VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221679 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-44918 redhat_vex openstack-ironic: Prevent rehoming resources to nodes with different owner known affected: 10 known not affected: 4 2026-07-14T20:10:42+00:00 Vulnerability · Source
CVE-2026-15713 redhat_vex libsoup: SoupCache: libsoup: HTTP/2 frame window exhaustion remote denial of service via memory leak known affected: 16 2026-07-14T20:06:07+00:00 Vulnerability · Source
CVE-2026-15714 redhat_vex libsoup: SoupMultipartInputStream: libsoup: Out-of-bounds read in soup_multipart_input_stream_read_headers via an oversized multipart boundary string known affected: 16 2026-07-14T20:06:06+00:00 Vulnerability · Source
CVE-2026-15709 redhat_vex SoupWebsocketExtensionDeflate: libsoup: libsoup: WebSocket permessage-deflate Unbounded Decompression Remote Denial of Service known affected: 16 2026-07-14T20:06:02+00:00 Vulnerability · Source
CVE-2026-52747 redhat_vex ModSecurity: ModSecurity: Security rule bypass due to incorrect handling of line breaks in form data known affected: 8 2026-07-14T20:05:57+00:00 Vulnerability · Source
CVE-2026-15711 redhat_vex libsoup: SoupWebsocketConnection: libsoup: WebSocket remote denial of service via oversized control frame protocol violation known affected: 16 2026-07-14T20:05:55+00:00 Vulnerability · Source
CVE-2026-48069 redhat_vex grpc-js: @grpc/grpc-js: Client or server crash via malformed compressed message known affected: 5 2026-07-14T20:05:46+00:00 Vulnerability · Source
CVE-2026-52761 redhat_vex ModSecurity: ModSecurity: Web Application Firewall rules bypass due to incorrect UTF-8 to Unicode transformation known affected: 8 2026-07-14T19:56:03+00:00 Vulnerability · Source
CVE-2024-4367 redhat_vex Mozilla: Arbitrary JavaScript execution in PDF.js fixed: 234 known affected: 32 2026-07-14T19:55:47+00:00 Vulnerability · Source
CVE-2026-52970 redhat_vex kernel: netfilter: nft_ct: fix missing expect put in obj eval known affected: 184 known not affected: 90 2026-07-14T19:55:45+00:00 Vulnerability · Source
CVE-2026-53042 redhat_vex kernel: fwctl: Fix class init ordering to avoid NULL pointer dereference on device removal known affected: 76 known not affected: 198 2026-07-14T19:45:52+00:00 Vulnerability · Source
CVE-2026-53037 redhat_vex kernel: HID: usbhid: fix deadlock in hid_post_reset() known affected: 274 2026-07-14T19:45:47+00:00 Vulnerability · Source
CVE-2026-53038 redhat_vex kernel: ima_fs: Correctly create securityfs files for unsupported hash algos known affected: 76 known not affected: 198 2026-07-14T19:45:44+00:00 Vulnerability · Source
CVE-2026-53032 redhat_vex kernel: bpf: Fix NULL deref in map_kptr_match_type for scalar regs known affected: 184 known not affected: 90 2026-07-14T19:45:42+00:00 Vulnerability · Source
CVE-2026-44843 redhat_vex langchain: LangChain: Information disclosure and data integrity compromise via insecure deserialization known affected: 14 2026-07-14T19:35:53+00:00 Vulnerability · Source
CVE-2026-53007 redhat_vex kernel: ice: fix potential NULL pointer deref in error path of ice_set_ringparam() known affected: 184 known not affected: 90 2026-07-14T19:30:41+00:00 Vulnerability · Source
CVE-2026-53008 redhat_vex kernel: ice: fix race condition in TX timestamp ring cleanup known affected: 184 known not affected: 90 2026-07-14T19:16:08+00:00 Vulnerability · Source
CVE-2026-15712 redhat_vex SoupClientMessageIOHTTP2: libsoup3: libsoup: HTTP/2 GOAWAY frame parsing heap buffer over-read via invalid NUL-termination assumption known affected: 4 2026-07-14T19:06:41+00:00 Vulnerability · Source
CVE-2026-34993 redhat_vex aiohttp: AIOHTTP: Arbitrary code execution via untrusted input to CookieJar.load() fixed: 24 known affected: 76 known not affected: 767 under investigation: 6 2026-07-14T18:56:42+00:00 Vulnerability · Source
CVE-2026-54512 redhat_vex jackson-databind: jackson-databind: Arbitrary code execution via PolymorphicTypeValidator bypass fixed: 1 known affected: 86 known not affected: 79 under investigation: 3 2026-07-14T18:51:04+00:00 Vulnerability · Source
CVE-2026-21441 redhat_vex urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) fixed: 1938 known affected: 394 known not affected: 2918 under investigation: 1 2026-07-14T18:44:01+00:00 Vulnerability · Source
CVE-2026-55380 redhat_vex python-pillow: Pillow: Denial of Service via crafted GD 2.x image file fixed: 52 known affected: 82 known not affected: 5 under investigation: 4 2026-07-14T18:26:14+00:00 Vulnerability · Source
CVE-2026-44545 redhat_vex daphne: daphne: Denial of Service via excessive WebSocket message size known affected: 12 2026-07-14T18:26:03+00:00 Vulnerability · Source
CVE-2026-52985 redhat_vex kernel: netdevsim: zero initialize struct iphdr in dummy sk_buff known affected: 232 known not affected: 42 2026-07-14T18:08:10+00:00 Vulnerability · Source
