VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221724 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-58013 microsoft_vex Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend" fixed: 1 known affected: 1 2026-07-10T14:39:52+00:00 Vulnerability · Source
CVE-2026-58011 microsoft_vex Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime fixed: 1 known affected: 1 2026-07-10T14:39:45+00:00 Vulnerability · Source
CVE-2026-58012 microsoft_vex Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char() fixed: 1 known affected: 1 2026-07-10T14:39:37+00:00 Vulnerability · Source
CVE-2026-58016 microsoft_vex Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml" fixed: 1 known affected: 1 2026-07-10T14:39:30+00:00 Vulnerability · Source
CVE-2026-58015 microsoft_vex Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive fixed: 1 known affected: 1 2026-07-10T14:39:22+00:00 Vulnerability · Source
CVE-2026-58010 microsoft_vex Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal() fixed: 1 known affected: 1 2026-07-10T14:39:14+00:00 Vulnerability · Source
CVE-2026-11525 microsoft_vex undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching fixed: 1 known affected: 1 under investigation: 1 2026-07-10T14:39:01+00:00 Vulnerability · Source
CVE-2026-59935 redhat_vex pypdf: pypdf: Denial of Service via crafted PDF with unterminated inline image known affected: 5 under investigation: 6 2026-07-10T14:34:53+00:00 Vulnerability · Source
CVE-2026-53878 redhat_vex django: Django: HTTP header injection via DomainNameValidator accepting newlines known affected: 20 2026-07-10T14:25:02+00:00 Vulnerability · Source
CVE-2026-53877 redhat_vex django: Django: Information disclosure via heap buffer over-read in GDALRaster known affected: 20 2026-07-10T14:24:58+00:00 Vulnerability · Source
CVE-2026-59937 redhat_vex pypdf: pypdf: Denial of Service via crafted PDF with malformed cross-reference streams known affected: 11 2026-07-10T14:24:52+00:00 Vulnerability · Source
CVE-2026-59938 redhat_vex pypdf: pypdf: Possible large memory usage for wrong image dimensions known affected: 11 2026-07-10T14:10:27+00:00 Vulnerability · Source
CVE-2026-15164 redhat_vex wireshark: Wireshark: Denial of Service vulnerability in ciscodump known affected: 20 2026-07-10T14:05:41+00:00 Vulnerability · Source
CVE-2026-15165 redhat_vex wireshark: Wireshark: Denial of Service via TLS ECH decryptor crash known affected: 20 2026-07-10T14:05:30+00:00 Vulnerability · Source
CVE-2026-47712 redhat_vex dulwich: Dulwich: Arbitrary file write via malicious commit subject in format_patch known affected: 24 under investigation: 1 2026-07-10T14:00:38+00:00 Vulnerability · Source
CVE-2026-7492 redhat_vex gitlab-ee: gitlab: GitLab: Information disclosure of private project existence via improper authorization known not affected: 4 2026-07-10T13:50:51+00:00 Vulnerability · Source
CVE-2026-48588 redhat_vex django: Django: Information disclosure due to improper caching of Set-Cookie responses known affected: 20 2026-07-10T13:46:05+00:00 Vulnerability · Source
CVE-2026-58207 redhat_vex github.com/nats-io/nats-server: NATS Server: Denial of Service via arithmetic overflow in connection monitoring pagination known affected: 6 known not affected: 3 2026-07-10T13:46:03+00:00 Vulnerability · Source
CVE-2026-12590 redhat_vex body-parser: body-parser: Denial of Service via invalid limit option known affected: 132 known not affected: 1 2026-07-10T13:46:00+00:00 Vulnerability · Source
CVE-2026-39197 redhat_vex vector: Vector: Denial of Service via crafted request to HTTP endpoint known not affected: 1 2026-07-10T13:15:17+00:00 Vulnerability · Source
CVE-2026-52924 redhat_vex kernel: sctp: purge outqueue on stale COOKIE-ECHO handling known affected: 232 known not affected: 42 2026-07-10T13:07:12+00:00 Vulnerability · Source
CVE-2026-59929 redhat_vex mistune: Mistune: Cross-site scripting via incomplete URL scheme filtering known affected: 24 2026-07-10T12:59:58+00:00 Vulnerability · Source
CVE-2026-59262 redhat_vex AFFiNE: AFFiNE: Information disclosure via histories GraphQL field known not affected: 11 2026-07-10T12:24:52+00:00 Vulnerability · Source
CVE-2026-52973 redhat_vex kernel: futex: Drop CLONE_THREAD requirement for private default hash alloc known affected: 184 known not affected: 90 2026-07-10T11:55:23+00:00 Vulnerability · Source
CVE-2026-59923 redhat_vex mistune: Mistune: Arbitrary code execution through crafted Markdown links known affected: 24 under investigation: 1 2026-07-10T11:34:11+00:00 Vulnerability · Source
CVE-2026-59926 redhat_vex mistune: Mistune: Cross-Site Scripting via unescaped HTML class attribute in Admonition directive known affected: 24 under investigation: 1 2026-07-10T11:34:08+00:00 Vulnerability · Source
