VEX records

Browse vendor VEX statements available in this Vulnerability-Lookup instance and pivot to the related vulnerability.

Reset

222279 VEX records

API response
Vulnerability Source Title Product status Imported Links
CVE-2026-5404 redhat_vex wireshark: Wireshark: Denial of service due to K12 RF5 file parser crash known affected: 20 2026-07-02T12:46:11+00:00 Vulnerability · Source
CVE-2026-5407 redhat_vex Wireshark: Wireshark: Denial of Service from malicious SMB2 protocol data known affected: 20 2026-07-02T12:46:11+00:00 Vulnerability · Source
CVE-2026-5401 redhat_vex wireshark: Wireshark: Denial of service via AFP Spotlight protocol dissector crash known affected: 20 2026-07-02T12:44:19+00:00 Vulnerability · Source
CVE-2026-58517 redhat_vex wikilambda: WikiLambda Extension: Authentication bypass due to improper input neutralization known not affected: 1 2026-07-02T12:31:28+00:00 Vulnerability · Source
CVE-2026-43048 redhat_vex kernel: HID: core: Mitigate potential OOB by removing bogus memset() known affected: 274 2026-07-02T12:26:50+00:00 Vulnerability · Source
CVE-2021-34432 redhat_vex mosquitto: DoS when client tries to send a PUBLISH packet with topic length = 0 known not affected: 1 2026-07-02T11:20:47+00:00 Vulnerability · Source
CVE-2026-42960 redhat_vex unbound: Unbound DNS Cache Poisoning via Promiscuous Additional Section RRSet Acceptance fixed: 4 known affected: 30 2026-07-02T10:33:58+00:00 Vulnerability · Source
CVE-2026-49851 redhat_vex Mistune: Mistune: Denial of Service via crafted Markdown input known affected: 20 known not affected: 5 2026-07-02T09:42:59+00:00 Vulnerability · Source
CVE-2026-5422 redhat_vex jupyter-server: jupyter-server: Sensitive data exposure via path traversal vulnerability known affected: 14 known not affected: 2 2026-07-02T09:42:59+00:00 Vulnerability · Source
CVE-2026-9800 redhat_vex keycloak-policy-enforcer: Keycloak Policy Enforcer: Authorization bypass via incorrect URI comparison fixed: 20 known affected: 3 under investigation: 6 2026-07-02T09:35:16+00:00 Vulnerability · Source
CVE-2026-45287 redhat_vex go.opentelemetry.io/otel: go.opentelemetry.io/otel/schema/v1.0: go.opentelemetry.io/otel/schema/v1.1: OpenTelemetry-Go: Denial of Service due to file descriptor leak fixed: 30 known affected: 116 known not affected: 75 under investigation: 883 2026-07-02T09:33:38+00:00 Vulnerability · Source
CVE-2022-25881 redhat_vex http-cache-semantics: Regular Expression Denial of Service (ReDoS) vulnerability fixed: 290 known affected: 60 known not affected: 38 2026-07-02T09:02:53+00:00 Vulnerability · Source
CVE-2024-22019 redhat_vex nodejs: reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks fixed: 402 known affected: 1 2026-07-02T08:59:00+00:00 Vulnerability · Source
CVE-2026-54257 redhat_vex electron: Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow known not affected: 1 2026-07-02T08:58:24+00:00 Vulnerability · Source
CVE-2016-2183 redhat_vex SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) fixed: 1036 known affected: 26 known not affected: 749 2026-07-02T08:57:53+00:00 Vulnerability · Source
CVE-2026-49356 redhat_vex @babel/core: @babel/core: Arbitrary file read via sourceMappingURL comment known not affected: 110 2026-07-02T08:22:16+00:00 Vulnerability · Source
CVE-2026-11820 redhat_vex community.general: community.general nexmo — API credentials exposed in GET URL query string[SECURITY] community.general nexmo — API credentials exposed in GET URL query string under investigation: 4 2026-07-02T08:00:58+00:00 Vulnerability · Source
CVE-2026-10805 redhat_vex NetworkManager: NetworkManager: Local privilege escalation via malformed MUD URLs in dhclient backend known affected: 122 2026-07-02T07:18:15+00:00 Vulnerability · Source
CVE-2026-41635 redhat_vex Apache MINA: Apache MINA: Arbitrary code execution via classname allowlist bypass fixed: 1 known affected: 4 known not affected: 22 2026-07-02T05:43:40+00:00 Vulnerability · Source
CVE-2026-47214 redhat_vex docling: Docling: Unsafe URI and Path Handling in HTML Backend known affected: 1 2026-07-02T05:34:27+00:00 Vulnerability · Source
CVE-2026-43827 redhat_vex apache-shiro: Apache Shiro: Session fixation vulnerability due to improper session invalidation upon login known affected: 2 2026-07-02T00:50:42+00:00 Vulnerability · Source
CVE-2026-14101 redhat_vex chromium-browser: Insufficient policy enforcement in Sandbox known not affected: 1 2026-07-02T00:14:58+00:00 Vulnerability · Source
CVE-2026-5135 redhat_vex foreman: Foreman: Unauthorized modification of host configurations via broken access control fixed: 103 known affected: 17 known not affected: 132 2026-07-01T23:53:14+00:00 Vulnerability · Source
CVE-2026-5142 redhat_vex foreman: foreman: Cross-tenant private SSH key disclosure via taxonomy scoping bypass fixed: 103 known affected: 17 known not affected: 132 2026-07-01T23:53:12+00:00 Vulnerability · Source