CVE-2026-52949 redhat_vex kernel: drm/ttm: Fix ttm_bo_shrink() infinite LRU walk on backup failure known affected: 184 known not affected: 90 2026-07-14T18:08:07+00:00 Vulnerability · Source
CVE-2026-52948 redhat_vex kernel: i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl known affected: 274 2026-07-14T18:08:02+00:00 Vulnerability · Source
CVE-2026-52984 redhat_vex kernel: net/sched: netem: fix queue limit check to include reordered packets known affected: 198 known not affected: 76 2026-07-14T18:08:02+00:00 Vulnerability · Source
CVE-2026-53012 redhat_vex kernel: nexthop: fix IPv6 route referencing IPv4 nexthop known affected: 184 known not affected: 90 2026-07-14T18:07:09+00:00 Vulnerability · Source
CVE-2026-52961 redhat_vex kernel: ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size known affected: 232 known not affected: 42 2026-07-14T18:05:08+00:00 Vulnerability · Source
CVE-2026-54432 redhat_vex roundcubemail: Roundcube Webmail: Stored Cross-Site Scripting via unescaped attachment MIME type known not affected: 1 2026-07-14T18:05:07+00:00 Vulnerability · Source
CVE-2026-52990 redhat_vex kernel: fsnotify: fix inode reference leak in fsnotify_recalc_mask() known affected: 184 known not affected: 90 2026-07-14T18:05:06+00:00 Vulnerability · Source
CVE-2026-62641 redhat_vex roundcubemail: Roundcube Webmail: Denial of Service via crafted TNEF compressed-RTF size known not affected: 1 2026-07-14T18:05:04+00:00 Vulnerability · Source
CVE-2026-52977 redhat_vex kernel: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup known affected: 184 known not affected: 90 2026-07-14T18:05:03+00:00 Vulnerability · Source
CVE-2026-52980 redhat_vex kernel: sched/fair: Clear rel_deadline when initializing forked entities known affected: 76 known not affected: 198 2026-07-14T18:05:02+00:00 Vulnerability · Source
CVE-2026-62644 redhat_vex roundcubemail: Roundcube Webmail: Account takeover via username spoofing in password plugin known not affected: 1 2026-07-14T18:05:01+00:00 Vulnerability · Source
CVE-2026-62642 redhat_vex roundcubemail: Roundcube Webmail: Denial of Service via infinite loop in TNEF decoder known not affected: 1 2026-07-14T18:05:01+00:00 Vulnerability · Source
CVE-2026-46173 redhat_vex kernel: exit: prevent preemption of oopsing TASK_DEAD task fixed: 1658 known affected: 36 known not affected: 76 2026-07-14T18:04:39+00:00 Vulnerability · Source
CVE-2026-43414 redhat_vex kernel: scsi: qla2xxx: Completely fix fcport double free fixed: 1224 known affected: 36 known not affected: 76 2026-07-14T18:04:33+00:00 Vulnerability · Source
CVE-2026-43330 redhat_vex kernel: crypto: caam - fix overflow on long hmac keys fixed: 616 known not affected: 198 2026-07-14T18:04:31+00:00 Vulnerability · Source
CVE-2026-31408 redhat_vex kernel: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold fixed: 1908 known affected: 64 2026-07-14T18:04:25+00:00 Vulnerability · Source
CVE-2025-68724 redhat_vex kernel: crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id fixed: 1930 known affected: 23 known not affected: 42 2026-07-14T18:04:21+00:00 Vulnerability · Source
CVE-2025-38653 redhat_vex kernel: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al fixed: 1503 known affected: 36 known not affected: 76 2026-07-14T18:04:17+00:00 Vulnerability · Source
CVE-2026-46086 redhat_vex kernel: net: bridge: use a stable FDB dst snapshot in RCU readers fixed: 453 known affected: 140 2026-07-14T18:04:13+00:00 Vulnerability · Source
CVE-2026-27143 redhat_vex golang: cmd/compile: possible memory corruption after bound check elimination fixed: 3329 known affected: 5 known not affected: 226 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-27144 redhat_vex golang: cmd/compile: no-op interface conversion bypasses overlap checking fixed: 3333 known affected: 5 known not affected: 222 2026-07-14T17:54:24+00:00 Vulnerability · Source
CVE-2026-42583 redhat_vex netty: io.netty/netty-codec-compression: io.netty/netty-codec: Netty: Denial of Service via excessive memory allocation in LZ4FrameDecoder fixed: 5 known affected: 36 known not affected: 87 2026-07-14T17:42:10+00:00 Vulnerability · Source
CVE-2026-24308 redhat_vex Apache ZooKeeper: Apache ZooKeeper: Information disclosure via improper handling of configuration values fixed: 6 known affected: 7 known not affected: 210 2026-07-14T17:41:40+00:00 Vulnerability · Source
CVE-2026-62643 redhat_vex roundcubemail: Roundcube Webmail: Server-Side Request Forgery via insufficient CSS sanitization known not affected: 1 2026-07-14T17:40:12+00:00 Vulnerability · Source
CVE-2026-44825 redhat_vex solr: Apache Solr: Remote attacker gains administrative access via hardcoded credentials in Basic Authentication setup. known not affected: 2 2026-07-14T17:38:46+00:00 Vulnerability · Source
CVE-2026-52972 redhat_vex kernel: crypto: af_alg - Cap AEAD AD length to 0x80000000 known affected: 232 known not affected: 42 2026-07-14T17:38:42+00:00 Vulnerability · Source