VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221830 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-33381 redhat_vex grafana: Grafana: Temporary access control bypass for service account token minting known affected: 27 2026-07-02T21:30:24+00:00 Vulnerability · Source
CVE-2026-28383 redhat_vex grafana: Grafana: Denial of Service via unbounded memory allocation in plugin resources endpoint known affected: 25 known not affected: 2 2026-07-02T21:30:22+00:00 Vulnerability · Source
CVE-2026-28380 redhat_vex grafana: Grafana: Unauthorized snapshot deletion via Broken Access Control in Snapshot API known affected: 27 2026-07-02T21:30:19+00:00 Vulnerability · Source
CVE-2026-9538 redhat_vex perl-Archive-Tar: perl-Archive-Tar: Denial of Service via crafted tar header with large entry size known affected: 10 2026-07-02T21:30:09+00:00 Vulnerability · Source
CVE-2026-10275 redhat_vex opensc: OpenSC: Buffer overflow in pkcs11-tool Key Generation Module known affected: 8 2026-07-02T21:30:09+00:00 Vulnerability · Source
CVE-2026-39956 redhat_vex jq: missing runtime type checks for _strindices lead to crash and limited memory disclosure fixed: 3 known affected: 14 2026-07-02T20:13:13+00:00 Vulnerability · Source
CVE-2026-33947 redhat_vex jq: unbounded Recursion in jv_setpath() / jv_getpath() / delpaths_sorted() fixed: 3 known affected: 14 2026-07-02T20:13:05+00:00 Vulnerability · Source
CVE-2026-32316 redhat_vex jq: jq: Denial of Service or potential arbitrary code execution due to integer overflow and heap-based buffer overflow fixed: 3 known affected: 14 2026-07-02T20:13:04+00:00 Vulnerability · Source
CVE-2026-21727 redhat_vex Grafana: Grafana: Cross-tenant data disclosure and deletion via legacy correlation records known affected: 24 2026-07-02T20:13:04+00:00 Vulnerability · Source
CVE-2026-43496 redhat_vex kernel: net/sched: sch_red: Replace direct dequeue call with peek and qdisc_dequeue_peeked known affected: 274 2026-07-02T19:46:16+00:00 Vulnerability · Source
CVE-2026-43483 redhat_vex kernel: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated known affected: 232 known not affected: 42 2026-07-02T19:46:13+00:00 Vulnerability · Source
CVE-2026-43477 redhat_vex kernel: drm/i915/vrr: Configure VRR timings after enabling TRANS_DDI_FUNC_CTL known affected: 184 known not affected: 90 2026-07-02T19:46:11+00:00 Vulnerability · Source
CVE-2026-43194 redhat_vex kernel: net: consume xmit errors of GSO frames known affected: 274 2026-07-02T19:46:07+00:00 Vulnerability · Source
CVE-2026-3633 redhat_vex libsoup: libsoup: Header and HTTP request injection via CRLF injection known affected: 16 2026-07-02T19:46:05+00:00 Vulnerability · Source
CVE-2026-3632 redhat_vex libsoup: libsoup: HTTP Smuggling and Server-Side Request Forgery via Malformed Hostnames known affected: 16 2026-07-02T19:46:02+00:00 Vulnerability · Source
CVE-2026-43314 redhat_vex kernel: dm: remove fake timeout to avoid leak request known affected: 260 known not affected: 14 2026-07-02T19:45:56+00:00 Vulnerability · Source
CVE-2026-43313 redhat_vex kernel: ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() known affected: 260 known not affected: 14 2026-07-02T19:45:53+00:00 Vulnerability · Source
CVE-2026-43311 redhat_vex kernel: soc/tegra: pmc: Fix unsafe generic_handle_irq() call known affected: 184 known not affected: 90 2026-07-02T19:45:51+00:00 Vulnerability · Source
CVE-2026-43259 redhat_vex kernel: phy: fsl-imx8mq-usb: set platform driver data known affected: 184 known not affected: 90 2026-07-02T19:45:48+00:00 Vulnerability · Source
CVE-2026-43092 redhat_vex kernel: xsk: validate MTU against usable frame size on bind known affected: 184 known not affected: 90 2026-07-02T19:45:43+00:00 Vulnerability · Source
CVE-2026-56365 redhat_vex Magick.NET-Q16-AnyCPU: Magick.NET-Q16-HDRI-AnyCPU: Magick.NET-Q16-HDRI-OpenMP-arm64: Magick.NET-Q16-HDRI-arm64: Magick.NET-Q16-HDRI-x64: Magick.NET-Q16-HDRI-x86: Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-arm64: Magick.NET-Q16-x64: Magick.NET-Q16-x86: Magick.NET-Q16-HDRI-OpenMP-x64: Magick.NET-Q8-AnyCPU: Magick.NET-Q8-OpenMP-arm64: Magick.NET-Q8-OpenMP-x64: Magick.NET-Q8-arm64: Magick.NET-Q8-x64: Magick.NET-Q8-x86: ImageMagick: Denial of Service due to memory leak in PNG encoder when processing MNG images known affected: 14 2026-07-02T19:45:38+00:00 Vulnerability · Source
CVE-2026-43066 redhat_vex kernel: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths known affected: 184 known not affected: 90 2026-07-02T19:45:38+00:00 Vulnerability · Source
CVE-2026-46063 redhat_vex kernel: x86/shstk: Prevent deadlock during shstk sigreturn known affected: 184 known not affected: 90 2026-07-02T19:45:34+00:00 Vulnerability · Source
CVE-2026-31668 redhat_vex kernel: seg6: separate dst_cache for input and output paths in seg6 lwtunnel known affected: 184 known not affected: 90 2026-07-02T19:45:33+00:00 Vulnerability · Source
