VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221785 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-53144 redhat_vex kernel: drm/amdkfd: fix NULL dereference in get_queue_ids() known not affected: 274 2026-07-07T16:45:39+00:00 Vulnerability · Source
CVE-2026-14935 redhat_vex gstreamer: gstreamer: webrtcbin accepts remote SDP without a=fingerprint due to inverted presence check known affected: 24 2026-07-07T16:24:23+00:00 Vulnerability · Source
CVE-2026-58371 redhat_vex github.com/seaweedfs/seaweedfs: SeaweedFS: Information disclosure via unvalidated JSONP callback parameter known affected: 1 2026-07-07T16:24:22+00:00 Vulnerability · Source
CVE-2024-3884 redhat_vex undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded fixed: 212 known affected: 5 known not affected: 2698 under investigation: 14 2026-07-07T15:54:08+00:00 Vulnerability · Source
CVE-2026-24260 redhat_vex NVIDIA Container Toolkit: NVIDIA Container Toolkit: Privilege escalation and code execution via race condition known not affected: 2 2026-07-07T15:51:11+00:00 Vulnerability · Source
CVE-2026-13311 redhat_vex shell-quote: shell-quote/parse: shell-quote: Denial of Service due to inefficient input parsing known affected: 57 known not affected: 24 2026-07-07T15:41:49+00:00 Vulnerability · Source
CVE-2026-54316 redhat_vex claude-code: Claude Code: Out-of-Band Data Exfiltration via Pre-Approved HuggingFace Domain in WebFetch known affected: 1 2026-07-07T15:37:40+00:00 Vulnerability · Source
CVE-2026-35397 redhat_vex jupyter-server: Jupyter Server: Unauthorized File Access via Path Traversal Vulnerability known affected: 14 known not affected: 2 2026-07-07T15:31:38+00:00 Vulnerability · Source
CVE-2026-44727 redhat_vex jupyter-server: Jupyter Server: Remote Code Execution via stored Cross-Site Scripting in nbconvert handlers known affected: 14 known not affected: 2 2026-07-07T15:31:02+00:00 Vulnerability · Source
CVE-2026-14620 redhat_vex webpack-dev-server: webpack-dev-server: Arbitrary file opening and denial of service via exposed developer endpoints known affected: 80 2026-07-07T15:29:46+00:00 Vulnerability · Source
CVE-2018-10902 redhat_vex kernel: MIDI driver race condition leads to a double-free fixed: 554 known affected: 1 known not affected: 41 2026-07-07T15:28:16+00:00 Vulnerability · Source
CVE-2026-38970 redhat_vex github.com/pdfcpu/pdfcpu: pdfcpu: Denial of Service via uncontrolled recursion in PDF parsing known not affected: 1 2026-07-07T15:17:54+00:00 Vulnerability · Source
CVE-2026-14534 redhat_vex fickling: python: fickling: Arbitrary code execution due to incomplete denylist in deserialization known affected: 5 2026-07-07T15:16:29+00:00 Vulnerability · Source
CVE-2026-54886 redhat_vex erlang: Erlang OTP ssh: Denial of Service via infinite loop in SFTP channel known affected: 41 2026-07-07T15:12:28+00:00 Vulnerability · Source
CVE-2026-41642 redhat_vex github.com/osrg/gobgp: golang: GoBGP: Denial of Service via malformed BGP UPDATE message known not affected: 1 2026-07-07T15:10:48+00:00 Vulnerability · Source
CVE-2026-42285 redhat_vex github.com/osrg/gobgp: golang: GoBGP: Denial of Service due to specially crafted BGP UPDATE message known not affected: 1 2026-07-07T15:10:07+00:00 Vulnerability · Source
CVE-2026-44628 redhat_vex DCMTK: DCMTK: Denial of Service via crafted query known not affected: 1 2026-07-07T15:08:50+00:00 Vulnerability · Source
CVE-2026-54891 redhat_vex erlang: Erlang SSL: Unauthenticated data injection during TLS handshake known affected: 41 2026-07-07T15:06:33+00:00 Vulnerability · Source
CVE-2026-55952 redhat_vex erlang: Erlang/OTP: Denial of Service in TLS 1.3 session ticket handling known affected: 41 2026-07-07T15:00:42+00:00 Vulnerability · Source
CVE-2026-14742 redhat_vex langgraph: Langgraph: Information Disclosure via Weak Hash in Task Result Cache known affected: 7 2026-07-07T14:40:01+00:00 Vulnerability · Source
CVE-2024-9341 redhat_vex Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library fixed: 535 known affected: 4 known not affected: 2798 2026-07-07T14:24:52+00:00 Vulnerability · Source
CVE-2026-46181 redhat_vex kernel: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() fixed: 1457 known affected: 33 known not affected: 76 under investigation: 14 2026-07-07T14:15:12+00:00 Vulnerability · Source
CVE-2026-41516 redhat_vex OP-TEE: OP-TEE: Information disclosure via Bleichenbacher-style padding oracle in RSA PKCS#1 v1.5 decryption known not affected: 1 2026-07-07T13:46:43+00:00 Vulnerability · Source
CVE-2026-42778 redhat_vex Apache MINA: deserialization of untrusted data (incomplete fix for CVE-2026-41409) known affected: 5 known not affected: 22 2026-07-07T13:32:53+00:00 Vulnerability · Source
