VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222279 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-40923 redhat_vex github.com/tektoncd/pipeline: Tekton Pipelines: Unauthorized access and information disclosure via path validation bypass known affected: 57 known not affected: 17 2026-07-02T15:33:41+00:00 Vulnerability · Source
CVE-2026-25542 redhat_vex github.com/tektoncd/pipeline: Tekton Pipelines: Security bypass due to regular expression matching flaw known affected: 55 known not affected: 19 2026-07-02T15:33:37+00:00 Vulnerability · Source
CVE-2026-7571 redhat_vex keycloak: Keycloak: Access token disclosure and implicit flow bypass via forged client data fixed: 10 2026-07-02T15:33:35+00:00 Vulnerability · Source
CVE-2026-4630 redhat_vex keycloak: Keycloak: Unauthorized resource access and data modification via Insecure Direct Object Reference fixed: 10 2026-07-02T15:33:33+00:00 Vulnerability · Source
CVE-2025-58713 redhat_vex rhpam: privilege escalation via excessive /etc/passwd permissions under investigation: 6 2026-07-02T15:33:16+00:00 Vulnerability · Source
CVE-2025-57849 redhat_vex fuse: privilege escalation via excessive /etc/passwd permissions known affected: 6 2026-07-02T15:33:16+00:00 Vulnerability · Source
CVE-2026-54370 redhat_vex acl: TOCTOU Symlink Traversal via getfacl/setfacl fixed: 3 known affected: 16 2026-07-02T15:23:57+00:00 Vulnerability · Source
CVE-2026-32952 redhat_vex go-ntlmssp: go-ntlmssp: Denial of Service via malicious NTLM challenge known not affected: 15 under investigation: 122 2026-07-02T15:23:55+00:00 Vulnerability · Source
CVE-2026-44604 redhat_vex rpm: Command injection in rpmuncompress doUntar() via unescaped archive top-level directory name in popen() shell command fixed: 4 under investigation: 78 2026-07-02T15:23:55+00:00 Vulnerability · Source
CVE-2026-6861 redhat_vex emacs: Emacs: Memory corruption vulnerability when processing SVG CSS under investigation: 29 2026-07-02T15:23:50+00:00 Vulnerability · Source
CVE-2026-6862 redhat_vex efivar: efivar: Denial of Service due to stack overflow in device path node parsing under investigation: 13 2026-07-02T15:23:47+00:00 Vulnerability · Source
CVE-2026-3172 redhat_vex pgvector: pgvector: Information disclosure or denial of service via buffer overflow in parallel HNSW index build known affected: 2 under investigation: 6 2026-07-02T15:23:43+00:00 Vulnerability · Source
CVE-2025-58187 redhat_vex crypto/x509: Quadratic complexity when checking name constraints in crypto/x509 fixed: 8 known affected: 2 under investigation: 353 2026-07-02T15:23:38+00:00 Vulnerability · Source
CVE-2026-56371 redhat_vex ImageMagick: ImageMagick: Denial of Service due to memory leak in TXT file processing known affected: 14 2026-07-02T15:17:24+00:00 Vulnerability · Source
CVE-2026-40336 redhat_vex libgphoto2: libgphoto2: Memory leak in ptp_unpack_Sony_DPD() can lead to denial of service under investigation: 10 2026-07-02T15:17:16+00:00 Vulnerability · Source
CVE-2026-6324 redhat_vex libsoup: libsoup: HTTP Request Smuggling via Unsigned to Signed Conversion Error under investigation: 16 2026-07-02T15:16:55+00:00 Vulnerability · Source
CVE-2026-52996 microsoft_vex ksmbd: fix durable fd leak on ClientGUID mismatch in durable v2 open known not affected: 1 2026-07-02T14:47:37+00:00 Vulnerability · Source
CVE-2026-53192 microsoft_vex ALSA: timer: Fix UAF at snd_timer_user_params() fixed: 1 known affected: 2 2026-07-02T14:47:32+00:00 Vulnerability · Source
CVE-2026-53139 microsoft_vex drm/v3d: Skip CSD when it has zeroed workgroups known affected: 1 known not affected: 1 2026-07-02T14:47:26+00:00 Vulnerability · Source
CVE-2026-53131 microsoft_vex netfilter: require Ethernet MAC header before using eth_hdr() fixed: 1 known affected: 2 2026-07-02T14:47:20+00:00 Vulnerability · Source
CVE-2026-53158 microsoft_vex misc: fastrpc: Fix NULL pointer dereference in rpmsg callback known not affected: 1 2026-07-02T14:47:14+00:00 Vulnerability · Source
CVE-2026-53194 microsoft_vex USB: serial: kl5kusb105: fix bulk-out buffer overflow known not affected: 1 2026-07-02T14:47:07+00:00 Vulnerability · Source
CVE-2026-53065 microsoft_vex ASoC: sti: use managed regmap_field allocations known not affected: 1 2026-07-02T14:47:01+00:00 Vulnerability · Source
CVE-2026-53159 microsoft_vex misc: fastrpc: fix DMA address corruption due to find_vma misuse known not affected: 1 2026-07-02T14:46:55+00:00 Vulnerability · Source
