VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221784 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-53272 redhat_vex kernel: erofs: fix use-after-free on sbi->sync_decompress known affected: 76 known not affected: 198 2026-07-08T04:05:48+00:00 Vulnerability · Source
CVE-2026-53292 redhat_vex kernel: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind known affected: 14 known not affected: 260 2026-07-08T04:05:46+00:00 Vulnerability · Source
CVE-2026-53296 redhat_vex kernel: mailbox: mailbox-test: free channels on probe error known affected: 232 known not affected: 42 2026-07-08T04:05:43+00:00 Vulnerability · Source
CVE-2026-53283 redhat_vex kernel: iommu/amd: Bounds-check devid in __rlookup_amd_iommu() known affected: 184 known not affected: 90 2026-07-08T04:05:43+00:00 Vulnerability · Source
CVE-2026-53286 redhat_vex kernel: idpf: fix double free and use-after-free in aux device error paths known affected: 184 known not affected: 90 2026-07-08T04:05:36+00:00 Vulnerability · Source
CVE-2026-13595 redhat_vex util-linux: util-linux: heap use-after-free in libblkid nested partition probing fixed: 3 known affected: 56 2026-07-08T03:45:13+00:00 Vulnerability · Source
CVE-2026-13601 redhat_vex yelp: yelp-xsl: Overly Permissive Content Security Policy in Yelp Allows Host File Disclosure from Flatpak Applications known affected: 14 2026-07-08T03:45:13+00:00 Vulnerability · Source
CVE-2026-41988 redhat_vex uuid: uuid: Unexpected data writes when using external output buffers with specific UUID versions known affected: 457 known not affected: 13 2026-07-08T03:36:05+00:00 Vulnerability · Source
CVE-2026-41082 redhat_vex ocaml-opam: path traversal via the .install field known affected: 2 2026-07-08T03:35:13+00:00 Vulnerability · Source
CVE-2026-53317 microsoft_vex wifi: mt76: mt7921: Place upper limit on station AID known affected: 1 2026-07-08T01:01:49+00:00 Vulnerability · Source
CVE-2026-53233 redhat_vex kernel: netdev: fix double-free in netdev_nl_bind_rx_doit() known affected: 76 known not affected: 198 2026-07-08T00:16:42+00:00 Vulnerability · Source
CVE-2025-12799 redhat_vex jastow: Jastow Cross-Site Scripting attack due to unsanitized URI fixed: 721 known affected: 10 known not affected: 1 2026-07-07T23:59:54+00:00 Vulnerability · Source
CVE-2026-43112 redhat_vex kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath fixed: 762 known affected: 23 known not affected: 43 2026-07-07T23:59:27+00:00 Vulnerability · Source
CVE-2026-53241 redhat_vex kernel: ALSA: seq: dummy: fix UMP event stack overread known affected: 198 known not affected: 76 2026-07-07T22:35:03+00:00 Vulnerability · Source
CVE-2026-53245 redhat_vex kernel: net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr known affected: 260 known not affected: 14 2026-07-07T22:25:09+00:00 Vulnerability · Source
CVE-2026-53249 redhat_vex kernel: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options known affected: 274 2026-07-07T22:15:07+00:00 Vulnerability · Source
CVE-2026-28379 redhat_vex grafana: Grafana Live: Denial of Service due to a race condition known affected: 24 known not affected: 3 2026-07-07T22:05:51+00:00 Vulnerability · Source
CVE-2026-28376 redhat_vex grafana: Grafana Live: Denial of Service due to unbounded memory allocation via push endpoint known affected: 25 known not affected: 2 2026-07-07T22:05:50+00:00 Vulnerability · Source
CVE-2026-28374 redhat_vex grafana: Grafana: Unauthorized annotation deletion by editor users known affected: 25 known not affected: 2 2026-07-07T22:05:47+00:00 Vulnerability · Source
CVE-2026-33380 redhat_vex grafana: Grafana: Information disclosure via SQL Expressions vulnerability known affected: 3 known not affected: 24 2026-07-07T22:05:45+00:00 Vulnerability · Source
CVE-2025-41115 redhat_vex grafana: Incorrect Privilege Assignment known not affected: 23 2026-07-07T22:05:33+00:00 Vulnerability · Source
CVE-2026-23136 redhat_vex kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state fixed: 1218 known affected: 98 known not affected: 90 2026-07-07T21:55:15+00:00 Vulnerability · Source
CVE-2026-53154 redhat_vex kernel: mm/hugetlb: restore reservation on error in hugetlb folio copy paths known affected: 198 known not affected: 76 2026-07-07T20:35:46+00:00 Vulnerability · Source
CVE-2026-43198 redhat_vex kernel: tcp: fix potential race in tcp_v6_syn_recv_sock() fixed: 2073 known affected: 33 under investigation: 14 2026-07-07T20:03:20+00:00 Vulnerability · Source
CVE-2026-43450 redhat_vex kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() fixed: 150 known affected: 212 known not affected: 14 2026-07-07T20:03:20+00:00 Vulnerability · Source
