VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221799 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-25681 microsoft_vex Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html fixed: 35 known affected: 44 known not affected: 2 2026-07-07T01:40:29+00:00 Vulnerability · Source
CVE-2025-7039 redhat_vex glib: Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() fixed: 3 known affected: 64 2026-07-07T01:37:21+00:00 Vulnerability · Source
CVE-2026-23216 redhat_vex kernel: scsi: target: iscsi: Fix use-after-free in iscsit_dec_conn_usage_count() fixed: 1776 known affected: 98 known not affected: 14 2026-07-07T01:20:50+00:00 Vulnerability · Source
CVE-2026-14647 microsoft_vex onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds known affected: 1 2026-07-07T01:01:44+00:00 Vulnerability · Source
CVE-2026-14604 redhat_vex assimp: Assimp: Denial of Service vulnerability in PLY Model Handler known affected: 4 known not affected: 4 2026-07-07T00:38:09+00:00 Vulnerability · Source
CVE-2026-22008 redhat_vex openjdk: Improved Arena allocations (Oracle CPU 2026-04) fixed: 338 known affected: 39 known not affected: 201 2026-07-07T00:18:11+00:00 Vulnerability · Source
CVE-2025-71305 redhat_vex kernel: drm/display/dp_mst: Add protection against 0 vcpi known affected: 232 known not affected: 42 2026-07-07T00:04:15+00:00 Vulnerability · Source
CVE-2026-46244 redhat_vex kernel: netfilter: nft_inner: Fix IPv6 inner_thoff desync fixed: 1457 known affected: 22 known not affected: 90 2026-07-06T23:24:13+00:00 Vulnerability · Source
CVE-2026-14570 redhat_vex Crypt::DSA: Crypt::DSA: Private key recovery due to biased random number generation known not affected: 1 2026-07-06T22:08:36+00:00 Vulnerability · Source
CVE-2026-11850 redhat_vex krb5: krb5: integer underflow in berval2tl_data() leads to heap out-of-bounds read fixed: 3 known affected: 43 2026-07-06T22:00:27+00:00 Vulnerability · Source
CVE-2026-9545 redhat_vex libcurl: libcurl: Information disclosure via cached SSL session and early data known affected: 2 known not affected: 16 2026-07-06T21:43:18+00:00 Vulnerability · Source
CVE-2026-48142 redhat_vex nginx: NGINX: Memory disclosure or denial of service via ngx_http_charset_module heap buffer over-read fixed: 4 known affected: 54 2026-07-06T21:33:31+00:00 Vulnerability · Source
CVE-2026-53305 redhat_vex kernel: usb: typec: ps883x: Fix Oops at unbind known not affected: 274 2026-07-06T20:56:29+00:00 Vulnerability · Source
CVE-2026-53304 redhat_vex kernel: scsi: sg: Resolve soft lockup issue when opening /dev/sgX known affected: 274 2026-07-06T20:56:28+00:00 Vulnerability · Source
CVE-2026-13323 redhat_vex openvsx: Open VSX Registry: Supply chain attack via cross-site scripting known affected: 1 2026-07-06T20:56:21+00:00 Vulnerability · Source
CVE-2026-52943 redhat_vex kernel: net: skbuff: fix missing zerocopy reference in pskb_carve helpers known not affected: 274 2026-07-06T20:55:55+00:00 Vulnerability · Source
CVE-2026-53316 redhat_vex kernel: drm/amd/ras: Fix NULL deref in ras_core_ras_interrupt_detected() known not affected: 274 2026-07-06T20:44:48+00:00 Vulnerability · Source
CVE-2026-53314 redhat_vex kernel: padata: Put CPU offline callback in ONLINE section to allow failure known affected: 232 known not affected: 42 2026-07-06T20:44:44+00:00 Vulnerability · Source
CVE-2026-53310 redhat_vex kernel: soc/tegra: cbb: Fix cross-fabric target timeout lookup known affected: 76 known not affected: 198 2026-07-06T20:44:42+00:00 Vulnerability · Source
CVE-2026-53311 redhat_vex kernel: fuse: fix uninit-value in fuse_dentry_revalidate() known affected: 14 known not affected: 260 2026-07-06T20:44:39+00:00 Vulnerability · Source
CVE-2026-53315 redhat_vex kernel: drm/amd/ras: Fix NULL deref in ras_core_get_utc_second_timestamp() known not affected: 274 2026-07-06T20:44:32+00:00 Vulnerability · Source
CVE-2026-53313 redhat_vex kernel: drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths known not affected: 274 2026-07-06T20:44:29+00:00 Vulnerability · Source
CVE-2026-53306 redhat_vex kernel: tty: hvc_iucv: fix off-by-one in number of supported devices known affected: 260 known not affected: 14 2026-07-06T20:44:24+00:00 Vulnerability · Source
CVE-2026-53325 redhat_vex kernel: agp/amd64: Fix broken error propagation in agp_amd64_probe() known affected: 42 known not affected: 232 2026-07-06T20:30:18+00:00 Vulnerability · Source
CVE-2026-53324 redhat_vex kernel: net: mana: Use pci_name() for debugfs directory naming known affected: 184 known not affected: 90 2026-07-06T20:30:17+00:00 Vulnerability · Source
