VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221830 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-9076 | redhat_vex | openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption | fixed: 100 known affected: 51 known not affected: 1 | 2026-07-02T17:17:30+00:00 | Vulnerability · Source |
| CVE-2026-47778 | redhat_vex | envoy: Envoy: Information disclosure via malicious certificate with NUL byte in DNS Subject Alternative Name (SAN) | known affected: 2 | 2026-07-02T17:17:16+00:00 | Vulnerability · Source |
| CVE-2026-43204 | redhat_vex | kernel: ASoC: qcom: q6asm: drop DSP responses for closed data streams | known affected: 184 known not affected: 90 | 2026-07-02T17:17:10+00:00 | Vulnerability · Source |
| CVE-2026-43172 | redhat_vex | kernel: wifi: iwlwifi: fix 22000 series SMEM parsing | known affected: 260 known not affected: 14 | 2026-07-02T17:17:06+00:00 | Vulnerability · Source |
| CVE-2026-43150 | redhat_vex | kernel: perf/arm-cmn: Reject unsupported hardware configurations | known affected: 232 known not affected: 42 | 2026-07-02T17:16:59+00:00 | Vulnerability · Source |
| CVE-2026-43144 | redhat_vex | kernel: wifi: brcmfmac: Fix potential kernel oops when probe fails | known affected: 184 known not affected: 90 | 2026-07-02T17:16:57+00:00 | Vulnerability · Source |
| CVE-2026-43099 | redhat_vex | kernel: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:53+00:00 | Vulnerability · Source |
| CVE-2026-43070 | redhat_vex | kernel: bpf: Reset register ID for BPF_END value tracking | known affected: 260 known not affected: 14 | 2026-07-02T17:16:52+00:00 | Vulnerability · Source |
| CVE-2026-43065 | redhat_vex | kernel: ext4: always drain queued discard work in ext4_mb_release() | known affected: 198 known not affected: 76 | 2026-07-02T17:16:49+00:00 | Vulnerability · Source |
| CVE-2026-42036 | redhat_vex | axios: Axios: Denial of Service via unbounded stream consumption when 'responseType: 'stream'' is used | known affected: 85 known not affected: 4 | 2026-07-02T17:16:44+00:00 | Vulnerability · Source |
| CVE-2026-42034 | redhat_vex | axios: Axios: Denial of Service via oversized streamed uploads bypassing body limits | known affected: 85 known not affected: 4 | 2026-07-02T17:16:43+00:00 | Vulnerability · Source |
| CVE-2026-41305 | redhat_vex | postcss: PostCSS: Cross-Site Scripting (XSS) via improper escaping of style closing tags | known affected: 128 known not affected: 2 | 2026-07-02T17:16:41+00:00 | Vulnerability · Source |
| CVE-2026-41254 | redhat_vex | Little CMS: lcms2: mm2/Little-CMS: Little CMS: Information disclosure or denial of service via integer overflow in CubeSize | known affected: 261 | 2026-07-02T17:16:39+00:00 | Vulnerability · Source |
| CVE-2026-41066 | redhat_vex | lxml: python: lxml: Information disclosure via untrusted XML input leading to local file read | known affected: 32 known not affected: 3 | 2026-07-02T17:16:32+00:00 | Vulnerability · Source |
| CVE-2026-40919 | redhat_vex | gimp: GIMP: Denial of Service via specially crafted Seattle Filmworks file | known affected: 32 | 2026-07-02T17:16:30+00:00 | Vulnerability · Source |
| CVE-2026-40918 | redhat_vex | gimp: GIMP: Denial of Service via crafted PVR image file | known affected: 32 | 2026-07-02T17:16:29+00:00 | Vulnerability · Source |
| CVE-2026-40917 | redhat_vex | gimp: GIMP: Application crashes or information disclosure via crafted ICNS image files | known affected: 32 | 2026-07-02T17:16:26+00:00 | Vulnerability · Source |
| CVE-2026-40916 | redhat_vex | gimp: GIMP: Denial of Service due to stack buffer overflow in TIM image loader | known affected: 32 | 2026-07-02T17:16:24+00:00 | Vulnerability · Source |
| CVE-2026-40915 | redhat_vex | gimp: GIMP: Heap buffer overflow due to integer overflow in FITS image loader | known affected: 32 | 2026-07-02T17:16:22+00:00 | Vulnerability · Source |
| CVE-2026-40447 | redhat_vex | escargot: Escargot: Denial of Service due to integer overflow or wraparound vulnerability | known affected: 80 | 2026-07-02T17:16:21+00:00 | Vulnerability · Source |
| CVE-2026-40354 | redhat_vex | flatpak: xdg-desktop-portal: Flatpak xdg-desktop-portal: File deletion via symlink attack | known affected: 8 | 2026-07-02T17:16:18+00:00 | Vulnerability · Source |
| CVE-2026-40341 | redhat_vex | libgphoto2: libgphoto2: Denial of Service via out-of-bounds read from untrusted USB devices | known affected: 10 | 2026-07-02T17:16:16+00:00 | Vulnerability · Source |
| CVE-2026-40340 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:14+00:00 | Vulnerability · Source |
| CVE-2026-40339 | redhat_vex | libgphoto2: libgphoto2: Information Disclosure via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:12+00:00 | Vulnerability · Source |
| CVE-2026-40338 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via out-of-bounds read | known affected: 10 | 2026-07-02T17:16:10+00:00 | Vulnerability · Source |
