VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221692 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-53877 redhat_vex django: Django: Information disclosure via heap buffer over-read in GDALRaster known affected: 20 2026-07-10T14:24:58+00:00 Vulnerability · Source
CVE-2026-59937 redhat_vex pypdf: pypdf: Denial of Service via crafted PDF with malformed cross-reference streams known affected: 11 2026-07-10T14:24:52+00:00 Vulnerability · Source
CVE-2026-59938 redhat_vex pypdf: pypdf: Possible large memory usage for wrong image dimensions known affected: 11 2026-07-10T14:10:27+00:00 Vulnerability · Source
CVE-2026-15164 redhat_vex wireshark: Wireshark: Denial of Service vulnerability in ciscodump known affected: 20 2026-07-10T14:05:41+00:00 Vulnerability · Source
CVE-2026-15165 redhat_vex wireshark: Wireshark: Denial of Service via TLS ECH decryptor crash known affected: 20 2026-07-10T14:05:30+00:00 Vulnerability · Source
CVE-2026-47712 redhat_vex dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch known affected: 24 under investigation: 1 2026-07-10T14:00:38+00:00 Vulnerability · Source
CVE-2026-7492 redhat_vex gitlab-ee: gitlab: GitLab: Information disclosure of private project existence via improper authorization known not affected: 4 2026-07-10T13:50:51+00:00 Vulnerability · Source
CVE-2026-48588 redhat_vex django: Django: Information disclosure due to improper caching of Set-Cookie responses known affected: 20 2026-07-10T13:46:05+00:00 Vulnerability · Source
CVE-2026-58207 redhat_vex github.com/nats-io/nats-server: NATS Server: Denial of Service via arithmetic overflow in connection monitoring pagination known affected: 6 known not affected: 3 2026-07-10T13:46:03+00:00 Vulnerability · Source
CVE-2026-12590 redhat_vex body-parser: body-parser: Denial of Service via invalid limit option known affected: 132 known not affected: 1 2026-07-10T13:46:00+00:00 Vulnerability · Source
CVE-2026-39197 redhat_vex vector: Vector: Denial of Service via crafted request to HTTP endpoint known not affected: 1 2026-07-10T13:15:17+00:00 Vulnerability · Source
CVE-2026-52924 redhat_vex kernel: sctp: purge outqueue on stale COOKIE-ECHO handling known affected: 232 known not affected: 42 2026-07-10T13:07:12+00:00 Vulnerability · Source
CVE-2026-59929 redhat_vex mistune: Mistune: Cross-site scripting via incomplete URL scheme filtering known affected: 24 2026-07-10T12:59:58+00:00 Vulnerability · Source
CVE-2026-59262 redhat_vex AFFiNE: AFFiNE: Information disclosure via histories GraphQL field known not affected: 11 2026-07-10T12:24:52+00:00 Vulnerability · Source
CVE-2026-52973 redhat_vex kernel: futex: Drop CLONE_THREAD requirement for private default hash alloc known affected: 184 known not affected: 90 2026-07-10T11:55:23+00:00 Vulnerability · Source
CVE-2026-59923 redhat_vex mistune: Mistune: Arbitrary code execution through crafted Markdown links known affected: 24 under investigation: 1 2026-07-10T11:34:11+00:00 Vulnerability · Source
CVE-2026-59926 redhat_vex mistune: Mistune: Cross-Site Scripting via unescaped HTML class attribute in Admonition directive known affected: 24 under investigation: 1 2026-07-10T11:34:08+00:00 Vulnerability · Source
CVE-2026-59930 redhat_vex mistune: Mistune: Same-page navigation redirection due to predictable heading IDs known affected: 10 known not affected: 1 under investigation: 14 2026-07-10T11:34:07+00:00 Vulnerability · Source
CVE-2026-15378 redhat_vex guardrails-detectors: guardrails-detectors: SSRF and local file read via user-supplied XML Schema (xml-with-schema:) known affected: 1 2026-07-10T11:05:10+00:00 Vulnerability · Source
CVE-2026-59725 redhat_vex socket.io: engine.io: Socket.IO: Denial of Service via invalid binary POST requests fixed: 3 known affected: 4 2026-07-10T10:59:12+00:00 Vulnerability · Source
CVE-2023-5685 redhat_vex xnio: StackOverflowException when the chain of notifier states becomes problematically big fixed: 93 known affected: 5 known not affected: 240 2026-07-10T10:44:22+00:00 Vulnerability · Source
CVE-2026-59152 redhat_vex langsmith: LangSmith SDK TracingMiddleware: Information Disclosure via Arbitrary Server-Side File Read known affected: 14 2026-07-10T10:00:54+00:00 Vulnerability · Source
CVE-2026-53511 redhat_vex calibre: Calibre: Arbitrary code execution via malicious e-book file processing known not affected: 1 2026-07-10T09:55:40+00:00 Vulnerability · Source
CVE-2026-58374 redhat_vex hostapd: hostapd: Denial of Service via malformed Wi-Fi 7 Multi-Link Operation association request known affected: 3 2026-07-10T09:50:26+00:00 Vulnerability · Source
CVE-2026-14362 redhat_vex github.com/hashicorp/memberlist: HashiCorp memberlist: Denial of Service via push/pull state handling known affected: 15 known not affected: 32 2026-07-10T09:30:01+00:00 Vulnerability · Source
