VEX records
Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.
222279 VEX records
API response| Vulnerability | Source | Title | Product status | Imported | Links |
|---|---|---|---|---|---|
| CVE-2026-11703 | microsoft_vex | Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption | known not affected: 1 | 2026-07-02T14:40:42+00:00 | Vulnerability · Source |
| CVE-2026-55964 | microsoft_vex | Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption) | known not affected: 1 | 2026-07-02T14:40:36+00:00 | Vulnerability · Source |
| CVE-2026-55960 | microsoft_vex | Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation | known not affected: 1 | 2026-07-02T14:40:30+00:00 | Vulnerability · Source |
| CVE-2026-6450 | microsoft_vex | CRL critical extension bypass in ParseCRL_Extensions | known not affected: 1 | 2026-07-02T14:40:24+00:00 | Vulnerability · Source |
| CVE-2026-7532 | microsoft_vex | iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined | known not affected: 1 | 2026-07-02T14:40:17+00:00 | Vulnerability · Source |
| CVE-2026-6291 | microsoft_vex | Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption | known not affected: 1 | 2026-07-02T14:40:10+00:00 | Vulnerability · Source |
| CVE-2026-11946 | redhat_vex | open62541: open62541: Denial of Service via unvalidated endpoint URL length | known not affected: 1 | 2026-07-02T14:04:58+00:00 | Vulnerability · Source |
| CVE-2026-48853 | redhat_vex | grpc: elixir-grpc grpc: Remote Code Execution and Denial of Service via Deserialization of Untrusted Data | known not affected: 6 | 2026-07-02T13:50:36+00:00 | Vulnerability · Source |
| CVE-2026-42440 | redhat_vex | org.apache.opennlp/opennlp-tools: Apache OpenNLP: Denial of Service via unbounded array allocation in crafted model files | known affected: 3 known not affected: 1 under investigation: 3 | 2026-07-02T13:50:29+00:00 | Vulnerability · Source |
| CVE-2025-15646 | redhat_vex | HTML-Gumbo: HTML::Gumbo: Information disclosure through HTML template processing | known not affected: 1 | 2026-07-02T13:50:23+00:00 | Vulnerability · Source |
| CVE-2026-40987 | redhat_vex | Spring Integration: Spring Integration: Arbitrary file write via malicious server | known affected: 5 known not affected: 3 | 2026-07-02T13:50:23+00:00 | Vulnerability · Source |
| CVE-2026-53176 | redhat_vex | kernel: IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN | known affected: 260 known not affected: 14 | 2026-07-02T13:37:17+00:00 | Vulnerability · Source |
| CVE-2026-53059 | redhat_vex | kernel: dm log: fix out-of-bounds write due to region_count overflow | known affected: 260 under investigation: 14 | 2026-07-02T13:37:13+00:00 | Vulnerability · Source |
| CVE-2026-33228 | redhat_vex | flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON. | fixed: 14 known affected: 11 known not affected: 179 | 2026-07-02T13:36:35+00:00 | Vulnerability · Source |
| CVE-2026-28369 | redhat_vex | undertow: Undertow: Request Smuggling via Malformed HTTP Request Headers | fixed: 53 known affected: 15 known not affected: 9 | 2026-07-02T13:36:17+00:00 | Vulnerability · Source |
| CVE-2026-28368 | redhat_vex | undertow: Undertow: Request smuggling via inconsistent header parsing | fixed: 53 known affected: 14 known not affected: 10 | 2026-07-02T13:36:15+00:00 | Vulnerability · Source |
| CVE-2026-4891 | redhat_vex | dnsmasq: RRSIG rdlen underflow leading to heap OOB read | fixed: 84 known affected: 7 | 2026-07-02T13:35:57+00:00 | Vulnerability · Source |
| CVE-2026-43071 | redhat_vex | kernel: dcache: Limit the minimal number of bucket to two | known affected: 274 | 2026-07-02T13:23:24+00:00 | Vulnerability · Source |
| CVE-2026-44477 | redhat_vex | github.com/cloudnative-pg/cloudnative-pg: CloudNativePG: Metrics exporter allows privilege escalation to PostgreSQL superuser and OS RCE | known affected: 4 known not affected: 4 | 2026-07-02T13:09:46+00:00 | Vulnerability · Source |
| CVE-2026-43503 | redhat_vex | kernel: net: skbuff: propagate shared-frag marker through frag-transfer helpers | fixed: 2576 known not affected: 43 | 2026-07-02T13:09:42+00:00 | Vulnerability · Source |
| CVE-2026-28367 | redhat_vex | undertow: Undertow: Request smuggling via `\r\r\r` as a header block terminator | fixed: 53 known affected: 9 known not affected: 15 | 2026-07-02T13:09:15+00:00 | Vulnerability · Source |
| CVE-2026-43006 | redhat_vex | kernel: io_uring/rsrc: reject zero-length fixed buffer import | fixed: 309 known not affected: 198 | 2026-07-02T12:53:32+00:00 | Vulnerability · Source |
| CVE-2026-33592 | redhat_vex | open62541: open62541: Remote attacker can cause Denial of Service via FindServers Discovery Service | known not affected: 1 | 2026-07-02T12:53:16+00:00 | Vulnerability · Source |
| CVE-2026-6100 | redhat_vex | python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules | fixed: 1601 known affected: 27 known not affected: 94 | 2026-07-02T12:53:01+00:00 | Vulnerability · Source |