CVE-2026-5138 redhat_vex foreman: Foreman: Information disclosure via improper validation of nested request parameters fixed: 103 known affected: 17 known not affected: 132 2026-07-01T23:53:11+00:00 Vulnerability · Source
CVE-2026-46483 redhat_vex vim: command injection when decompressing .tgz archives fixed: 393 known affected: 33 2026-07-01T23:53:01+00:00 Vulnerability · Source
CVE-2026-41411 redhat_vex vim: Vim: Command injection allows arbitrary code execution via malicious tag files fixed: 436 known affected: 13 known not affected: 166 2026-07-01T23:52:59+00:00 Vulnerability · Source
CVE-2026-35177 redhat_vex vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass fixed: 414 known affected: 13 known not affected: 189 2026-07-01T23:52:58+00:00 Vulnerability · Source
CVE-2026-27727 redhat_vex com.mchange/mchange-commons-java: mchange-commons-java: Arbitrary code execution via JNDI dereferencing of crafted objects fixed: 23 known affected: 8 known not affected: 466 2026-07-01T23:40:34+00:00 Vulnerability · Source
CVE-2026-5136 redhat_vex foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation fixed: 103 known affected: 17 known not affected: 132 2026-07-01T23:40:26+00:00 Vulnerability · Source
CVE-2026-55577 redhat_vex ImageMagick: ImageMagick: Heap buffer overflow in MVG decoder allows out-of-bounds write known affected: 14 2026-07-01T23:08:56+00:00 Vulnerability · Source
CVE-2026-55628 redhat_vex ImageMagick: ImageMagick: Unauthorized file access due to missing policy checks in concatenate operation known affected: 14 2026-07-01T23:08:56+00:00 Vulnerability · Source
CVE-2026-53466 redhat_vex ImageMagick: ImageMagick: Denial of Service via integer overflow in XCF decoder known affected: 14 2026-07-01T23:08:56+00:00 Vulnerability · Source
CVE-2026-55594 redhat_vex ImageMagick: ImageMagick: Denial of Service via crafted image in MVG decoder known affected: 14 2026-07-01T23:01:49+00:00 Vulnerability · Source
CVE-2025-69228 redhat_vex aiohttp: aiohttp: Denial of Service via memory exhaustion from crafted POST request fixed: 27 known affected: 80 known not affected: 726 2026-07-01T22:53:03+00:00 Vulnerability · Source
CVE-2025-69227 redhat_vex aiohttp: aiohttp: Denial of Service via specially crafted POST request fixed: 31 known affected: 75 known not affected: 837 2026-07-01T22:48:22+00:00 Vulnerability · Source
CVE-2026-55595 redhat_vex ImageMagick: ImageMagick: Denial of Service via invalid arguments to connected-components option known affected: 14 2026-07-01T22:25:25+00:00 Vulnerability · Source
CVE-2026-53467 redhat_vex ImageMagick: ImageMagick: Information disclosure vulnerability in MNG decoder known affected: 14 2026-07-01T22:25:25+00:00 Vulnerability · Source
CVE-2026-55510 redhat_vex ImageMagick: ImageMagick: Denial of Service via crafted 8BIM profile known affected: 14 2026-07-01T22:20:58+00:00 Vulnerability · Source
CVE-2026-55597 redhat_vex ImageMagick: ImageMagick: Heap buffer overwrite via incorrect argument handling in JP2 encoder known affected: 14 2026-07-01T22:09:47+00:00 Vulnerability · Source
CVE-2026-2291 redhat_vex dnsmasq: dnsmasq: heap buffer overflow in cache via NAME_ESCAPE expansion fixed: 84 known affected: 7 2026-07-01T21:22:15+00:00 Vulnerability · Source
CVE-2026-4892 redhat_vex dnsmasq: DHCPv6 CLID buffer overflow in helper process fixed: 84 known affected: 7 2026-07-01T21:22:15+00:00 Vulnerability · Source
CVE-2026-4893 redhat_vex dnsmasq: Broken ECS source validation bypass fixed: 84 known affected: 7 2026-07-01T21:22:15+00:00 Vulnerability · Source
CVE-2026-4890 redhat_vex dnsmasq: NSEC bitmap parsing infinite loop fixed: 84 under investigation: 7 2026-07-01T21:22:15+00:00 Vulnerability · Source
CVE-2026-45491 redhat_vex dotnet: .NET: Local file tampering via link following vulnerability fixed: 1441 known not affected: 2 2026-07-01T21:04:35+00:00 Vulnerability · Source
CVE-2026-5051 redhat_vex Vault: Vault Enterprise: HashiCorp Vault: Audit device validation bypass via legacy file audit path option known not affected: 6 2026-07-01T20:33:40+00:00 Vulnerability · Source
CVE-2026-53346 redhat_vex kernel: rust: arm64: set uwtable llvm module flag for CONFIG_UNWIND_TABLES known not affected: 274 2026-07-01T20:25:20+00:00 Vulnerability · Source
CVE-2026-53333 redhat_vex kernel: mm/mincore: handle non-swap entries before !CONFIG_SWAP guard known affected: 14 known not affected: 260 2026-07-01T20:16:12+00:00 Vulnerability · Source
CVE-2026-53353 redhat_vex kernel: hsr: Remove WARN_ONCE() in hsr_addr_is_self() known affected: 184 known not affected: 90 2026-07-01T19:52:15+00:00 Vulnerability · Source
CVE-2026-53348 redhat_vex kernel: ASoC: SDCA: fix NULL pointer dereference in sdca_dev_unregister_functions known affected: 184 known not affected: 90 2026-07-01T19:52:14+00:00 Vulnerability · Source