CVE-2026-44512 redhat_vex onnx: ONNX: Denial of Service via crafted untrusted models known affected: 16 2026-07-10T07:54:47+00:00 Vulnerability · Source
CVE-2026-54528 redhat_vex jupyterlab-git: JupyterLab Git: Information disclosure via case-sensitivity bypass in excluded path enforcement known affected: 15 2026-07-10T07:09:53+00:00 Vulnerability · Source
CVE-2026-59925 redhat_vex mistune: Mistune: Denial of Service via crafted Markdown input known affected: 25 2026-07-10T07:05:12+00:00 Vulnerability · Source
CVE-2024-12125 redhat_vex 3scale-porta: Readonly fields not validated server-side known affected: 1 2026-07-10T06:25:28+00:00 Vulnerability · Source
CVE-2024-28176 redhat_vex jose: resource exhaustion fixed: 584 known affected: 3 known not affected: 2423 2026-07-10T04:58:12+00:00 Vulnerability · Source
CVE-2023-24536 redhat_vex golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption fixed: 1648 known affected: 101 known not affected: 1097 2026-07-10T04:58:01+00:00 Vulnerability · Source
CVE-2026-42198 redhat_vex jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication fixed: 8 known affected: 6 2026-07-10T01:19:46+00:00 Vulnerability · Source
CVE-2026-53916 redhat_vex activemq-stomp: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec known affected: 121 2026-07-10T01:14:51+00:00 Vulnerability · Source
CVE-2026-33747 redhat_vex BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend fixed: 137 known affected: 46 known not affected: 335 2026-07-10T01:04:59+00:00 Vulnerability · Source
CVE-2026-49432 redhat_vex org.apache.activemq/activemq: org.apache.activemq/activemq-all: org.apache.activemq/activemq-stomp: Apache ActiveMQ: Denial of Service via improper input validation in STOMP connector known affected: 122 2026-07-10T01:04:53+00:00 Vulnerability · Source
CVE-2026-59818 microsoft_vex etcd: gRPC client listener does not enforce `--client-crl-file` certificate revocation known affected: 1 2026-07-10T01:01:17+00:00 Vulnerability · Source
CVE-2026-33748 redhat_vex github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components fixed: 133 known affected: 42 known not affected: 310 2026-07-09T23:28:58+00:00 Vulnerability · Source
CVE-2025-66031 redhat_vex node-forge: node-forge ASN.1 Unbounded Recursion fixed: 146 known affected: 46 known not affected: 1718 2026-07-09T23:28:13+00:00 Vulnerability · Source
CVE-2025-12816 redhat_vex node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications fixed: 225 known affected: 40 known not affected: 2120 2026-07-09T23:23:19+00:00 Vulnerability · Source
CVE-2025-7783 redhat_vex form-data: Unsafe random function in form-data fixed: 195 known affected: 72 known not affected: 995 2026-07-09T23:23:19+00:00 Vulnerability · Source
CVE-2025-53643 redhat_vex aiohttp: AIOHTTP HTTP Request/Response Smuggling fixed: 36 known affected: 17 known not affected: 859 2026-07-09T23:10:42+00:00 Vulnerability · Source
CVE-2026-44291 redhat_vex protobufjs: protobufjs: Arbitrary Code Execution via prototype pollution known affected: 33 known not affected: 12 2026-07-09T22:57:26+00:00 Vulnerability · Source
CVE-2026-44292 redhat_vex protobufjs: protobufjs: Data integrity impact due to prototype pollution known affected: 35 known not affected: 10 2026-07-09T22:57:23+00:00 Vulnerability · Source
CVE-2026-44290 redhat_vex protobufjs: protobufjs: Denial of Service via crafted schema known affected: 34 known not affected: 11 2026-07-09T22:57:20+00:00 Vulnerability · Source
CVE-2026-45740 redhat_vex protobufjs: protobufjs: Denial of Service via crafted JSON descriptors known affected: 36 known not affected: 9 2026-07-09T22:57:09+00:00 Vulnerability · Source
CVE-2026-46331 redhat_vex kernel: net/sched: act_pedit: extend the writable skb range per key fixed: 2297 known not affected: 43 2026-07-09T22:51:24+00:00 Vulnerability · Source
CVE-2026-1519 redhat_vex bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone fixed: 1136 known not affected: 434 2026-07-09T22:50:25+00:00 Vulnerability · Source
CVE-2026-9563 redhat_vex org.eclipse.parsson/parsson: Eclipse Parsson: Denial of Service via uncontrolled resource consumption in JSON parsing known affected: 17 known not affected: 12 2026-07-09T22:19:54+00:00 Vulnerability · Source
CVE-2026-53435 redhat_vex jenkins: Jenkins: Arbitrary code execution via deserialization of attacker-controlled configuration known affected: 1 2026-07-09T22:09:44+00:00 Vulnerability · Source
CVE-2026-49975 redhat_vex httpd: httpd: HTTP/2 Remote Denial of Service via compression bomb and Slowloris-style attack fixed: 323 known not affected: 94 2026-07-09T22:04:45+00:00 Vulnerability · Source