VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

221676 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-12315 redhat_vex firefox: thunderbird: Mitigation bypass in the DOM: Security component fixed: 260 known affected: 8 2026-07-15T05:47:48+00:00 Vulnerability · Source
CVE-2026-12314 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:47+00:00 Vulnerability · Source
CVE-2026-12313 redhat_vex firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component fixed: 260 known affected: 8 2026-07-15T05:47:46+00:00 Vulnerability · Source
CVE-2026-12312 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:41+00:00 Vulnerability · Source
CVE-2026-12311 redhat_vex firefox: thunderbird: Information disclosure, sandbox escape in the Security: Process Sandboxing component fixed: 260 known affected: 8 2026-07-15T05:47:39+00:00 Vulnerability · Source
CVE-2026-12310 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:37+00:00 Vulnerability · Source
CVE-2026-12309 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:34+00:00 Vulnerability · Source
CVE-2026-12308 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:31+00:00 Vulnerability · Source
CVE-2026-12307 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:27+00:00 Vulnerability · Source
CVE-2026-12306 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:26+00:00 Vulnerability · Source
CVE-2026-12305 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:47:24+00:00 Vulnerability · Source
CVE-2026-12302 redhat_vex firefox: thunderbird: Mitigation bypass in the DOM: Security component fixed: 260 known affected: 8 2026-07-15T05:47:21+00:00 Vulnerability · Source
CVE-2026-12304 redhat_vex firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component fixed: 260 known affected: 8 2026-07-15T05:47:21+00:00 Vulnerability · Source
CVE-2026-12329 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:31:38+00:00 Vulnerability · Source
CVE-2026-12328 redhat_vex firefox: thunderbird: Memory safety bugs fixed in Firefox ESR 115.37, Firefox ESR 140.12, Thunderbird ESR 140.12, Firefox 152 and Thunderbird 152 fixed: 260 known affected: 8 2026-07-15T05:31:33+00:00 Vulnerability · Source
CVE-2026-12299 redhat_vex firefox: thunderbird: JIT miscompilation in the DOM: Core & HTML component fixed: 260 known affected: 8 2026-07-15T05:31:28+00:00 Vulnerability · Source
CVE-2026-12298 redhat_vex firefox: thunderbird: Memory safety bug fixed in Firefox ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:31:24+00:00 Vulnerability · Source
CVE-2026-12297 redhat_vex firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Networking component fixed: 260 known affected: 8 2026-07-15T05:31:18+00:00 Vulnerability · Source
CVE-2026-12296 redhat_vex firefox: thunderbird: Sandbox escape in the Security: Process Sandboxing component fixed: 260 known affected: 8 2026-07-15T05:31:14+00:00 Vulnerability · Source
CVE-2026-12295 redhat_vex firefox: thunderbird: Sandbox escape in the DOM: Navigation component fixed: 260 known affected: 8 2026-07-15T05:31:06+00:00 Vulnerability · Source
CVE-2026-12294 redhat_vex firefox: thunderbird: Sandbox escape in the DOM: Workers component fixed: 260 known affected: 8 2026-07-15T05:31:00+00:00 Vulnerability · Source
CVE-2026-12292 redhat_vex firefox: thunderbird: Incorrect boundary conditions in the Web Audio component fixed: 260 known affected: 8 2026-07-15T05:30:53+00:00 Vulnerability · Source
CVE-2026-12291 redhat_vex firefox: thunderbird: Use-after-free in the Networking: HTTP component fixed: 260 known affected: 8 2026-07-15T05:30:47+00:00 Vulnerability · Source
CVE-2026-12290 redhat_vex firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12 fixed: 260 known affected: 8 2026-07-15T05:30:38+00:00 Vulnerability · Source
CVE-2026-12289 redhat_vex firefox: thunderbird: Privilege escalation in the Graphics: WebRender component fixed: 260 known affected: 8 2026-07-15T05:30:33+00:00 Vulnerability · Source
CVE-2024-24784 redhat_vex golang: net/mail: comments in display names are incorrectly handled fixed: 1678 known affected: 56 known not affected: 714 2026-07-15T05:04:49+00:00 Vulnerability · Source
CVE-2026-48524 redhat_vex python-pyjwt: PyJWT: Denial of Service via unverified JSON Web Token key IDs known affected: 184 known not affected: 5 2026-07-15T05:04:22+00:00 Vulnerability · Source
