VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222176 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-58494 redhat_vex wasmtime: Wasmtime: Overwrite host files via insufficient permission checks in wasmtime-wasi known affected: 3 2026-07-15T15:00:20+00:00 Vulnerability · Source
CVE-2026-44216 redhat_vex wasmtime: Wasmtime: Denial of Service via large WebAssembly table allocation known affected: 1 known not affected: 1 2026-07-15T14:59:30+00:00 Vulnerability · Source
CVE-2026-59869 redhat_vex js-yaml: js-yaml: Denial of Service via crafted YAML documents fixed: 23 known affected: 67 known not affected: 4 under investigation: 122 2026-07-15T14:59:18+00:00 Vulnerability · Source
CVE-2026-5260 redhat_vex gnutls: gnutls: Information disclosure via heap overread in RSA key exchange fixed: 700 known affected: 6 known not affected: 61 under investigation: 1 2026-07-15T14:56:52+00:00 Vulnerability · Source
CVE-2026-53035 redhat_vex kernel: bpf, sockmap: Fix af_unix iter deadlock known affected: 198 known not affected: 76 2026-07-15T14:48:58+00:00 Vulnerability · Source
CVE-2026-53034 redhat_vex kernel: bpf, sockmap: Fix af_unix null-ptr-deref in proto update known affected: 184 known not affected: 90 2026-07-15T14:48:58+00:00 Vulnerability · Source
CVE-2026-42503 redhat_vex golang.org/x/tools/gopls: golang: gopls: Arbitrary code execution due to insecure network binding fixed: 8 known not affected: 1 2026-07-15T14:42:53+00:00 Vulnerability · Source
CVE-2026-53028 redhat_vex kernel: usb: typec: Fix error pointer dereference known affected: 184 known not affected: 90 2026-07-15T14:40:58+00:00 Vulnerability · Source
CVE-2026-15028 microsoft_vex Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header known affected: 2 2026-07-15T14:39:54+00:00 Vulnerability · Source
CVE-2026-14686 redhat_vex HdrHistogram: HdrHistogram: Data integrity impact due to incorrect comparison fixed: 7 known affected: 5 known not affected: 9 2026-07-15T14:37:44+00:00 Vulnerability · Source
CVE-2026-14685 redhat_vex HdrHistogram: HdrHistogram: Local state issue via 'Count' argument manipulation fixed: 7 known affected: 5 known not affected: 9 2026-07-15T14:37:35+00:00 Vulnerability · Source
CVE-2026-14683 redhat_vex HdrHistogram: HdrHistogram: Denial of Service via uncontrolled memory allocation fixed: 7 known affected: 5 known not affected: 9 2026-07-15T14:37:33+00:00 Vulnerability · Source
CVE-2026-29167 redhat_vex httpd: Apache HTTP Server: Arbitrary code execution or denial of service via use-after-free in mod_ldap per-directory configuration fixed: 4 known affected: 23 known not affected: 6 under investigation: 24 2026-07-15T14:37:31+00:00 Vulnerability · Source
CVE-2026-59890 redhat_vex setuptools: setuptools: MANIFEST.in exclusion bypass in sdist via Unicode normalization collision (NFC/NFD) fixed: 2 known not affected: 270 2026-07-15T14:36:27+00:00 Vulnerability · Source
CVE-2026-53021 redhat_vex kernel: scsi: target: core: Fix integer overflow in UNMAP bounds check known affected: 274 2026-07-15T14:36:26+00:00 Vulnerability · Source
CVE-2026-59996 redhat_vex openssh: OpenSSH: `scp` file misplacement vulnerability during remote copy fixed: 3 known affected: 41 2026-07-15T14:36:25+00:00 Vulnerability · Source
CVE-2026-15747 redhat_vex Mojolicious: Mojolicious: Information disclosure via BREACH compression oracle known not affected: 1 2026-07-15T14:36:24+00:00 Vulnerability · Source
CVE-2026-53022 redhat_vex kernel: platform/x86: dell-wmi-sysman: bound enumeration string aggregation known affected: 184 known not affected: 90 2026-07-15T14:36:22+00:00 Vulnerability · Source
CVE-2026-42505 redhat_vex crypto/tls: golang: Go crypto/tls: Information disclosure in Encrypted Client Hello fixed: 8 known affected: 148 known not affected: 1 under investigation: 243 2026-07-15T14:36:16+00:00 Vulnerability · Source
CVE-2026-15187 redhat_vex enquirer: Enquirer: Prototype pollution vulnerability allows remote attackers to modify object attributes fixed: 4 known affected: 14 under investigation: 45 2026-07-15T14:36:14+00:00 Vulnerability · Source
CVE-2026-55956 redhat_vex tomcat: Apache Tomcat: Improper Authorization Allows Security Constraint Bypass fixed: 4 known affected: 80 2026-07-15T14:35:21+00:00 Vulnerability · Source
CVE-2026-55693 redhat_vex vim: Vim: Out-of-bounds Write in Spell File Word Count fixed: 4 known affected: 33 2026-07-15T14:35:20+00:00 Vulnerability · Source
CVE-2026-47262 redhat_vex github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing fixed: 18 known not affected: 270 under investigation: 31 2026-07-15T14:35:10+00:00 Vulnerability · Source
CVE-2026-11856 redhat_vex curl: curl: Information disclosure via incorrect Digest authentication header reuse fixed: 7 known affected: 25 known not affected: 2 2026-07-15T14:35:10+00:00 Vulnerability · Source
