VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221666 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-57216 microsoft_vex RabbitMQ: AMQP 1.0, AMQP 0-9-1, Stream Protocol loopback enforcement can lead to remote guest sessions due to listener-address loopback checks known affected: 1 2026-07-15T01:02:45+00:00 Vulnerability · Source
CVE-2026-57213 microsoft_vex RabbitMQ: Stored XSS federation management plugin via unsanitized consumer_tag rendering known affected: 1 2026-07-15T01:02:32+00:00 Vulnerability · Source
CVE-2026-57217 microsoft_vex RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass known affected: 1 2026-07-15T01:02:26+00:00 Vulnerability · Source
CVE-2026-57220 microsoft_vex RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS known affected: 1 2026-07-15T01:02:20+00:00 Vulnerability · Source
CVE-2026-57219 microsoft_vex RabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurations known affected: 1 2026-07-15T01:02:14+00:00 Vulnerability · Source
CVE-2026-59831 microsoft_vex GitHub CLI `gh codespace jupyter` could allow remote code execution when connecting to a malicious Codespace known affected: 1 2026-07-15T01:02:07+00:00 Vulnerability · Source
CVE-2026-59875 microsoft_vex node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records known affected: 1 2026-07-15T01:01:52+00:00 Vulnerability · Source
CVE-2026-42505 microsoft_vex Invoking Encrypted Client Hello privacy leak in crypto/tls known affected: 2 2026-07-15T01:01:45+00:00 Vulnerability · Source
CVE-2026-39822 microsoft_vex Root escape via symlink plus trailing slash in os known affected: 2 2026-07-15T01:01:36+00:00 Vulnerability · Source
CVE-2026-13221 microsoft_vex Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk fixed: 1 known affected: 1 2026-07-15T01:01:27+00:00 Vulnerability · Source
CVE-2026-57432 microsoft_vex Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack fixed: 1 known affected: 1 2026-07-15T01:01:20+00:00 Vulnerability · Source
CVE-2026-44431 redhat_vex urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers fixed: 90 known affected: 142 known not affected: 505 2026-07-15T00:41:30+00:00 Vulnerability · Source
CVE-2024-22047 redhat_vex audited: race condition can lead to audit logs being incorrectly attributed to the wrong user fixed: 2 known not affected: 1862 2026-07-15T00:08:17+00:00 Vulnerability · Source
CVE-2026-60103 redhat_vex blender: Blender: Denial of Service and information disclosure via crafted .blend file known not affected: 1 2026-07-15T00:07:46+00:00 Vulnerability · Source
CVE-2026-28390 redhat_vex openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing fixed: 301 known affected: 307 known not affected: 283 under investigation: 7 2026-07-15T00:07:03+00:00 Vulnerability · Source
CVE-2026-34980 redhat_vex cups: OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network fixed: 19 known affected: 15 known not affected: 261 2026-07-15T00:06:57+00:00 Vulnerability · Source
CVE-2026-48914 redhat_vex qemu-kvm: Heap buffer overflow in virtio-blk SCSI request handling fixed: 116 known affected: 59 2026-07-15T00:06:50+00:00 Vulnerability · Source
CVE-2026-39246 redhat_vex decompress: decompress: arbitrary symlink creation during archive extraction leads to information disclosure known affected: 4 2026-07-15T00:00:53+00:00 Vulnerability · Source
CVE-2026-48523 redhat_vex python-pyjwt: PyJWT: Verifier-side algorithm bypass leads to unauthorized information access fixed: 4 known affected: 179 known not affected: 18 2026-07-14T23:54:34+00:00 Vulnerability · Source
CVE-2026-53550 redhat_vex js-yaml: js-yaml: Denial of Service via crafted YAML merge keys fixed: 4 known affected: 138 known not affected: 50 2026-07-14T23:54:34+00:00 Vulnerability · Source
CVE-2026-6637 redhat_vex postgresql: PostgreSQL: Arbitrary code execution vulnerability in 'refint' module fixed: 559 known affected: 111 known not affected: 75 2026-07-14T23:41:18+00:00 Vulnerability · Source
CVE-2026-6479 redhat_vex postgresql: PostgreSQL: Denial of Service via uncontrolled recursion in SSL/GSS negotiation fixed: 306 known affected: 49 known not affected: 137 2026-07-14T23:41:15+00:00 Vulnerability · Source
CVE-2026-45822 redhat_vex decode-uri-component: decode-uri-component: Denial of Service via crafted input known affected: 13 known not affected: 30 2026-07-14T22:56:53+00:00 Vulnerability · Source
CVE-2026-53016 redhat_vex kernel: crypto: ccp - copy IV using skcipher ivsize fixed: 612 known affected: 70 known not affected: 42 2026-07-14T22:23:01+00:00 Vulnerability · Source
CVE-2026-56117 redhat_vex dhcpcd: dhcpcd: Local heap use-after-free vulnerability leads to denial of service. known affected: 1 2026-07-14T22:10:45+00:00 Vulnerability · Source