CVE-2026-12505 redhat_vex cifs-utils: local privilege escalation via forged cifs.spnego key description in cifs.upcall fixed: 143 known affected: 5 2026-07-15T04:44:40+00:00 Vulnerability · Source
CVE-2025-43213 redhat_vex webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash fixed: 509 known affected: 4 known not affected: 5 2026-07-15T03:16:38+00:00 Vulnerability · Source
CVE-2021-47952 redhat_vex python-jsonpickle: python-jsonpickle: Arbitrary Code Execution via Malicious JSON Deserialization known not affected: 2 2026-07-15T03:16:31+00:00 Vulnerability · Source
CVE-2026-1207 redhat_vex Django: Django: SQL Injection via RasterField band index parameter fixed: 122 known affected: 6 known not affected: 4552 2026-07-15T03:13:09+00:00 Vulnerability · Source
CVE-2026-0877 redhat_vex firefox: thunderbird: Mitigation bypass in the DOM: Security component fixed: 320 known affected: 7 2026-07-15T03:13:07+00:00 Vulnerability · Source
CVE-2025-70974 redhat_vex fastjson: Fastjson: Remote Code Execution via JNDI Injection due to autoType mishandling known not affected: 14 2026-07-15T03:13:03+00:00 Vulnerability · Source
CVE-2025-43441 redhat_vex webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash fixed: 482 known affected: 4 known not affected: 5 2026-07-15T03:12:35+00:00 Vulnerability · Source
CVE-2026-48618 redhat_vex nodejs: Node.js: Authentication bypass due to TLS hostname handling and unicode dot separator mismatch fixed: 210 known affected: 28 2026-07-15T03:07:47+00:00 Vulnerability · Source
CVE-2026-8946 redhat_vex firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component fixed: 260 known affected: 8 2026-07-15T03:00:00+00:00 Vulnerability · Source
CVE-2026-48779 redhat_vex ws: ws: Denial of Service via memory exhaustion from small WebSocket fragments fixed: 101 known affected: 58 known not affected: 295 under investigation: 30 2026-07-15T03:00:00+00:00 Vulnerability · Source
CVE-2026-45829 redhat_vex chromadb: ChromaDB Python Project: Arbitrary code execution via pre-authentication code injection known not affected: 4 2026-07-15T03:00:00+00:00 Vulnerability · Source
CVE-2026-13149 redhat_vex brace-expansion: Brace-expansion: Denial of Service due to exponential-time complexity fixed: 12 known affected: 183 known not affected: 65 2026-07-15T03:00:00+00:00 Vulnerability · Source
CVE-2026-24869 redhat_vex firefox: Use-after-free in the Layout: Scrolling and Overflow component known not affected: 12 2026-07-15T02:42:36+00:00 Vulnerability · Source
CVE-2026-2447 redhat_vex libvpx: Heap buffer overflow in libvpx fixed: 721 known affected: 7 2026-07-15T02:42:24+00:00 Vulnerability · Source
CVE-2026-23868 redhat_vex giflib: Giflib: Double-free vulnerability leading to memory corruption fixed: 480 known affected: 3 2026-07-15T02:42:01+00:00 Vulnerability · Source
CVE-2026-25521 redhat_vex locutus: Locutus is vulnerable to Prototype Pollution known not affected: 6 2026-07-15T02:41:27+00:00 Vulnerability · Source
CVE-2026-2797 redhat_vex firefox: thunderbird: Use-after-free in the JavaScript: GC component known not affected: 18 2026-07-15T02:38:06+00:00 Vulnerability · Source
CVE-2026-2759 redhat_vex firefox: thunderbird: Incorrect boundary conditions in the Graphics: ImageLib component fixed: 320 known affected: 6 2026-07-15T02:38:02+00:00 Vulnerability · Source
CVE-2026-2611 redhat_vex mlflow: MLflow: Arbitrary Code Execution via Improper Origin Validation known not affected: 19 2026-07-15T02:37:51+00:00 Vulnerability · Source
CVE-2026-2761 redhat_vex firefox: thunderbird: Sandbox escape in the Graphics: WebRender component fixed: 320 known affected: 6 2026-07-15T02:36:52+00:00 Vulnerability · Source
CVE-2026-2651 redhat_vex github.com/mlflow/mlflow: MLflow: Arbitrary code execution via unauthorized multipart upload access known not affected: 19 2026-07-15T02:36:38+00:00 Vulnerability · Source
CVE-2026-2766 redhat_vex firefox: thunderbird: Use-after-free in the JavaScript Engine: JIT component fixed: 320 known affected: 8 2026-07-15T02:36:21+00:00 Vulnerability · Source
CVE-2026-31837 redhat_vex istio: Istio: Information disclosure and authentication bypass via JWKS resolver unavailability fixed: 36 known affected: 9 known not affected: 271 2026-07-15T02:32:38+00:00 Vulnerability · Source