CVE-2026-23261 redhat_vex kernel: nvme-fc: release admin tagset if init fails known affected: 260 known not affected: 14 2026-07-02T19:45:29+00:00 Vulnerability · Source
CVE-2026-22735 redhat_vex org.springframework/spring-webmvc: org.springframework/spring-webflux: Spring MVC and WebFlux: Stream corruption vulnerability when using Server-Sent Events known affected: 36 2026-07-02T19:43:13+00:00 Vulnerability · Source
CVE-2025-71117 redhat_vex kernel: Linux kernel: Denial of Service via deadlock in block layer sysfs store callbacks fixed: 309 known affected: 108 known not affected: 90 2026-07-02T19:43:11+00:00 Vulnerability · Source
CVE-2026-1703 redhat_vex pip: pip: Information disclosure via path traversal when installing crafted wheel archives fixed: 2 known affected: 113 2026-07-02T19:43:11+00:00 Vulnerability · Source
CVE-2026-42268 redhat_vex mod_security: ModSecurity: Denial of Service via unsigned integer underflow in rule verification functions known affected: 6 2026-07-02T19:42:58+00:00 Vulnerability · Source
CVE-2026-43459 redhat_vex kernel: ASoC: soc-core: flush delayed work before removing DAIs and widgets known affected: 232 known not affected: 42 2026-07-02T19:42:39+00:00 Vulnerability · Source
CVE-2026-43452 redhat_vex kernel: netfilter: x_tables: guard option walkers against 1-byte tail reads known affected: 274 2026-07-02T19:42:36+00:00 Vulnerability · Source
CVE-2026-43407 redhat_vex kernel: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() known affected: 260 known not affected: 14 2026-07-02T19:42:34+00:00 Vulnerability · Source
CVE-2026-42946 redhat_vex nginx: ngx_http_scgi_module: ngx_http_uwsgi_module: information disclosure and denial of service known affected: 55 known not affected: 1 2026-07-02T19:42:32+00:00 Vulnerability · Source
CVE-2026-28386 redhat_vex openssl: openssl: Denial of Service due to out-of-bounds read in AES-CFB128 fixed: 3 known affected: 36 known not affected: 32 2026-07-02T19:42:30+00:00 Vulnerability · Source
CVE-2026-40016 redhat_vex dovecot: Dovecot: Denial of Service due to Sieve script CPU limit bypass known affected: 24 2026-07-02T19:38:04+00:00 Vulnerability · Source
CVE-2026-33227 redhat_vex org.apache.activemq/activemq-client: org.apache.activemq/activemq-broker: org.apache.activemq/activemq-all: org.apache.activemq/activemq-web: improper limitation of a pathname to a restricted classpath directory known affected: 22 2026-07-02T19:37:55+00:00 Vulnerability · Source
CVE-2026-31523 redhat_vex kernel: nvme-pci: ensure we're polling a polled queue known affected: 260 known not affected: 14 2026-07-02T19:37:54+00:00 Vulnerability · Source
CVE-2026-31435 redhat_vex kernel: netfs: Fix read abandonment during retry known affected: 260 known not affected: 14 2026-07-02T19:37:52+00:00 Vulnerability · Source
CVE-2025-64118 redhat_vex node-tar: tar: node-tar: Information disclosure via reading a truncated tar file known affected: 172 2026-07-02T19:37:49+00:00 Vulnerability · Source
CVE-2026-43894 redhat_vex jq: jq: Arbitrary Code Execution or Denial of Service via Signed Integer Overflow fixed: 3 known affected: 14 2026-07-02T19:37:45+00:00 Vulnerability · Source
CVE-2026-43472 redhat_vex kernel: unshare: fix unshare_fs() handling known affected: 274 2026-07-02T19:37:43+00:00 Vulnerability · Source
CVE-2026-43468 redhat_vex kernel: net/mlx5: Fix deadlock between devlink lock and esw->wq known affected: 246 known not affected: 28 2026-07-02T19:37:41+00:00 Vulnerability · Source
CVE-2026-43429 redhat_vex kernel: USB: usbtmc: Use usb_bulk_msg_killable() with user-specified timeouts known affected: 274 2026-07-02T19:37:38+00:00 Vulnerability · Source
CVE-2026-43351 redhat_vex kernel: KVM: arm64: Eagerly init vgic dist/redist on vgic creation known affected: 184 known not affected: 90 2026-07-02T19:37:33+00:00 Vulnerability · Source
CVE-2026-43346 redhat_vex kernel: ice: ptp: don't WARN when controlling PF is unavailable known affected: 184 known not affected: 90 2026-07-02T19:37:31+00:00 Vulnerability · Source
CVE-2026-43292 redhat_vex kernel: mm/vmalloc: prevent RCU stalls in kasan_release_vmalloc_node known affected: 274 2026-07-02T19:37:29+00:00 Vulnerability · Source
CVE-2026-43325 redhat_vex kernel: wifi: iwlwifi: mvm: don't send a 6E related command when not supported known affected: 184 known not affected: 90 2026-07-02T19:37:28+00:00 Vulnerability · Source
CVE-2026-43296 redhat_vex kernel: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky known affected: 184 known not affected: 90 2026-07-02T19:37:26+00:00 Vulnerability · Source
CVE-2026-43278 redhat_vex kernel: dm: clear cloned request bio pointer when last clone bio completes known affected: 260 known not affected: 14 2026-07-02T19:37:21+00:00 Vulnerability · Source
CVE-2026-43261 redhat_vex kernel: arm64: Add support for TSV110 Spectre-BHB mitigation known affected: 184 known not affected: 90 2026-07-02T19:37:20+00:00 Vulnerability · Source