VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
221784 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53272 | redhat_vex | kernel: erofs: fix use-after-free on sbi->sync_decompress | known affected: 76 known not affected: 198 | 2026-07-08T04:05:48+00:00 | Vulnerability · Source |
| CVE-2026-53292 | redhat_vex | kernel: net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind | known affected: 14 known not affected: 260 | 2026-07-08T04:05:46+00:00 | Vulnerability · Source |
| CVE-2026-53296 | redhat_vex | kernel: mailbox: mailbox-test: free channels on probe error | known affected: 232 known not affected: 42 | 2026-07-08T04:05:43+00:00 | Vulnerability · Source |
| CVE-2026-53283 | redhat_vex | kernel: iommu/amd: Bounds-check devid in __rlookup_amd_iommu() | known affected: 184 known not affected: 90 | 2026-07-08T04:05:43+00:00 | Vulnerability · Source |
| CVE-2026-53286 | redhat_vex | kernel: idpf: fix double free and use-after-free in aux device error paths | known affected: 184 known not affected: 90 | 2026-07-08T04:05:36+00:00 | Vulnerability · Source |
| CVE-2026-13595 | redhat_vex | util-linux: util-linux: heap use-after-free in libblkid nested partition probing | fixed: 3 known affected: 56 | 2026-07-08T03:45:13+00:00 | Vulnerability · Source |
| CVE-2026-13601 | redhat_vex | yelp: yelp-xsl: Overly Permissive Content Security Policy in Yelp Allows Host File Disclosure from Flatpak Applications | known affected: 14 | 2026-07-08T03:45:13+00:00 | Vulnerability · Source |
| CVE-2026-41988 | redhat_vex | uuid: uuid: Unexpected data writes when using external output buffers with specific UUID versions | known affected: 457 known not affected: 13 | 2026-07-08T03:36:05+00:00 | Vulnerability · Source |
| CVE-2026-41082 | redhat_vex | ocaml-opam: path traversal via the .install field | known affected: 2 | 2026-07-08T03:35:13+00:00 | Vulnerability · Source |
| CVE-2026-53317 | microsoft_vex | wifi: mt76: mt7921: Place upper limit on station AID | known affected: 1 | 2026-07-08T01:01:49+00:00 | Vulnerability · Source |
| CVE-2026-53233 | redhat_vex | kernel: netdev: fix double-free in netdev_nl_bind_rx_doit() | known affected: 76 known not affected: 198 | 2026-07-08T00:16:42+00:00 | Vulnerability · Source |
| CVE-2025-12799 | redhat_vex | jastow: Jastow Cross-Site Scripting attack due to unsanitized URI | fixed: 721 known affected: 10 known not affected: 1 | 2026-07-07T23:59:54+00:00 | Vulnerability · Source |
| CVE-2026-43112 | redhat_vex | kernel: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath | fixed: 762 known affected: 23 known not affected: 43 | 2026-07-07T23:59:27+00:00 | Vulnerability · Source |
| CVE-2026-53241 | redhat_vex | kernel: ALSA: seq: dummy: fix UMP event stack overread | known affected: 198 known not affected: 76 | 2026-07-07T22:35:03+00:00 | Vulnerability · Source |
| CVE-2026-53245 | redhat_vex | kernel: net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr | known affected: 260 known not affected: 14 | 2026-07-07T22:25:09+00:00 | Vulnerability · Source |
| CVE-2026-53249 | redhat_vex | kernel: ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options | known affected: 274 | 2026-07-07T22:15:07+00:00 | Vulnerability · Source |
| CVE-2026-28379 | redhat_vex | grafana: Grafana Live: Denial of Service due to a race condition | known affected: 24 known not affected: 3 | 2026-07-07T22:05:51+00:00 | Vulnerability · Source |