CVE-2026-53168 redhat_vex kernel: fuse: reject fuse_notify() pagecache ops on directories known affected: 232 known not affected: 42 2026-07-06T20:30:04+00:00 Vulnerability · Source
CVE-2026-53167 redhat_vex kernel: fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios known affected: 274 2026-07-06T20:29:56+00:00 Vulnerability · Source
CVE-2026-53323 redhat_vex kernel: net: dsa: remove redundant netdev_lock_ops() from conduit ethtool ops known not affected: 274 2026-07-06T20:29:52+00:00 Vulnerability · Source
CVE-2026-53321 redhat_vex kernel: io_uring/napi: cap busy_poll_to 10 msec known affected: 184 known not affected: 90 2026-07-06T20:29:51+00:00 Vulnerability · Source
CVE-2026-53318 redhat_vex kernel: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_tx_check_aggr() known affected: 184 known not affected: 90 2026-07-06T20:29:46+00:00 Vulnerability · Source
CVE-2026-59089 redhat_vex gimp: GIMP: Denial of service via integer overflow in PlayStation TIM loader known affected: 32 2026-07-06T20:16:09+00:00 Vulnerability · Source
CVE-2026-13769 redhat_vex aws-cli: AWS CLI: Information disclosure via overly permissive file permissions known affected: 2 2026-07-06T19:52:03+00:00 Vulnerability · Source
CVE-2026-14758 redhat_vex radare2: radare2: Denial of Service via integer overflow in hexpairs parser known not affected: 1 2026-07-06T19:38:31+00:00 Vulnerability · Source
CVE-2026-14761 redhat_vex radare2: Radare2: Denial of service via integer overflow in string manipulation functions known not affected: 1 2026-07-06T19:38:30+00:00 Vulnerability · Source
CVE-2026-14786 redhat_vex radare2: Radare2: Denial of Service via integer overflow known not affected: 1 2026-07-06T19:38:29+00:00 Vulnerability · Source
CVE-2026-14787 redhat_vex radare2: radare2: Denial of service via integer overflow in print command handler known not affected: 1 2026-07-06T19:38:29+00:00 Vulnerability · Source
CVE-2026-14789 redhat_vex radare2: radare2: Denial of Service via stack-based buffer overflow in Memory64ListStream Parser known not affected: 1 2026-07-06T19:38:28+00:00 Vulnerability · Source
CVE-2026-53177 redhat_vex kernel: bnxt_en: Fix NULL pointer dereference known affected: 260 known not affected: 14 2026-07-06T19:38:27+00:00 Vulnerability · Source
CVE-2026-53149 redhat_vex kernel: thunderbolt: Bound root directory content to block size known not affected: 274 2026-07-06T19:38:07+00:00 Vulnerability · Source
CVE-2026-53150 redhat_vex kernel: thunderbolt: Reject zero-length property entries in validator known not affected: 274 2026-07-06T19:37:47+00:00 Vulnerability · Source
CVE-2026-54235 redhat_vex vllm: vLLM: Denial of Service due to improper floating-point validation fixed: 3 known affected: 18 known not affected: 4 2026-07-06T19:36:03+00:00 Vulnerability · Source
CVE-2026-31669 redhat_vex kernel: mptcp: fix slab-use-after-free in __inet_lookup_established fixed: 1980 known affected: 22 known not affected: 42 2026-07-06T19:35:23+00:00 Vulnerability · Source
CVE-2026-22990 redhat_vex kernel: libceph: replace overzealous BUG_ON in osdmap_apply_incremental() fixed: 1364 known affected: 126 known not affected: 14 2026-07-06T19:35:15+00:00 Vulnerability · Source
CVE-2026-22984 redhat_vex kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done() fixed: 1364 known affected: 98 known not affected: 42 2026-07-06T19:35:13+00:00 Vulnerability · Source
CVE-2025-71116 redhat_vex kernel: libceph: make decode_pool() more resilient against corrupted osdmaps fixed: 1364 known affected: 126 known not affected: 14 2026-07-06T19:35:11+00:00 Vulnerability · Source
CVE-2023-24539 redhat_vex golang: html/template: improper sanitization of CSS values fixed: 1653 known affected: 48 known not affected: 1106 under investigation: 1 2026-07-06T19:22:22+00:00 Vulnerability · Source
CVE-2026-41523 redhat_vex vllm: vLLM: Arbitrary code execution via malicious HuggingFace model fixed: 3 known affected: 11 known not affected: 11 2026-07-06T19:09:48+00:00 Vulnerability · Source
CVE-2026-34982 redhat_vex vim: arbitrary command execution via modeline sandbox bypass fixed: 641 known affected: 13 known not affected: 111 2026-07-06T19:09:46+00:00 Vulnerability · Source
CVE-2026-34756 redhat_vex vllm: vLLM: Denial of Service via excessively large 'n' parameter in OpenAI-compatible API fixed: 3 known affected: 18 2026-07-06T19:09:42+00:00 Vulnerability · Source
CVE-2026-34755 redhat_vex vLLM: vLLM: Denial of Service due to excessive video frame processing fixed: 3 known affected: 18 2026-07-06T19:09:39+00:00 Vulnerability · Source