VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221826 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53052 | microsoft_vex | ASoC: qcom: qdsp6: topology: check widget type before accessing data | known not affected: 1 | 2026-07-03T01:03:55+00:00 | Vulnerability · Source |
| CVE-2025-3528 | redhat_vex | mirror-registry: Local privilege escalation due to incorrect permissions in mirror-registry | fixed: 3 known affected: 1 | 2026-07-03T01:03:54+00:00 | Vulnerability · Source |
| CVE-2026-55200 | microsoft_vex | libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c | fixed: 2 known affected: 3 known not affected: 1 | 2026-07-03T01:03:42+00:00 | Vulnerability · Source |
| CVE-2026-53043 | microsoft_vex | ocfs2/dlm: validate qr_numregions in dlm_match_regions() | known not affected: 1 | 2026-07-03T01:03:26+00:00 | Vulnerability · Source |
| CVE-2026-52913 | microsoft_vex | batman-adv: v: stop OGMv2 on disabled interface | known not affected: 1 | 2026-07-03T01:03:20+00:00 | Vulnerability · Source |
| CVE-2026-53195 | microsoft_vex | USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() | known not affected: 1 | 2026-07-03T01:03:06+00:00 | Vulnerability · Source |
| CVE-2026-52944 | microsoft_vex | ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE | known not affected: 1 | 2026-07-03T01:02:51+00:00 | Vulnerability · Source |
| CVE-2026-53196 | microsoft_vex | USB: serial: io_ti: fix heap overflow in get_manuf_info() | known not affected: 1 | 2026-07-03T01:02:44+00:00 | Vulnerability · Source |
| CVE-2026-52962 | microsoft_vex | ceph: fix a buffer leak in __ceph_setxattr() | fixed: 1 known affected: 1 under investigation: 1 | 2026-07-03T01:02:37+00:00 | Vulnerability · Source |
| CVE-2026-52935 | microsoft_vex | xfrm: espintcp: do not reuse an in-progress partial send | known not affected: 1 | 2026-07-03T01:02:31+00:00 | Vulnerability · Source |
| CVE-2026-53130 | microsoft_vex | fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START | known not affected: 1 | 2026-07-03T01:02:24+00:00 | Vulnerability · Source |
| CVE-2026-53048 | microsoft_vex | gfs2: prevent NULL pointer dereference during unmount | known not affected: 1 | 2026-07-03T01:02:17+00:00 | Vulnerability · Source |
| CVE-2026-53160 | microsoft_vex | misc: fastrpc: fix use-after-free race in fastrpc_map_create | known not affected: 1 | 2026-07-03T01:02:11+00:00 | Vulnerability · Source |
| CVE-2026-56149 | microsoft_vex | Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service | known affected: 1 | 2026-07-03T01:02:04+00:00 | Vulnerability · Source |
| CVE-2026-53010 | microsoft_vex | ksmbd: fix use-after-free in smb2_open during durable reconnect | known affected: 1 known not affected: 1 | 2026-07-03T01:02:03+00:00 | Vulnerability · Source |
| CVE-2026-53097 | microsoft_vex | wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work() | known affected: 1 known not affected: 1 | 2026-07-03T01:01:57+00:00 | Vulnerability · Source |
| CVE-2026-49090 | microsoft_vex | Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service | known affected: 1 | 2026-07-03T01:01:57+00:00 | Vulnerability · Source |
| CVE-2026-52992 | microsoft_vex | fs/adfs: validate nzones in adfs_validate_bblk() | known not affected: 1 | 2026-07-03T01:01:51+00:00 | Vulnerability · Source |
| CVE-2026-52954 | microsoft_vex | libceph: handle rbtree insertion error in decode_choose_args() | fixed: 1 known affected: 2 | 2026-07-03T01:01:44+00:00 | Vulnerability · Source |
| CVE-2026-52946 | microsoft_vex | fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling | fixed: 1 known affected: 2 | 2026-07-03T01:01:37+00:00 | Vulnerability · Source |
| CVE-2026-43167 | redhat_vex | kernel: xfrm: always flush state and policy upon NETDEV_UNREGISTER event | known affected: 232 known not affected: 42 | 2026-07-02T21:46:29+00:00 | Vulnerability · Source |
| CVE-2026-43251 | redhat_vex | kernel: HID: prodikeys: Check presence of pm->input_ep82 | known affected: 260 known not affected: 14 | 2026-07-02T21:44:59+00:00 | Vulnerability · Source |
| CVE-2026-43216 | redhat_vex | kernel: net: Drop the lock in skb_may_tx_timestamp() | known affected: 246 known not affected: 28 | 2026-07-02T21:44:57+00:00 | Vulnerability · Source |
| CVE-2026-43215 | redhat_vex | kernel: cifs: Fix locking usage for tcon fields | known affected: 232 known not affected: 42 | 2026-07-02T21:44:54+00:00 | Vulnerability · Source |
| CVE-2026-43153 | redhat_vex | kernel: xfs: remove xfs_attr_leaf_hasname | known affected: 232 known not affected: 42 | 2026-07-02T21:44:52+00:00 | Vulnerability · Source |
| CVE-2026-43139 | redhat_vex | kernel: xfrm6: fix uninitialized saddr in xfrm6_get_saddr() | known affected: 274 | 2026-07-02T21:44:49+00:00 | Vulnerability · Source |
