | yelp: yelp-xsl: Overly Permissive Content Security Policy in Yelp Allows Host File Disclosure from Flatpak Applications | known affected: 14 | 2026-07-08T03:45:13+00:00 | Vulnerability · Source |
| CVE-2026-41988 | redhat_vex | uuid: uuid: Unexpected data writes when using external output buffers with specific UUID versions | known affected: 457 known not affected: 13 | 2026-07-08T03:36:05+00:00 | Vulnerability · Source |
| CVE-2026-41082 | redhat_vex | ocaml-opam: path traversal via the .install field | known affected: 2 | 2026-07-08T03:35:13+00:00 | Vulnerability · Source |
| CVE-2026-53317 | microsoft_vex | wifi: mt76: mt7921: Place upper limit on station AID | known affected: 1 | 2026-07-08T01:01:49+00:00 | Vulnerability · Source |
| CVE-2026-53233 | redhat_vex | kernel: netdev: fix double-free in netdev_nl_bind_rx_doit() | known affected: 76 known not affected: 198 | 2026-07-08T00:16:42+00:00 | Vulnerability · Source |
| CVE-2025-12799 | redhat_vex | jastow: Jastow Cross-Site Scripting attack due to unsanitized URI | fixed: 721 known affected: 10 known not affected: 1 | 2026-07-07T23:59:54+00:00 | Vulnerability · Source |
| CVE-2026-43112 | redhat_vex | kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath | fixed: 762 known affected: 23 known not affected: 43 | 2026-07-07T23:59:27+00:00 | Vulnerability · Source |
| CVE-2026-53241 | redhat_vex | kernel: ALSA: seq: dummy: fix UMP event stack overread | known affected: 198 known not affected: 76 | 2026-07-07T22:35:03+00:00 | Vulnerability · Source |
| CVE-2026-53245 | redhat_vex | kernel: net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr | known affected: 260 known not affected: 14 | 2026-07-07T22:25:09+00:00 | Vulnerability · Source |
| CVE-2026-53249 | redhat_vex | kernel: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options | known affected: 274 | 2026-07-07T22:15:07+00:00 | Vulnerability · Source |