| CVE-2026-40335 | redhat_vex | libgphoto2: libgphoto2: Information disclosure via out-of-bounds read in ptp_unpack_DPV() | known affected: 10 | 2026-07-02T17:16:08+00:00 | Vulnerability · Source |
| CVE-2026-40333 | redhat_vex | libgphoto2: libgphoto2: Information disclosure and denial of service via unbounded reads | known affected: 10 | 2026-07-02T17:16:06+00:00 | Vulnerability · Source |
| CVE-2026-40254 | redhat_vex | FreeRDP: FreeRDP: Information disclosure and arbitrary file modification via path traversal | known affected: 31 | 2026-07-02T17:16:05+00:00 | Vulnerability · Source |
| CVE-2026-39886 | redhat_vex | OpenEXR: OpenEXR: Signed integer overflow in HTJ2K decompression can lead to denial of service. | known affected: 18 | 2026-07-02T17:16:04+00:00 | Vulnerability · Source |
| CVE-2026-33555 | redhat_vex | haproxy: HAProxy: Request smuggling via HTTP/3 parser desynchronization | fixed: 3 known affected: 10 known not affected: 4 | 2026-07-02T17:15:57+00:00 | Vulnerability · Source |
| CVE-2026-33523 | redhat_vex | httpd: HTTP response splitting forwarding malicious status line | fixed: 4 known affected: 53 | 2026-07-02T17:15:55+00:00 | Vulnerability · Source |
| CVE-2026-32778 | redhat_vex | libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition | known affected: 21 | 2026-07-02T17:15:54+00:00 | Vulnerability · Source |
| CVE-2026-32775 | redhat_vex | libexif: libexif: Buffer overwrite via integer underflow in MakerNotes decoding | known affected: 17 | 2026-07-02T17:15:53+00:00 | Vulnerability · Source |
| CVE-2026-32777 | redhat_vex | libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing | known affected: 21 | 2026-07-02T17:15:51+00:00 | Vulnerability · Source |
| CVE-2026-32776 | redhat_vex | libexpat: libexpat: Denial of Service due to NULL pointer dereference | known affected: 21 | 2026-07-02T17:15:50+00:00 | Vulnerability · Source |
| CVE-2026-5406 | redhat_vex | wireshark: Wireshark: Denial of Service via FC-SWILS protocol dissector crash | known affected: 20 | 2026-07-02T17:15:48+00:00 | Vulnerability · Source |
| CVE-2026-4867 | redhat_vex | path-to-regexp: path-to-regexp: Denial of Service via catastrophic backtracking from malformed URL parameters | fixed: 12 known affected: 102 known not affected: 85 | 2026-07-02T17:15:44+00:00 | Vulnerability · Source |
| CVE-2026-4897 | redhat_vex | polkit: Polkit: Denial of Service via unbounded input processing through standard input | known affected: 23 | 2026-07-02T17:15:44+00:00 | Vulnerability · Source |
| CVE-2026-4367 | redhat_vex | libXpm: libXpm: Denial of Service via out-of-bounds read in XPM file parsing | fixed: 3 known affected: 13 | 2026-07-02T17:15:41+00:00 | Vulnerability · Source |
| CVE-2026-4426 | redhat_vex | libarchive: libarchive: Denial of Service via malformed ISO file processing | fixed: 3 known affected: 21 | 2026-07-02T17:15:40+00:00 | Vulnerability · Source |
| CVE-2026-4105 | redhat_vex | systemd: systemd: Privilege escalation via improper access control in RegisterMachine D-Bus method | fixed: 4 known affected: 131 | 2026-07-02T17:15:35+00:00 | Vulnerability · Source |
| CVE-2026-3731 | redhat_vex | libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler | fixed: 4 known affected: 21 | 2026-07-02T17:15:32+00:00 | Vulnerability · Source |
| CVE-2026-3634 | redhat_vex | libsoup: libsoup: HTTP header injection and response splitting via CRLF injection in Content-Type header | known affected: 16 | 2026-07-02T17:15:28+00:00 | Vulnerability · Source |
| CVE-2026-3494 | redhat_vex | MariaDB: MariaDB: Information disclosure due to unlogged SQL statements with comments | known affected: 162 | 2026-07-02T17:15:27+00:00 | Vulnerability · Source |
| CVE-2026-31680 | redhat_vex | kernel: net: ipv6: flowlabel: defer exclusive option free until RCU teardown | known affected: 260 known not affected: 14 | 2026-07-02T17:15:15+00:00 | Vulnerability · Source |
| CVE-2026-31679 | redhat_vex | kernel: openvswitch: validate MPLS set/set_masked payload length | known affected: 260 known not affected: 14 | 2026-07-02T17:15:13+00:00 | Vulnerability · Source |
| CVE-2026-31678 | redhat_vex | kernel: openvswitch: defer tunnel netdev_put to RCU release | known affected: 260 known not affected: 14 | 2026-07-02T17:15:11+00:00 | Vulnerability · Source |
| CVE-2026-31675 | redhat_vex | kernel: net/sched: sch_netem: fix out-of-bounds access in packet corruption | known affected: 260 known not affected: 14 | 2026-07-02T17:15:09+00:00 | Vulnerability · Source |
| CVE-2026-31674 | redhat_vex | kernel: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() | known affected: 260 known not affected: 14 | 2026-07-02T17:15:08+00:00 | Vulnerability · Source |
| CVE-2026-31673 | redhat_vex | kernel: af_unix: read UNIX_DIAG_VFS data under unix_state_lock | known affected: 260 known not affected: 14 | 2026-07-02T17:15:04+00:00 | Vulnerability · Source |