| CVE-2026-42042 | redhat_vex | axios: Axios: XSRF token bypass leading to information disclosure | known affected: 89 known not affected: 1 | 2026-07-02T21:44:47+00:00 | Vulnerability · Source |
| CVE-2026-42038 | redhat_vex | axios: Axios: Information disclosure due to `no_proxy` bypass | known affected: 89 known not affected: 1 | 2026-07-02T21:44:47+00:00 | Vulnerability · Source |
| CVE-2026-42037 | redhat_vex | axios: Node.js: Axios: Information disclosure via CRLF injection in multipart Content-Type header | known affected: 89 known not affected: 1 | 2026-07-02T21:44:44+00:00 | Vulnerability · Source |
| CVE-2026-41257 | redhat_vex | jq: signed-int overflow in stack_reallocate | fixed: 3 known affected: 14 | 2026-07-02T21:44:41+00:00 | Vulnerability · Source |
| CVE-2026-34479 | redhat_vex | org.apache.logging.log4j/log4j-1.2-api: Apache Log4j 1-to-Log4j 2 bridge: Log processing denial of service due to improper XML escaping | fixed: 2 known affected: 16 | 2026-07-02T21:44:37+00:00 | Vulnerability · Source |
| CVE-2026-34477 | redhat_vex | org.apache.logging.log4j/log4j-core: Apache Log4j Core: Man-in-the-middle attack due to incomplete hostname verification | fixed: 2 known affected: 59 | 2026-07-02T21:44:34+00:00 | Vulnerability · Source |
| CVE-2026-33750 | redhat_vex | brace-expansion: brace-expansion: Denial of Service via zero step value in brace pattern | known affected: 249 known not affected: 2 | 2026-07-02T21:44:30+00:00 | Vulnerability · Source |
| CVE-2026-33672 | redhat_vex | picomatch: Picomatch: Data integrity compromised via method injection with crafted POSIX bracket expressions | known affected: 186 | 2026-07-02T21:44:29+00:00 | Vulnerability · Source |
| CVE-2026-31988 | redhat_vex | yauzl: yauzl: Denial of Service vulnerability in zip file processing | fixed: 1 known affected: 63 known not affected: 2 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-32284 | redhat_vex | github.com/shamaton/msgpack: msgpack: Denial of Service via truncated fixext data | known affected: 167 known not affected: 2 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-33671 | redhat_vex | picomatch: Picomatch: Regular Expression Denial of Service via crafted extglob patterns | fixed: 12 known affected: 186 known not affected: 85 | 2026-07-02T21:44:23+00:00 | Vulnerability · Source |
| CVE-2026-10028 | redhat_vex | glib-networking: Infinite loop in glib-networking GnuTLS backend allows remote denial of service via circular certificate chain | known affected: 7 | 2026-07-02T21:42:38+00:00 | Vulnerability · Source |
| CVE-2026-27601 | redhat_vex | Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions | fixed: 3 known affected: 91 known not affected: 6 | 2026-07-02T21:42:26+00:00 | Vulnerability · Source |
| CVE-2026-25547 | redhat_vex | brace-expansion: brace-expansion: Denial of Service via unbounded brace range expansion | fixed: 276 known affected: 129 | 2026-07-02T21:42:23+00:00 | Vulnerability · Source |
| CVE-2026-23893 | redhat_vex | openCryptoki: openCryptoki: Privilege Escalation or Data Exposure via Symlink Following | fixed: 506 known affected: 12 | 2026-07-02T21:42:19+00:00 | Vulnerability · Source |
| CVE-2026-21726 | redhat_vex | Loki: Loki: Information disclosure via path traversal vulnerability | known affected: 26 | 2026-07-02T21:42:19+00:00 | Vulnerability · Source |
| CVE-2026-1225 | redhat_vex | ch.qos.logback/logback-core: Malicious logback.xml configuration file allows instantiation of arbitrary classes | known affected: 66 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2023-53556 | redhat_vex | kernel: Linux kernel iavf driver: Denial of Service via use-after-free vulnerability | fixed: 717 known affected: 66 known not affected: 90 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-2739 | redhat_vex | bn.js: bn.js: Denial of Service via calling maskn(0) | known affected: 65 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-2391 | redhat_vex | qs: qs's arrayLimit bypass in comma parsing allows denial of service | known affected: 134 | 2026-07-02T21:42:14+00:00 | Vulnerability · Source |
| CVE-2026-12912 | redhat_vex | libtiff: libtiff: Heap-based buffer overflow via crafted PixarLog-compressed TIFF image | fixed: 3 known affected: 30 known not affected: 1 | 2026-07-02T21:35:10+00:00 | Vulnerability · Source |
| CVE-2026-53231 | redhat_vex | kernel: net: phy: don't try to setup PHY-driven SFP cages when using genphy | known affected: 14 known not affected: 260 | 2026-07-02T21:32:43+00:00 | Vulnerability · Source |
| CVE-2026-53214 | redhat_vex | kernel: ipv6: Fix a potential NPD in cleanup_prefix_route() | known affected: 90 known not affected: 184 | 2026-07-02T21:32:40+00:00 | Vulnerability · Source |
| CVE-2026-53210 | redhat_vex | kernel: tee: shm: fix shm leak in register_shm_helper() | known affected: 76 known not affected: 198 | 2026-07-02T21:32:39+00:00 | Vulnerability · Source |