CVE-2026-11564 redhat_vex libcurl: libcurl: Certificate validation bypass due to incorrect connection reuse fixed: 7 known affected: 2 known not affected: 16 2026-07-15T14:35:02+00:00 Vulnerability · Source
CVE-2026-8926 redhat_vex curl: curl: Information disclosure via incorrect .netrc password lookup fixed: 7 known affected: 27 2026-07-15T14:35:00+00:00 Vulnerability · Source
CVE-2026-8924 redhat_vex curl: curl: Cookie injection via malicious HTTP server using super cookies fixed: 7 known affected: 27 2026-07-15T14:34:57+00:00 Vulnerability · Source
CVE-2026-48913 redhat_vex httpd: mod_http2: Apache HTTP Server mod_http2: Use After Free vulnerability allows arbitrary code execution or denial of service. fixed: 17 known affected: 58 2026-07-15T14:34:44+00:00 Vulnerability · Source
CVE-2026-44631 redhat_vex httpd: Apache HTTP Server: Denial of Service via crafted regular expressions fixed: 79 known affected: 41 2026-07-15T14:34:39+00:00 Vulnerability · Source
CVE-2026-44119 redhat_vex httpd: Apache HTTP Server: Local .htaccess authors can read files with httpd user privileges fixed: 79 known affected: 41 2026-07-15T14:34:37+00:00 Vulnerability · Source
CVE-2026-43951 redhat_vex httpd: Apache HTTP Server: Out-of-bounds Read in mod_headers and mod_mime fixed: 92 known affected: 46 2026-07-15T14:34:35+00:00 Vulnerability · Source
CVE-2026-42535 redhat_vex httpd: Apache httpd mod_dav_fs: Denial of Service due to path handling issue fixed: 79 known affected: 41 2026-07-15T14:34:34+00:00 Vulnerability · Source
CVE-2026-34356 redhat_vex httpd: Apache HTTP Server: Heap-based Buffer Overflow via malicious backend servers fixed: 79 known affected: 41 2026-07-15T14:34:31+00:00 Vulnerability · Source
CVE-2026-29170 redhat_vex httpd: Apache HTTP Server: Cross-site scripting in mod_proxy_ftp via HTML directory list generation fixed: 4 known affected: 53 2026-07-15T14:34:31+00:00 Vulnerability · Source
CVE-2026-9675 redhat_vex undici: undici WebSocket client vulnerable to denial of service via cumulative fragment bypass fixed: 16 known not affected: 69 under investigation: 1 2026-07-15T14:34:06+00:00 Vulnerability · Source
CVE-2026-47104 redhat_vex libusb: libusb: Denial of Service via malformed USB descriptor fixed: 4 known affected: 15 2026-07-15T14:34:02+00:00 Vulnerability · Source
CVE-2026-23679 redhat_vex libusb: libusb: Denial of Service via malformed USB configuration descriptor fixed: 4 known affected: 15 2026-07-15T14:34:01+00:00 Vulnerability · Source
CVE-2026-43515 redhat_vex tomcat-coyote: tomcat: Improper Authorization allows security bypass fixed: 4 known affected: 29 2026-07-15T14:33:55+00:00 Vulnerability · Source
CVE-2026-7009 redhat_vex curl: Curl: Certificate validation bypass due to OCSP stapling flaw fixed: 3 known not affected: 27 2026-07-15T14:33:52+00:00 Vulnerability · Source
CVE-2026-42308 redhat_vex Pillow: python: Pillow: Denial of Service via integer overflow in font processing fixed: 5 known affected: 275 2026-07-15T14:33:47+00:00 Vulnerability · Source
CVE-2026-45149 redhat_vex brace-expansion: brace-expansion: Denial of Service due to excessive memory allocation when expanding large numeric ranges fixed: 36 known affected: 30 known not affected: 177 under investigation: 103 2026-07-15T14:31:31+00:00 Vulnerability · Source
CVE-2026-44029 redhat_vex nix: absolute path traversal when unpacking archives to disk fixed: 14 2026-07-15T14:29:51+00:00 Vulnerability · Source
CVE-2026-44028 redhat_vex nix: coroutine stack-to-heap overflow via unbounded recursion in NAR directory parser fixed: 14 2026-07-15T14:29:47+00:00 Vulnerability · Source
CVE-2026-23479 redhat_vex redis: use-after-free in unblock client flow may allow remote code execution fixed: 95 known not affected: 8 2026-07-15T14:29:40+00:00 Vulnerability · Source
CVE-2026-59870 redhat_vex js-yaml: js-yaml: Denial of Service via crafted YAML ordered-map document fixed: 30 known affected: 1 known not affected: 189 2026-07-15T14:29:06+00:00 Vulnerability · Source
CVE-2026-59868 redhat_vex js-yaml: js-yaml: Denial of Service via quadratic CPU time parsing with merge keys fixed: 30 known affected: 1 known not affected: 189 2026-07-15T14:29:02+00:00 Vulnerability · Source
CVE-2026-39822 redhat_vex os: golang: Go os.Root: Symlink following vulnerability allows directory traversal fixed: 161 known affected: 23 known not affected: 177 2026-07-15T14:21:17+00:00 Vulnerability · Source
CVE-2026-12064 redhat_vex curl: curl: SSH host verification bypass when using schemeless URLs with SFTP/SCP fixed: 7 known affected: 27 2026-07-15T14:20:14+00:00 Vulnerability · Source
CVE-2026-11586 redhat_vex curl: curl: Denial of Service via WebSocket PING flood fixed: 7 known affected: 27 2026-07-15T14:20:12+00:00 Vulnerability · Source
CVE-2026-11352 redhat_vex curl: libcurl: curl/libcurl: Remote denial of service via QUIC UDP receive function vulnerability fixed: 7 known affected: 29 known not affected: 16 2026-07-15T14:20:09+00:00 Vulnerability · Source