CVE-2026-41409 redhat_vex Apache MINA: Apache MINA: Arbitrary code execution via incomplete deserialization fix known affected: 8 known not affected: 19 2026-07-07T13:32:52+00:00 Vulnerability · Source
CVE-2026-46303 redhat_vex kernel: isofs: validate Rock Ridge CE continuation extent against volume size known affected: 76 known not affected: 198 2026-07-07T13:12:10+00:00 Vulnerability · Source
CVE-2026-46323 redhat_vex kernel: Linux kernel: Use-After-Free in net/gro due to improper handling of zerocopy skbs fixed: 1148 known affected: 78 known not affected: 112 2026-07-07T13:02:41+00:00 Vulnerability · Source
CVE-2026-41515 redhat_vex optee_os: OP-TEE: Information disclosure via padding oracle in RSA-OAEP decryption known not affected: 1 2026-07-07T12:43:08+00:00 Vulnerability · Source
CVE-2026-41434 redhat_vex OP-TEE: OP-TEE: Denial of Service via unbounded recursion in PKCS#11 TA known not affected: 1 2026-07-07T12:43:07+00:00 Vulnerability · Source
CVE-2026-42546 redhat_vex OP-TEE: OP-TEE: Denial of Service due to resource leak in shared memory cleanup known not affected: 1 2026-07-07T12:43:07+00:00 Vulnerability · Source
CVE-2026-53763 redhat_vex OP-TEE: OP-TEE: Data integrity compromise due to integer overflow in AES-GCM known not affected: 1 2026-07-07T12:42:17+00:00 Vulnerability · Source
CVE-2026-44362 redhat_vex optee: OP-TEE: Subkey rollback protection bypass allows loading of unauthorized Trusted Applications known not affected: 1 2026-07-07T12:42:14+00:00 Vulnerability · Source
CVE-2026-41514 redhat_vex optee: OP-TEE: Information disclosure via padding oracle in RSA-OAEP decryption known not affected: 1 2026-07-07T12:42:12+00:00 Vulnerability · Source
CVE-2026-40257 redhat_vex optee: OP-TEE: Memory corruption due to heap overflow in ARM Crypto Extensions SHA-3 implementation known not affected: 1 2026-07-07T12:42:03+00:00 Vulnerability · Source
CVE-2025-49795 redhat_vex libxml: Null pointer dereference leads to Denial of service (DoS) fixed: 57 known affected: 5 known not affected: 13 2026-07-07T12:21:30+00:00 Vulnerability · Source
CVE-2026-48936 redhat_vex nodejs: Node.js: Local server can be started without network permission via Permission API flaw fixed: 20 known affected: 40 2026-07-07T12:06:41+00:00 Vulnerability · Source
CVE-2026-55686 redhat_vex github.com/containers/podman: Podman: Host filesystem modification via malicious container image WORKDIR symlink fixed: 4 known affected: 37 2026-07-07T12:04:57+00:00 Vulnerability · Source
CVE-2026-30923 redhat_vex libModSecurity3: ModSecurity: ModSecurity: Denial of Service via crafted query string parameter in t:hexDecode transformation known not affected: 8 2026-07-07T11:48:27+00:00 Vulnerability · Source
CVE-2026-44283 redhat_vex etcd: etcd: Authenticated user can bypass RBAC for unauthorized data access known affected: 3 under investigation: 4 2026-07-07T11:42:22+00:00 Vulnerability · Source
CVE-2026-41293 redhat_vex tomcat-coyote: Apache Tomcat: HTTP/2 request headers not validated known affected: 66 known not affected: 2 under investigation: 14 2026-07-07T11:42:21+00:00 Vulnerability · Source
CVE-2026-54902 redhat_vex Oj: Use-After-Free in Oj::Parser SAJ Long Key Callback known not affected: 1 2026-07-07T11:33:11+00:00 Vulnerability · Source
CVE-2026-54901 redhat_vex Oj: Use-After-Free in Oj::Parser array_class/hash_class GC Marking known not affected: 1 2026-07-07T11:33:09+00:00 Vulnerability · Source
CVE-2026-54502 redhat_vex Oj: Stack Buffer Overflow in Oj.dump via Large Indent known not affected: 1 2026-07-07T11:33:08+00:00 Vulnerability · Source
CVE-2026-8450 redhat_vex perl-HTTP-Daemon: HTTP::Daemon: Arbitrary code execution via OS command injection in send_file() fixed: 6 known affected: 1 2026-07-07T11:25:14+00:00 Vulnerability · Source
CVE-2026-14476 redhat_vex sssd: sssd: GPO cache path traversal via unsanitized gPCFileSysPath allows Kerberos authentication bypass known affected: 163 2026-07-07T11:09:15+00:00 Vulnerability · Source
CVE-2026-14474 redhat_vex sssd: sssd: sudo LDAP provider searches entire directory tree for sudoRole objects by default, enabling privilege escalation known affected: 163 2026-07-07T11:09:08+00:00 Vulnerability · Source
CVE-2026-54500 redhat_vex oj: Oj: Information disclosure via uninitialized stack memory read known not affected: 1 2026-07-07T10:34:59+00:00 Vulnerability · Source
CVE-2026-54898 redhat_vex oj: Oj: Denial of Service via input string mutation during JSON parsing known not affected: 1 2026-07-07T10:34:55+00:00 Vulnerability · Source
CVE-2026-54900 redhat_vex oj: Oj: Heap corruption via crafted JSON object key known not affected: 1 2026-07-07T10:34:07+00:00 Vulnerability · Source
CVE-2026-54592 redhat_vex oj: Oj: Denial of Service via deeply nested JSON input known not affected: 1 2026-07-07T10:34:01+00:00 Vulnerability · Source