CVE-2026-53024 microsoft_vex greybus: raw: fix use-after-free if write is called after disconnect known affected: 1 known not affected: 1 2026-07-02T14:46:49+00:00 Vulnerability · Source
CVE-2026-53136 microsoft_vex drm/amd/display: Clamp VBIOS HDMI retimer register count to array size fixed: 1 known affected: 2 2026-07-02T14:46:43+00:00 Vulnerability · Source
CVE-2026-52948 microsoft_vex i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl fixed: 1 known affected: 2 2026-07-02T14:46:31+00:00 Vulnerability · Source
CVE-2026-52955 microsoft_vex libceph: Fix potential out-of-bounds access in crush_decode() fixed: 1 known affected: 2 2026-07-02T14:46:25+00:00 Vulnerability · Source
CVE-2026-53215 microsoft_vex net: mvpp2: refill RX buffers before XDP or skb use known not affected: 1 2026-07-02T14:46:19+00:00 Vulnerability · Source
CVE-2026-53025 microsoft_vex greybus: raw: fix use-after-free on cdev close known affected: 1 known not affected: 1 2026-07-02T14:46:13+00:00 Vulnerability · Source
CVE-2026-53247 microsoft_vex net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown known not affected: 1 2026-07-02T14:46:07+00:00 Vulnerability · Source
CVE-2026-53217 microsoft_vex net: mvpp2: sync RX data at the hardware packet offset known not affected: 1 2026-07-02T14:46:01+00:00 Vulnerability · Source
CVE-2026-52964 microsoft_vex ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans known not affected: 1 2026-07-02T14:45:54+00:00 Vulnerability · Source
CVE-2026-53208 microsoft_vex Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig fixed: 1 known affected: 2 2026-07-02T14:45:49+00:00 Vulnerability · Source
CVE-2026-53041 microsoft_vex ocfs2: fix listxattr handling when the buffer is full known not affected: 1 2026-07-02T14:45:43+00:00 Vulnerability · Source
CVE-2026-53113 microsoft_vex wifi: ath11k: fix memory leaks in beacon template setup known affected: 1 known not affected: 1 2026-07-02T14:45:37+00:00 Vulnerability · Source
CVE-2026-53198 microsoft_vex ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL fixed: 1 known affected: 2 2026-07-02T14:45:32+00:00 Vulnerability · Source
CVE-2026-52957 microsoft_vex libceph: Fix potential null-ptr-deref in decode_choose_args() fixed: 1 known affected: 2 2026-07-02T14:45:26+00:00 Vulnerability · Source
CVE-2026-53017 microsoft_vex f2fs: fix data loss caused by incorrect use of nat_entry flag known affected: 1 known not affected: 1 2026-07-02T14:45:19+00:00 Vulnerability · Source
CVE-2026-53018 microsoft_vex f2fs: avoid reading already updated pages during GC known affected: 1 known not affected: 1 2026-07-02T14:45:13+00:00 Vulnerability · Source
CVE-2026-53161 microsoft_vex misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context known not affected: 1 2026-07-02T14:45:07+00:00 Vulnerability · Source
CVE-2026-47770 microsoft_vex jq: stack overflow in deep structural equality fixed: 2 known affected: 2 2026-07-02T14:44:59+00:00 Vulnerability · Source
CVE-2026-54679 microsoft_vex jq: potential integer overflow in jvp_string_append known affected: 1 known not affected: 1 2026-07-02T14:44:52+00:00 Vulnerability · Source
CVE-2026-49839 microsoft_vex jq --rawfile invalid-state reuse after String too long causes heap-buffer-overflow fixed: 2 known affected: 2 2026-07-02T14:44:46+00:00 Vulnerability · Source
CVE-2026-42504 microsoft_vex Quadratic complexity in WordDecoder.DecodeHeader in mime fixed: 3 known affected: 4 known not affected: 3 2026-07-02T14:44:19+00:00 Vulnerability · Source
CVE-2026-43311 microsoft_vex soc/tegra: pmc: Fix unsafe generic_handle_irq() call fixed: 1 known affected: 5 2026-07-02T14:44:01+00:00 Vulnerability · Source
CVE-2026-43303 microsoft_vex mm/page_alloc: clear page->private in free_pages_prepare() fixed: 1 known affected: 5 2026-07-02T14:43:55+00:00 Vulnerability · Source
CVE-2026-43319 microsoft_vex spi: spidev: fix lock inversion between spi_lock and buf_lock fixed: 1 known affected: 1 under investigation: 4 2026-07-02T14:43:48+00:00 Vulnerability · Source
CVE-2026-43331 microsoft_vex x86/kexec: Disable KCOV instrumentation after load_segments() fixed: 1 known affected: 1 under investigation: 4 2026-07-02T14:43:42+00:00 Vulnerability · Source
CVE-2026-43088 microsoft_vex net: af_key: zero aligned sockaddr tail in PF_KEY exports fixed: 1 known affected: 5 2026-07-02T14:43:35+00:00 Vulnerability · Source