VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221784 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-9165 redhat_vex stackrox: stackrox: Unbounded GraphQL query depth allows authenticated denial of service fixed: 12 known not affected: 127 2026-07-08T08:11:51+00:00 Vulnerability · Source
CVE-2026-49232 redhat_vex rust-routinator: Routinator: Denial of Service via malicious HTTP or RTR connections known not affected: 1 2026-07-08T08:10:57+00:00 Vulnerability · Source
CVE-2026-49234 redhat_vex rust-routinator: Routinator: Denial of Service via crafted non-UTF-8 string known not affected: 1 2026-07-08T08:10:53+00:00 Vulnerability · Source
CVE-2026-49235 redhat_vex rust-routinator: Routinator: Denial of Service via crafted Document Type Definition in RRDP known not affected: 1 2026-07-08T08:10:21+00:00 Vulnerability · Source
CVE-2026-49233 redhat_vex rust-routinator: Routinator: Information disclosure via rsync URI path traversal known not affected: 1 2026-07-08T08:10:19+00:00 Vulnerability · Source
CVE-2026-49342 redhat_vex yard: YARD: Information disclosure via path traversal in static cache lookup known not affected: 10 2026-07-08T07:57:39+00:00 Vulnerability · Source
CVE-2026-42266 redhat_vex jupyterlab: JupyterLab: Arbitrary code execution due to improper enforcement of extension allow-list known affected: 14 known not affected: 2 2026-07-08T07:55:45+00:00 Vulnerability · Source
CVE-2026-12993 redhat_vex Apicurio/apicurio-registry: apicurio-registry: XML entity-expansion denial of service via internal DTD subset known affected: 2 2026-07-08T07:51:31+00:00 Vulnerability · Source
CVE-2026-42557 redhat_vex jupyterlab: JupyterLab: Arbitrary code execution via deceptive button in HTML output known affected: 14 known not affected: 2 2026-07-08T07:51:00+00:00 Vulnerability · Source
CVE-2026-33079 redhat_vex mistune: Mistune: Regular Expression Denial of Service (ReDoS) via crafted Markdown input known affected: 21 known not affected: 3 2026-07-08T07:50:57+00:00 Vulnerability · Source
CVE-2026-59711 redhat_vex showdown: Showdown: Cross-site scripting via unescaped metadata title allows arbitrary code execution known affected: 26 under investigation: 4 2026-07-08T07:40:51+00:00 Vulnerability · Source
CVE-2026-55699 redhat_vex pnpm: pnpm: Denial of Service due to improper handling of malicious package manifest bin keys known affected: 4 2026-07-08T07:36:35+00:00 Vulnerability · Source
CVE-2026-44513 redhat_vex Diffusers: Diffusers: Arbitrary remote code execution via `trust_remote_code` bypass known affected: 13 known not affected: 3 2026-07-08T07:35:42+00:00 Vulnerability · Source
CVE-2026-54786 redhat_vex Wasmtime: Wasmtime: Leak in WASIp1 `fd_renumber` implementation known affected: 3 2026-07-08T07:30:20+00:00 Vulnerability · Source
CVE-2026-43825 redhat_vex org.apache.opennlp/opennlp-tools: Apache OpenNLP SvmDoccatModel: Remote code execution via untrusted Java deserialization known not affected: 2 under investigation: 2 2026-07-08T07:25:49+00:00 Vulnerability · Source
CVE-2026-2393 redhat_vex mlflow: MLflow: Server-Side Request Forgery (SSRF) allows internal network access and data exfiltration. known not affected: 19 2026-07-08T07:20:17+00:00 Vulnerability · Source
CVE-2026-31229 redhat_vex adversarial-robustness-toolbox: kubeflow: python: Adversarial Robustness Toolbox (ART): Remote code execution via insecure deserialization in Kubeflow component known not affected: 4 2026-07-08T07:15:59+00:00 Vulnerability · Source
CVE-2026-4137 redhat_vex mlflow/mlflow: mlflow/mlflow: Arbitrary code execution via insecure temporary directory permissions known affected: 1 known not affected: 16 2026-07-08T07:15:32+00:00 Vulnerability · Source
CVE-2026-2652 redhat_vex mlflow: mlflow: Authentication bypass allows unauthorized job management and data injection known not affected: 19 2026-07-08T07:15:26+00:00 Vulnerability · Source
CVE-2026-49365 redhat_vex org.apache.camel/camel-netty-http: Apache Camel Netty HTTP: Information disclosure via error messages containing sensitive data known affected: 3 2026-07-08T07:10:35+00:00 Vulnerability · Source
CVE-2026-12479 redhat_vex keras: Path Traversal in keras-team/keras known affected: 5 known not affected: 4 2026-07-08T07:05:31+00:00 Vulnerability · Source
CVE-2026-40171 redhat_vex Jupyter Notebook: JupyterLab: @jupyter-notebook/help-extension: @jupyterlab/help-extension: Jupyter Notebook and JupyterLab: Session takeover via stored cross-site scripting known affected: 14 known not affected: 2 2026-07-08T07:00:21+00:00 Vulnerability · Source
CVE-2026-46726 redhat_vex camel-vertx-websocket: Apache Camel Vertx Websocket: Server-Side Request Forgery and sensitive data exposure known affected: 2 2026-07-08T06:55:16+00:00 Vulnerability · Source
CVE-2026-49098 redhat_vex camel-kafka: Apache Camel Kafka Component: Message redirection and injection via header manipulation known affected: 2 2026-07-08T06:40:49+00:00 Vulnerability · Source