| CVE-2026-28376 | redhat_vex | grafana: Grafana Live: Denial of Service due to unbounded memory allocation via push endpoint | known affected: 25 known not affected: 2 | 2026-07-07T22:05:50+00:00 | Vulnerability · Source |
| CVE-2026-28374 | redhat_vex | grafana: Grafana: Unauthorized annotation deletion by editor users | known affected: 25 known not affected: 2 | 2026-07-07T22:05:47+00:00 | Vulnerability · Source |
| CVE-2026-33380 | redhat_vex | grafana: Grafana: Information disclosure via SQL Expressions vulnerability | known affected: 3 known not affected: 24 | 2026-07-07T22:05:45+00:00 | Vulnerability · Source |
| CVE-2025-41115 | redhat_vex | grafana: Incorrect Privilege Assignment | known not affected: 23 | 2026-07-07T22:05:33+00:00 | Vulnerability · Source |
| CVE-2026-23136 | redhat_vex | kernel: Linux kernel: Denial of Service in libceph OSD client due to unreset sparse-read state | fixed: 1218 known affected: 98 known not affected: 90 | 2026-07-07T21:55:15+00:00 | Vulnerability · Source |
| CVE-2026-53154 | redhat_vex | kernel: mm/hugetlb: restore reservation on error in hugetlb folio copy paths | known affected: 198 known not affected: 76 | 2026-07-07T20:35:46+00:00 | Vulnerability · Source |
| CVE-2026-43198 | redhat_vex | kernel: tcp: fix potential race in tcp_v6_syn_recv_sock() | fixed: 2073 known affected: 33 under investigation: 14 | 2026-07-07T20:03:20+00:00 | Vulnerability · Source |
| CVE-2026-43450 | redhat_vex | kernel: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() | fixed: 150 known affected: 212 known not affected: 14 | 2026-07-07T20:03:20+00:00 | Vulnerability · Source |
| CVE-2025-10263 | redhat_vex | kernel: Arm Processors: Privilege escalation or information disclosure via writes to higher exception level resources | fixed: 762 known affected: 24 known not affected: 43 | 2026-07-07T20:03:20+00:00 | Vulnerability · Source |
| CVE-2026-32871 | redhat_vex | fastmcp: FastMCP: Authenticated Server-Side Request Forgery via path traversal in OpenAPI path parameters | fixed: 1 known not affected: 19 | 2026-07-07T19:26:07+00:00 | Vulnerability · Source |
| CVE-2025-69872 | redhat_vex | python-diskcache: python-diskcache: Arbitrary code execution via insecure pickle deserialization | fixed: 5 known affected: 4 known not affected: 243 | 2026-07-07T19:26:07+00:00 | Vulnerability · Source |
| CVE-2025-69196 | redhat_vex | fastmcp: FastMCP: Improper token issuance due to incorrect resource parameter handling | fixed: 1 known not affected: 20 | 2026-07-07T19:26:07+00:00 | Vulnerability · Source |
| CVE-2022-30065 | redhat_vex | busybox: A use-after-free in Busybox's awk applet leads to denial of service | known affected: 3 | 2026-07-07T19:25:35+00:00 | Vulnerability · Source |
| CVE-2021-30004 | redhat_vex | wpa_supplicant: mishandled AlgorithmIdentifier parameters may lead to forging attacks | known not affected: 8 | 2026-07-07T19:25:29+00:00 | Vulnerability · Source |
| CVE-2026-12866 | redhat_vex | expr-eval: expr-eval: Code Execution via crafted expressions in toJSFunction() API | known affected: 4 | 2026-07-07T19:06:08+00:00 | Vulnerability · Source |
| CVE-2026-53157 | redhat_vex | kernel: net: phonet: free phonet_device after RCU grace period | known affected: 14 known not affected: 260 | 2026-07-07T19:06:06+00:00 | Vulnerability · Source |