CVE-2026-59930 redhat_vex mistune: Mistune: Same-page navigation redirection due to predictable heading IDs known affected: 10 known not affected: 1 under investigation: 14 2026-07-10T11:34:07+00:00 Vulnerability · Source
CVE-2026-15378 redhat_vex guardrails-detectors: guardrails-detectors: SSRF and local file read via user-supplied XML Schema (xml-with-schema:) known affected: 1 2026-07-10T11:05:10+00:00 Vulnerability · Source
CVE-2026-59725 redhat_vex socket.io: engine.io: Socket.IO: Denial of Service via invalid binary POST requests fixed: 3 known affected: 4 2026-07-10T10:59:12+00:00 Vulnerability · Source
CVE-2023-5685 redhat_vex xnio: StackOverflowException when the chain of notifier states becomes problematically big fixed: 93 known affected: 5 known not affected: 240 2026-07-10T10:44:22+00:00 Vulnerability · Source
CVE-2026-59152 redhat_vex langsmith: LangSmith SDK TracingMiddleware: Information Disclosure via Arbitrary Server-Side File Read known affected: 14 2026-07-10T10:00:54+00:00 Vulnerability · Source
CVE-2026-53511 redhat_vex calibre: Calibre: Arbitrary code execution via malicious e-book file processing known not affected: 1 2026-07-10T09:55:40+00:00 Vulnerability · Source
CVE-2026-58374 redhat_vex hostapd: hostapd: Denial of Service via malformed Wi-Fi 7 Multi-Link Operation association request known affected: 3 2026-07-10T09:50:26+00:00 Vulnerability · Source
CVE-2026-14362 redhat_vex github.com/hashicorp/memberlist: HashiCorp memberlist: Denial of Service via push/pull state handling known affected: 15 known not affected: 32 2026-07-10T09:30:01+00:00 Vulnerability · Source
CVE-2026-44512 redhat_vex onnx: ONNX: Denial of Service via crafted untrusted models known affected: 16 2026-07-10T07:54:47+00:00 Vulnerability · Source
CVE-2026-54528 redhat_vex jupyterlab-git: JupyterLab Git: Information disclosure via case-sensitivity bypass in excluded path enforcement known affected: 15 2026-07-10T07:09:53+00:00 Vulnerability · Source
CVE-2026-59925 redhat_vex mistune: Mistune: Denial of Service via crafted Markdown input known affected: 25 2026-07-10T07:05:12+00:00 Vulnerability · Source
CVE-2024-12125 redhat_vex 3scale-porta: Readonly fields not validated server-side known affected: 1 2026-07-10T06:25:28+00:00 Vulnerability · Source
CVE-2024-28176 redhat_vex jose: resource exhaustion fixed: 584 known affected: 3 known not affected: 2423 2026-07-10T04:58:12+00:00 Vulnerability · Source
CVE-2023-24536 redhat_vex golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption fixed: 1648 known affected: 101 known not affected: 1097 2026-07-10T04:58:01+00:00 Vulnerability · Source
CVE-2026-42198 redhat_vex jdbc.postgresql.org: pgjdbc: Client-side Denial of Service via malicious SCRAM-SHA-256 authentication fixed: 8 known affected: 6 2026-07-10T01:19:46+00:00 Vulnerability · Source
CVE-2026-53916 redhat_vex activemq-stomp: Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Stomp: Unbounded header buffer in STOMP NIO codec known affected: 121 2026-07-10T01:14:51+00:00 Vulnerability · Source
CVE-2026-33747 redhat_vex BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend fixed: 137 known affected: 46 known not affected: 335 2026-07-10T01:04:59+00:00 Vulnerability · Source
CVE-2026-49432 redhat_vex org.apache.activemq/activemq: org.apache.activemq/activemq-all: org.apache.activemq/activemq-stomp: Apache ActiveMQ: Denial of Service via improper input validation in STOMP connector known affected: 122 2026-07-10T01:04:53+00:00 Vulnerability · Source
CVE-2026-59818 microsoft_vex etcd: gRPC client listener does not enforce `--client-crl-file` certificate revocation known affected: 1 2026-07-10T01:01:17+00:00 Vulnerability · Source
CVE-2026-33748 redhat_vex github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components fixed: 133 known affected: 42 known not affected: 310 2026-07-09T23:28:58+00:00 Vulnerability · Source
CVE-2025-7783 redhat_vex form-data: Unsafe random function in form-data fixed: 195 known affected: 72 known not affected: 995 2026-07-09T23:23:19+00:00 Vulnerability · Source
CVE-2025-53643 redhat_vex aiohttp: AIOHTTP HTTP Request/Response Smuggling fixed: 36 known affected: 17 known not affected: 859 2026-07-09T23:10:42+00:00 Vulnerability · Source
CVE-2026-44291 redhat_vex protobufjs: protobufjs: Arbitrary Code Execution via prototype pollution known affected: 33 known not affected: 12 2026-07-09T22:57:26+00:00 Vulnerability · Source
CVE-2026-44292 redhat_vex protobufjs: protobufjs: Data integrity impact due to prototype pollution known affected: 35 known not affected: 10 2026-07-09T22:57:23+00:00 Vulnerability · Source