VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222269 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-53257 | redhat_vex | kernel: wifi: cfg80211: enforce HE/EHT cap/oper consistency | known affected: 198 known not affected: 76 | 2026-07-08T16:55:01+00:00 | Vulnerability · Source |
| CVE-2026-46329 | redhat_vex | kernel: erofs: handle end of filesystem properly for file-backed mounts | known affected: 76 known not affected: 198 | 2026-07-08T16:25:36+00:00 | Vulnerability · Source |
| CVE-2026-15063 | redhat_vex | trustyai-service-operator: TrustyAI Service Operator: Gorch port bypass when auth IS enabled | known affected: 1 | 2026-07-08T16:10:45+00:00 | Vulnerability · Source |
| CVE-2026-52925 | redhat_vex | kernel: vrf: Fix a potential NPD when removing a port from a VRF | known affected: 232 known not affected: 42 | 2026-07-08T15:35:21+00:00 | Vulnerability · Source |
| CVE-2026-52928 | redhat_vex | kernel: af_unix: Reject SIOCATMARK on non-stream sockets | known affected: 90 known not affected: 184 | 2026-07-08T15:35:21+00:00 | Vulnerability · Source |
| CVE-2026-5757 | redhat_vex | Ollama: Ollama: Information disclosure vulnerability in model quantization engine | known not affected: 7 | 2026-07-08T15:35:19+00:00 | Vulnerability · Source |
| CVE-2026-52930 | redhat_vex | kernel: ipc/shm: serialize orphan cleanup with shm_nattch updates | known affected: 274 | 2026-07-08T15:35:10+00:00 | Vulnerability · Source |
| CVE-2026-44405 | redhat_vex | paramiko: Paramiko: Data integrity could be compromised due to SHA-1 algorithm use | known affected: 46 known not affected: 1 under investigation: 10 | 2026-07-08T15:30:20+00:00 | Vulnerability · Source |
| CVE-2025-61984 | redhat_vex | openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand | fixed: 734 known affected: 18 known not affected: 40 | 2026-07-08T15:25:48+00:00 | Vulnerability · Source |
| CVE-2025-59303 | redhat_vex | haproxy: HAProxy Kubernetes Ingress Controller: Secret Leak via Config Snippets | known affected: 10 known not affected: 7 | 2026-07-08T15:25:32+00:00 | Vulnerability · Source |
| CVE-2025-61985 | redhat_vex | openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand | fixed: 734 known affected: 18 known not affected: 40 | 2026-07-08T15:25:21+00:00 | Vulnerability · Source |
| CVE-2026-47204 | redhat_vex | envoy: Envoy: Denial of Service via Connect protocol request | known affected: 2 | 2026-07-08T15:21:08+00:00 | Vulnerability · Source |
| CVE-2025-11081 | redhat_vex | binutils: GNU Binutils out-of-bounds read | fixed: 3 known affected: 74 known not affected: 5 | 2026-07-08T15:21:06+00:00 | Vulnerability · Source |
| CVE-2026-48706 | redhat_vex | envoy: Envoy Heap Buffer Overflow in TcpStatsdSink | known affected: 2 | 2026-07-08T15:20:58+00:00 | Vulnerability · Source |
| CVE-2026-46283 | redhat_vex | kernel: tpm: Use kfree_sensitive() to free auth session in tpm_dev_release() | known affected: 90 known not affected: 184 | 2026-07-08T15:20:56+00:00 | Vulnerability · Source |
| CVE-2026-47221 | redhat_vex | envoy: Envoy: Null pointer deref in internal redirects | known affected: 2 | 2026-07-08T15:20:52+00:00 | Vulnerability · Source |
| CVE-2026-48044 | redhat_vex | Envoy: Envoy: Denial of Service via specially crafted zstd payload | known affected: 2 | 2026-07-08T15:20:50+00:00 | Vulnerability · Source |
| CVE-2026-12481 | redhat_vex | keras: Keras: Arbitrary code execution via deserialization vulnerability | known affected: 6 known not affected: 3 | 2026-07-08T15:20:49+00:00 | Vulnerability · Source |
| CVE-2026-48743 | redhat_vex | envoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translation | known affected: 2 | 2026-07-08T15:19:54+00:00 | Vulnerability · Source |
| CVE-2026-48042 | redhat_vex | envoy: Envoy: Denial of Service via deeply nested JSON objects | known affected: 2 | 2026-07-08T15:19:47+00:00 | Vulnerability · Source |
| CVE-2025-59375 | redhat_vex | firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing | fixed: 509 known affected: 13 known not affected: 301 | 2026-07-08T15:15:16+00:00 | Vulnerability · Source |
| CVE-2026-14739 | redhat_vex | DBI: DBI: Heap overflow when preparsing SQL statements with excessive placeholders | known affected: 6 | 2026-07-08T15:15:11+00:00 | Vulnerability · Source |
| CVE-2026-46279 | redhat_vex | kernel: mm/alloc_tag: clear codetag for pages allocated before page_ext initialization | known affected: 90 known not affected: 184 | 2026-07-08T15:09:05+00:00 | Vulnerability · Source |
| CVE-2026-46313 | redhat_vex | kernel: media: intel/ipu6: fix error pointer dereference | known affected: 76 known not affected: 198 | 2026-07-08T15:09:02+00:00 | Vulnerability · Source |