CVE-2025-10263 redhat_vex kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources fixed: 762 known affected: 24 known not affected: 43 2026-07-07T20:03:20+00:00 Vulnerability · Source
CVE-2026-32871 redhat_vex fastmcp: FastMCP: Authenticated Server-Side Request Forgery via path traversal in OpenAPI path parameters fixed: 1 known not affected: 19 2026-07-07T19:26:07+00:00 Vulnerability · Source
CVE-2025-69872 redhat_vex python-diskcache: python-diskcache: Arbitrary code execution via insecure pickle deserialization fixed: 5 known affected: 4 known not affected: 243 2026-07-07T19:26:07+00:00 Vulnerability · Source
CVE-2025-69196 redhat_vex fastmcp: FastMCP: Improper token issuance due to incorrect resource parameter handling fixed: 1 known not affected: 20 2026-07-07T19:26:07+00:00 Vulnerability · Source
CVE-2022-30065 redhat_vex busybox: A use-after-free in Busybox's awk applet leads to denial of service known affected: 3 2026-07-07T19:25:35+00:00 Vulnerability · Source
CVE-2021-30004 redhat_vex wpa_supplicant: mishandled AlgorithmIdentifier parameters may lead to forging attacks known not affected: 8 2026-07-07T19:25:29+00:00 Vulnerability · Source
CVE-2026-12866 redhat_vex expr-eval: expr-eval: Code Execution via crafted expressions in toJSFunction() API known affected: 4 2026-07-07T19:06:08+00:00 Vulnerability · Source
CVE-2026-53157 redhat_vex kernel: net: phonet: free phonet_device after RCU grace period known affected: 14 known not affected: 260 2026-07-07T19:06:06+00:00 Vulnerability · Source
CVE-2026-55892 redhat_vex vim: Vim: Denial of Service via crafted spell file fixed: 4 known affected: 33 2026-07-07T18:58:06+00:00 Vulnerability · Source
CVE-2026-53163 redhat_vex kernel: locking/rtmutex: Skip remove_waiter() when waiter is not enqueued known affected: 232 known not affected: 42 2026-07-07T18:57:53+00:00 Vulnerability · Source
CVE-2026-53164 redhat_vex kernel: iommu/dma: Do not try to iommu_map a 0 length region in swiotlb known affected: 184 known not affected: 90 2026-07-07T18:57:52+00:00 Vulnerability · Source
CVE-2026-25749 redhat_vex vim: Vim: Arbitrary code execution via 'helpfile' option processing fixed: 649 known affected: 6 known not affected: 164 2026-07-07T18:57:39+00:00 Vulnerability · Source
CVE-2026-53009 redhat_vex kernel: ice: fix double-free of tx_buf skb known affected: 260 known not affected: 14 2026-07-07T18:57:39+00:00 Vulnerability · Source
CVE-2026-14363 redhat_vex Cargo: Mediawiki Cargo Extension: SQL Injection vulnerability known not affected: 1 2026-07-07T18:46:04+00:00 Vulnerability · Source
CVE-2026-43114 redhat_vex kernel: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry known affected: 185 known not affected: 91 2026-07-07T18:33:08+00:00 Vulnerability · Source
CVE-2026-44902 redhat_vex opentelemetry-js: opentelemetry/exporter-prometheus: opentelemetry-js: Denial of Service via malformed HTTP request known affected: 2 known not affected: 5 2026-07-07T18:32:27+00:00 Vulnerability · Source
CVE-2026-48614 redhat_vex Plesk: Plesk: Privilege escalation via improper authorization in XML API known not affected: 1 2026-07-07T17:22:37+00:00 Vulnerability · Source
CVE-2026-53134 redhat_vex kernel: netfilter: nft_fib: fix stale stack leak via the OIFNAME register known affected: 232 known not affected: 42 2026-07-07T17:06:07+00:00 Vulnerability · Source
CVE-2024-47081 redhat_vex requests: Requests vulnerable to .netrc credentials leak via malicious URLs fixed: 643 known affected: 119 known not affected: 48 2026-07-07T17:05:58+00:00 Vulnerability · Source
CVE-2026-53141 redhat_vex kernel: drm/v3d: Fix global performance monitor reference counting known not affected: 274 2026-07-07T16:56:38+00:00 Vulnerability · Source
CVE-2026-53142 redhat_vex kernel: drm/xe/display: fix oops in suspend/shutdown without display known affected: 184 known not affected: 90 2026-07-07T16:56:34+00:00 Vulnerability · Source
CVE-2026-53144 redhat_vex kernel: drm/amdkfd: fix NULL dereference in get_queue_ids() known not affected: 274 2026-07-07T16:45:39+00:00 Vulnerability · Source
CVE-2026-14935 redhat_vex gstreamer: gstreamer: webrtcbin accepts remote SDP without a=fingerprint due to inverted presence check known affected: 24 2026-07-07T16:24:23+00:00 Vulnerability · Source
CVE-2026-58371 redhat_vex github.com/seaweedfs/seaweedfs: SeaweedFS: Information disclosure via unvalidated JSONP callback parameter known affected: 1 2026-07-07T16:24:22+00:00 Vulnerability · Source
CVE-2024-3884 redhat_vex undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded fixed: 212 known affected: 5 known not affected: 2698 under investigation: 14 2026-07-07T15:54:08+00:00 Vulnerability · Source