| CVE-2025-55163 | redhat_vex | netty: netty-codec-http2: Netty MadeYouReset HTTP/2 DDoS Vulnerability | fixed: 476 known affected: 31 known not affected: 2763 | 2026-07-02T12:52:48+00:00 | Vulnerability · Source |
| CVE-2013-10075 | redhat_vex | Apache::Session: Perl: Apache::Session::Store::File: Apache::Session::Store::DB_File: Apache::Session: Information disclosure due to re-creation of deleted sessions | known affected: 101 known not affected: 1 under investigation: 221 | 2026-07-02T12:52:37+00:00 | Vulnerability · Source |
| CVE-2026-43308 | redhat_vex | kernel: btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() | known affected: 118 known not affected: 156 | 2026-07-02T12:52:30+00:00 | Vulnerability · Source |
| CVE-2026-43290 | redhat_vex | kernel: media: uvcvideo: Return queued buffers on start_streaming() failure | known affected: 76 known not affected: 198 | 2026-07-02T12:52:26+00:00 | Vulnerability · Source |
| CVE-2026-43253 | redhat_vex | kernel: iommu/amd: move wait_on_sem() out of spinlock | known affected: 232 known not affected: 42 | 2026-07-02T12:52:25+00:00 | Vulnerability · Source |
| CVE-2026-43177 | redhat_vex | kernel: media: ipu6: Fix RPM reference leak in probe error paths | known affected: 76 known not affected: 198 | 2026-07-02T12:52:15+00:00 | Vulnerability · Source |
| CVE-2026-43030 | redhat_vex | kernel: bpf: Fix regsafe() for pointers to packet | known affected: 232 known not affected: 42 | 2026-07-02T12:52:12+00:00 | Vulnerability · Source |
| CVE-2026-43863 | redhat_vex | mutt: Mutt: Remote Denial of Service via crafted input | known affected: 9 | 2026-07-02T12:52:04+00:00 | Vulnerability · Source |
| CVE-2026-43862 | redhat_vex | mutt: Mutt: Security bypass due to mishandled IMAP authentication | known affected: 9 | 2026-07-02T12:52:00+00:00 | Vulnerability · Source |
| CVE-2026-43861 | redhat_vex | mutt: Mutt: URL processing vulnerability due to improper null character handling | known affected: 9 | 2026-07-02T12:51:56+00:00 | Vulnerability · Source |
| CVE-2026-43860 | redhat_vex | mutt: mutt: Authentication bypass due to IMAP CRAM-MD5 hash truncation | known affected: 9 | 2026-07-02T12:51:51+00:00 | Vulnerability · Source |
| CVE-2026-43859 | redhat_vex | mutt: Mutt: Low integrity impact in IMAP authentication due to cryptographic digest mishandling | known affected: 9 | 2026-07-02T12:51:49+00:00 | Vulnerability · Source |
| CVE-2026-43385 | redhat_vex | kernel: net: Fix rcu_tasks stall in threaded busypoll | known affected: 90 known not affected: 184 | 2026-07-02T12:51:32+00:00 | Vulnerability · Source |
| CVE-2026-43353 | redhat_vex | kernel: i3c: mipi-i3c-hci: Fix race in DMA ring dequeue | known affected: 76 known not affected: 198 | 2026-07-02T12:51:15+00:00 | Vulnerability · Source |
| CVE-2026-43352 | redhat_vex | kernel: i3c: mipi-i3c-hci: Correct RING_CTRL_ABORT handling in DMA dequeue | known affected: 76 known not affected: 198 | 2026-07-02T12:51:12+00:00 | Vulnerability · Source |
| CVE-2026-43350 | redhat_vex | kernel: smb: client: require a full NFS mode SID before reading mode bits | known affected: 232 known not affected: 42 | 2026-07-02T12:51:10+00:00 | Vulnerability · Source |
| CVE-2026-43345 | redhat_vex | kernel: net: ipa: fix event ring index not programmed for IPA v5.0+ | known affected: 76 known not affected: 198 | 2026-07-02T12:51:05+00:00 | Vulnerability · Source |
| CVE-2026-43321 | redhat_vex | kernel: bpf: Properly mark live registers for indirect jumps | known affected: 260 known not affected: 14 | 2026-07-02T12:51:03+00:00 | Vulnerability · Source |
| CVE-2026-43288 | redhat_vex | kernel: ext4: move ext4_percpu_param_init() before ext4_mb_init() | known affected: 274 | 2026-07-02T12:50:57+00:00 | Vulnerability · Source |
| CVE-2026-43273 | redhat_vex | kernel: ceph: supply snapshot context in ceph_zero_partial_object() | known affected: 260 known not affected: 14 | 2026-07-02T12:50:53+00:00 | Vulnerability · Source |
| CVE-2026-43252 | redhat_vex | kernel: mptcp: pm: in-kernel: always set ID as avail when rm endp | known affected: 76 known not affected: 198 | 2026-07-02T12:50:51+00:00 | Vulnerability · Source |
| CVE-2026-43239 | redhat_vex | kernel: smb: client: prevent races in ->query_interfaces() | known affected: 232 known not affected: 42 | 2026-07-02T12:50:48+00:00 | Vulnerability · Source |
| CVE-2026-43214 | redhat_vex | kernel: KVM: x86: Add SRCU protection for reading PDPTRs in __get_sregs2() | known affected: 246 known not affected: 28 | 2026-07-02T12:50:43+00:00 | Vulnerability · Source |
| CVE-2026-43213 | redhat_vex | kernel: wifi: rtw89: pci: validate sequence number of TX release report | known affected: 232 known not affected: 42 | 2026-07-02T12:50:41+00:00 | Vulnerability · Source |
| CVE-2026-43199 | redhat_vex | kernel: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query | known affected: 198 known not affected: 76 | 2026-07-02T12:50:38+00:00 | Vulnerability · Source |
| CVE-2026-43197 | redhat_vex | kernel: netconsole: avoid OOB reads, msg is not nul-terminated | known affected: 90 known not affected: 184 | 2026-07-02T12:50:37+00:00 | Vulnerability · Source |