| CVE-2026-55892 | redhat_vex | vim: Vim: Denial of Service via crafted spell file | fixed: 4 known affected: 33 | 2026-07-07T18:58:06+00:00 | Vulnerability · Source |
| CVE-2026-53163 | redhat_vex | kernel: locking/rtmutex: Skip remove_waiter() when waiter is not enqueued | known affected: 232 known not affected: 42 | 2026-07-07T18:57:53+00:00 | Vulnerability · Source |
| CVE-2026-53164 | redhat_vex | kernel: iommu/dma: Do not try to iommu_map a 0 length region in swiotlb | known affected: 184 known not affected: 90 | 2026-07-07T18:57:52+00:00 | Vulnerability · Source |
| CVE-2026-25749 | redhat_vex | vim: Vim: Arbitrary code execution via 'helpfile' option processing | fixed: 649 known affected: 6 known not affected: 164 | 2026-07-07T18:57:39+00:00 | Vulnerability · Source |
| CVE-2026-53009 | redhat_vex | kernel: ice: fix double-free of tx_buf skb | known affected: 260 known not affected: 14 | 2026-07-07T18:57:39+00:00 | Vulnerability · Source |
| CVE-2026-14363 | redhat_vex | Cargo: Mediawiki Cargo Extension: SQL Injection vulnerability | known not affected: 1 | 2026-07-07T18:46:04+00:00 | Vulnerability · Source |
| CVE-2026-43114 | redhat_vex | kernel: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry | known affected: 185 known not affected: 91 | 2026-07-07T18:33:08+00:00 | Vulnerability · Source |
| CVE-2026-44902 | redhat_vex | opentelemetry-js: opentelemetry/exporter-prometheus: opentelemetry-js: Denial of Service via malformed HTTP request | known affected: 2 known not affected: 5 | 2026-07-07T18:32:27+00:00 | Vulnerability · Source |
| CVE-2026-48614 | redhat_vex | Plesk: Plesk: Privilege escalation via improper authorization in XML API | known not affected: 1 | 2026-07-07T17:22:37+00:00 | Vulnerability · Source |
| CVE-2026-53134 | redhat_vex | kernel: netfilter: nft_fib: fix stale stack leak via the OIFNAME register | known affected: 232 known not affected: 42 | 2026-07-07T17:06:07+00:00 | Vulnerability · Source |
| CVE-2024-47081 | redhat_vex | requests: Requests vulnerable to .netrc credentials leak via malicious URLs | fixed: 643 known affected: 119 known not affected: 48 | 2026-07-07T17:05:58+00:00 | Vulnerability · Source |
| CVE-2026-53141 | redhat_vex | kernel: drm/v3d: Fix global performance monitor reference counting | known not affected: 274 | 2026-07-07T16:56:38+00:00 | Vulnerability · Source |
| CVE-2026-53142 | redhat_vex | kernel: drm/xe/display: fix oops in suspend/shutdown without display | known affected: 184 known not affected: 90 | 2026-07-07T16:56:34+00:00 | Vulnerability · Source |
| CVE-2026-53144 | redhat_vex | kernel: drm/amdkfd: fix NULL dereference in get_queue_ids() | known not affected: 274 | 2026-07-07T16:45:39+00:00 | Vulnerability · Source |
| CVE-2026-14935 | redhat_vex | gstreamer: gstreamer: webrtcbin accepts remote SDP without a=fingerprint due to inverted presence check | known affected: 24 | 2026-07-07T16:24:23+00:00 | Vulnerability · Source |
| CVE-2026-58371 | redhat_vex | github.com/seaweedfs/seaweedfs: SeaweedFS: Information disclosure via unvalidated JSONP callback parameter | known affected: 1 | 2026-07-07T16:24:22+00:00 | Vulnerability · Source |
| CVE-2024-3884 | redhat_vex | undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded | fixed: 212 known affected: 5 known not affected: 2698 under investigation: 14 | 2026-07-07T15:54:08+00:00 | Vulnerability · Source |