| CVE-2025-53859 | redhat_vex | nginx: NGINX ngx_mail_smtp_module vulnerability | fixed: 4 known affected: 76 | 2026-07-08T15:09:00+00:00 | Vulnerability · Source |
| CVE-2026-46302 | redhat_vex | kernel: selinux: allow multiple opens of /sys/fs/selinux/policy | known affected: 274 | 2026-07-08T15:08:57+00:00 | Vulnerability · Source |
| CVE-2026-46298 | redhat_vex | kernel: pseries/papr-hvpipe: Fix race with interrupt handler | known affected: 184 known not affected: 90 | 2026-07-08T15:08:56+00:00 | Vulnerability · Source |
| CVE-2025-11412 | redhat_vex | binutils: GNU Binutils Linker elflink.c bfd_elf_gc_record_vtentry out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:55+00:00 | Vulnerability · Source |
| CVE-2025-71315 | redhat_vex | kernel: drm/vkms: Convert to DRM's vblank timer | known affected: 232 known not affected: 42 | 2026-07-08T15:08:52+00:00 | Vulnerability · Source |
| CVE-2025-11413 | redhat_vex | binutils: GNU Binutils Linker elflink.c elf_link_add_object_symbols out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:48+00:00 | Vulnerability · Source |
| CVE-2026-40228 | redhat_vex | systemd: systemd-journald: Unintended output to user terminals via logger command | fixed: 4 known not affected: 131 | 2026-07-08T15:08:47+00:00 | Vulnerability · Source |
| CVE-2025-11840 | redhat_vex | binutils: GNU Binutils out-of-bounds read | fixed: 3 known affected: 77 | 2026-07-08T15:08:44+00:00 | Vulnerability · Source |
| CVE-2025-11414 | redhat_vex | binutils: GNU Binutils Linker elflink.c get_link_hash_entry out-of-bounds | fixed: 3 known affected: 77 | 2026-07-08T15:08:43+00:00 | Vulnerability · Source |
| CVE-2025-11495 | redhat_vex | binutils: GNU Binutils Linker heap-based overflow | fixed: 3 known affected: 77 | 2026-07-08T15:08:40+00:00 | Vulnerability · Source |
| CVE-2025-11839 | redhat_vex | binutils: GNU Binutils prdbg.c tg_tag_type return value | fixed: 3 known affected: 77 | 2026-07-08T15:08:38+00:00 | Vulnerability · Source |
| CVE-2025-11494 | redhat_vex | binutils: GNU Binutils Linker out-of-bounds read | fixed: 3 known affected: 77 | 2026-07-08T15:08:34+00:00 | Vulnerability · Source |
| CVE-2025-12817 | redhat_vex | postgresql: CREATE STATISTICS does not check for schema CREATE privilege | fixed: 2933 known affected: 46 known not affected: 3 | 2026-07-08T15:08:31+00:00 | Vulnerability · Source |
| CVE-2026-46315 | redhat_vex | kernel: io_uring/waitid: clear waitid info before copying it to userspace | known affected: 184 known not affected: 90 | 2026-07-08T15:08:30+00:00 | Vulnerability · Source |
| CVE-2026-46312 | redhat_vex | kernel: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap | known affected: 124 known not affected: 150 | 2026-07-08T15:08:29+00:00 | Vulnerability · Source |
| CVE-2025-54500 | redhat_vex | nginx: HTTP/2 Vulnerability | known not affected: 77 | 2026-07-08T15:08:28+00:00 | Vulnerability · Source |
| CVE-2026-15044 | redhat_vex | trustyai-service-operator: TrustyAI Service Operator: Unauthenticated access to AI guardrails and orchestrator APIs | known affected: 1 | 2026-07-08T15:08:24+00:00 | Vulnerability · Source |
| CVE-2026-46309 | redhat_vex | kernel: drm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise | known affected: 184 known not affected: 90 | 2026-07-08T15:06:02+00:00 | Vulnerability · Source |
| CVE-2026-32226 | redhat_vex | dotnet: .NET Framework: Denial of Service via race condition | known not affected: 133 | 2026-07-08T15:04:03+00:00 | Vulnerability · Source |
| CVE-2025-32414 | redhat_vex | libxml2: Out-of-Bounds Read in libxml2 | fixed: 533 known affected: 5 known not affected: 16 | 2026-07-08T15:03:56+00:00 | Vulnerability · Source |
| CVE-2025-32415 | redhat_vex | libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables | fixed: 568 known affected: 5 known not affected: 18 | 2026-07-08T15:02:27+00:00 | Vulnerability · Source |
| CVE-2026-50229 | redhat_vex | tomcat: Apache Tomcat: Cross-Site Scripting vulnerability in number guess example | fixed: 2 known affected: 78 known not affected: 3 | 2026-07-08T14:58:37+00:00 | Vulnerability · Source |
| CVE-2025-59464 | redhat_vex | nodejs: Nodejs memory leak | fixed: 16 known affected: 6 known not affected: 68 | 2026-07-08T14:58:33+00:00 | Vulnerability · Source |
| CVE-2026-40226 | redhat_vex | systemd: systemd nspawn: Escape-to-host action via crafted config file | fixed: 4 known not affected: 131 | 2026-07-08T14:58:31+00:00 | Vulnerability · Source |
| CVE-2025-59466 | redhat_vex | nodejs: Nodejs denial of service | fixed: 456 | 2026-07-08T14:58:29+00:00 | Vulnerability · Source |
| CVE-2026-21636 | redhat_vex | nodejs: Nodejs network segmentation bypass | fixed: 16 known not affected: 74 | 2026-07-08T14:58:28+00:00 | Vulnerability · Source |