CVE-2026-56113 redhat_vex dhcpcd: dhcpcd: Denial of Service via crafted DHCPv6 RENEW reply known affected: 1 2026-07-14T22:05:55+00:00 Vulnerability · Source
CVE-2026-56114 redhat_vex dhcpcd: dhcpcd: Denial of Service due to stack out-of-bounds write via crafted DHCPv6 message known affected: 1 2026-07-14T22:05:53+00:00 Vulnerability · Source
CVE-2026-47099 redhat_vex telejson: TeleJSON: Arbitrary code execution via DOM-based cross-site scripting known affected: 5 2026-07-14T22:05:52+00:00 Vulnerability · Source
CVE-2026-48864 redhat_vex libsolv: Heap buffer overflow in libsolv repopagestore via unchecked decompression of malicious .solv page data fixed: 326 known affected: 11 known not affected: 1 2026-07-14T21:36:10+00:00 Vulnerability · Source
CVE-2025-6170 redhat_vex libxml2: Stack Buffer Overflow in xmllint Interactive Shell Command Handling fixed: 146 known affected: 12 2026-07-14T21:21:37+00:00 Vulnerability · Source
CVE-2026-39882 redhat_vex github.com/open-telemetry/opentelemetry-go: golang: OpenTelemetry-Go: Memory exhaustion via uncapped HTTP response body reading fixed: 4 known not affected: 120 under investigation: 1 2026-07-14T21:20:45+00:00 Vulnerability · Source
CVE-2026-14683 redhat_vex HdrHistogram: HdrHistogram: Denial of Service via uncontrolled memory allocation known affected: 7 known not affected: 9 2026-07-14T20:55:54+00:00 Vulnerability · Source
CVE-2025-68114 redhat_vex capstone: Capstone: Memory corruption via unchecked vsnprintf return fixed: 276 known not affected: 129 2026-07-14T20:55:13+00:00 Vulnerability · Source
CVE-2026-56115 redhat_vex dhcpcd: dhcpcd: Denial of Service via crafted DHCPv6 ADVERTISE message known affected: 1 2026-07-14T20:51:26+00:00 Vulnerability · Source
CVE-2026-44546 redhat_vex daphne: daphne: Information disclosure via header injection due to parser differential known affected: 8 2026-07-14T20:51:24+00:00 Vulnerability · Source
CVE-2026-54516 redhat_vex jackson-databind: jackson-databind: Security bypass due to improper handling of renamed properties known affected: 64 known not affected: 38 2026-07-14T20:51:23+00:00 Vulnerability · Source
CVE-2026-54515 redhat_vex jackson-databind: jackson-databind: Ignored properties can be unexpectedly modified known affected: 101 known not affected: 1 2026-07-14T20:51:20+00:00 Vulnerability · Source
CVE-2026-54517 redhat_vex jackson-databind: jackson-databind: Information disclosure via improper JsonView filter application known affected: 89 known not affected: 13 2026-07-14T20:51:19+00:00 Vulnerability · Source
CVE-2026-50292 redhat_vex libinput: local privilege escalation via crafted uinput devices fixed: 45 known affected: 11 2026-07-14T20:51:15+00:00 Vulnerability · Source
CVE-2026-53362 redhat_vex kernel: kernel: ipv6 frag escape fixed: 663 known not affected: 198 2026-07-14T20:49:17+00:00 Vulnerability · Source
CVE-2026-59869 redhat_vex js-yaml: js-yaml: Denial of Service via crafted YAML documents fixed: 15 known affected: 69 known not affected: 4 under investigation: 122 2026-07-14T20:41:38+00:00 Vulnerability · Source
CVE-2026-52965 redhat_vex kernel: drm/ttm: Fix ttm_bo_swapout() infinite LRU walk on swapout failure known affected: 184 known not affected: 90 2026-07-14T20:35:59+00:00 Vulnerability · Source
CVE-2026-52966 redhat_vex kernel: drm: Replace old pointer to new idr known affected: 274 2026-07-14T20:35:55+00:00 Vulnerability · Source
CVE-2026-52968 redhat_vex kernel: KVM: s390: pci: fix GAIT table indexing due to double-scaling pointer arithmetic known affected: 232 known not affected: 28 under investigation: 14 2026-07-14T20:35:54+00:00 Vulnerability · Source
CVE-2026-53001 redhat_vex kernel: netfilter: xtables: restrict several matches to inet family known affected: 274 2026-07-14T20:20:43+00:00 Vulnerability · Source
CVE-2026-53004 redhat_vex kernel: sctp: fix OOB write to userspace in sctp_getsockopt_peer_auth_chunks known affected: 274 2026-07-14T20:20:42+00:00 Vulnerability · Source
CVE-2026-14685 redhat_vex HdrHistogram: HdrHistogram: Local state issue via 'Count' argument manipulation known affected: 7 known not affected: 9 2026-07-14T20:10:51+00:00 Vulnerability · Source
CVE-2026-48068 redhat_vex grpc-js: @grpc/grpc-js: Server crash via malformed HTTP/2 stream initiation known affected: 5 2026-07-14T20:10:47+00:00 Vulnerability · Source
CVE-2026-48038 redhat_vex joi: joi: Denial of Service via uncaught RangeError on deeply nested input through recursive link() schemas known affected: 6 known not affected: 2 2026-07-14T20:10:44+00:00 Vulnerability · Source
CVE-2026-44918 redhat_vex openstack-ironic: Prevent rehoming resources to nodes with different owner known affected: 10 known not affected: 4 2026-07-14T20:10:42+00:00 Vulnerability · Source