CVE-2026-48746 redhat_vex vllm: starlette: vLLM: Critical authentication bypass allows unauthorized API access fixed: 6 known affected: 54 known not affected: 15 2026-07-08T06:40:39+00:00 Vulnerability · Source
CVE-2026-14647 redhat_vex onnx: onnxruntime: ONNX: Information disclosure via out-of-bounds read known affected: 16 known not affected: 2 2026-07-08T06:15:51+00:00 Vulnerability · Source
CVE-2026-41283 redhat_vex openstack-mistral: OpenStack Mistral: Arbitrary Remote Code Execution via exposed API endpoints known not affected: 8 2026-07-08T05:55:48+00:00 Vulnerability · Source
CVE-2026-8147 redhat_vex mlflow: MLflow: Unauthorized access to trace data due to missing authorization validation known affected: 1 known not affected: 18 2026-07-08T05:55:25+00:00 Vulnerability · Source
CVE-2024-24788 redhat_vex golang: net: malformed DNS message can cause infinite loop fixed: 877 known affected: 86 known not affected: 406 2026-07-08T05:41:12+00:00 Vulnerability · Source
CVE-2026-55646 redhat_vex vllm: vLLM: Denial of Service due to excessive memory allocation via oversized audio file uploads known not affected: 26 2026-07-08T05:33:45+00:00 Vulnerability · Source
CVE-2026-4944 redhat_vex vllm: vllm-project/vllm: Remote Code Execution via malicious HuggingFace model repositories known affected: 11 known not affected: 15 2026-07-08T05:30:59+00:00 Vulnerability · Source
CVE-2026-31419 redhat_vex kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service fixed: 2416 known affected: 22 known not affected: 42 2026-07-08T05:25:54+00:00 Vulnerability · Source
CVE-2026-31402 redhat_vex kernel: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache fixed: 3227 known affected: 22 2026-07-08T05:25:47+00:00 Vulnerability · Source
CVE-2026-23401 redhat_vex kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling fixed: 2404 known affected: 22 known not affected: 42 2026-07-08T05:25:36+00:00 Vulnerability · Source
CVE-2026-55514 redhat_vex vllm: vLLM: Denial of Service via crafted prompt in /v1/completions request known affected: 20 known not affected: 6 2026-07-08T05:00:52+00:00 Vulnerability · Source
CVE-2026-53263 redhat_vex kernel: 6lowpan: fix off-by-one in multicast context address compression known affected: 156 known not affected: 118 2026-07-08T04:15:14+00:00 Vulnerability · Source
CVE-2026-53280 redhat_vex kernel: iommu: Fix NULL group->domain dereference in pci_dev_reset_iommu_done() known affected: 76 known not affected: 198 2026-07-08T04:06:18+00:00 Vulnerability · Source
CVE-2026-53291 redhat_vex kernel: ALSA: hda/conexant: Fix missing error check for jack detection known affected: 184 known not affected: 90 2026-07-08T04:06:17+00:00 Vulnerability · Source
CVE-2026-53297 redhat_vex kernel: net: mana: Guard mana_remove against double invocation known affected: 232 known not affected: 42 2026-07-08T04:06:14+00:00 Vulnerability · Source
CVE-2026-53278 redhat_vex kernel: arm_mpam: Check whether the config array is allocated before destroying it known affected: 184 known not affected: 90 2026-07-08T04:06:12+00:00 Vulnerability · Source
CVE-2026-53285 redhat_vex kernel: drm/amd/display: Wrap DCN32 phantom-plane allocation in DC_RUN_WITH_PREEMPTION_ENABLED known not affected: 274 2026-07-08T04:06:10+00:00 Vulnerability · Source
CVE-2026-53282 redhat_vex kernel: x86/kexec: Push kjump return address even for non-kjump kexec known not affected: 274 2026-07-08T04:06:08+00:00 Vulnerability · Source
CVE-2026-53295 redhat_vex kernel: mailbox: add sanity check for channel array known affected: 260 known not affected: 14 2026-07-08T04:06:06+00:00 Vulnerability · Source
CVE-2026-53289 redhat_vex kernel: ice: fix NULL pointer dereference in ice_reset_all_vfs() known affected: 232 known not affected: 42 2026-07-08T04:06:04+00:00 Vulnerability · Source
CVE-2026-53279 redhat_vex kernel: drm/gma500/oaktrail_lvds: fix hang on init failure known affected: 124 known not affected: 150 2026-07-08T04:06:02+00:00 Vulnerability · Source
CVE-2026-53274 redhat_vex kernel: net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS known affected: 232 known not affected: 42 2026-07-08T04:06:01+00:00 Vulnerability · Source
CVE-2026-53293 redhat_vex kernel: drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG known not affected: 274 2026-07-08T04:05:58+00:00 Vulnerability · Source
CVE-2026-53269 redhat_vex kernel: netfilter: synproxy: add mutex to guard hook reference counting known affected: 184 known not affected: 90 2026-07-08T04:05:56+00:00 Vulnerability · Source
CVE-2026-53294 redhat_vex kernel: mailbox: mailbox-test: don't free the reused channel known affected: 232 known not affected: 42 2026-07-08T04:05:55+00:00 Vulnerability · Source
CVE-2026-53287 redhat_vex kernel: audit: fix incorrect inheritable capability in CAPSET records known affected: 274 2026-07-08T04:05:54+00:00 Vulnerability · Source