Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1131 6.5 警告
Network 		Grafana Labs Grafana Grafana LabsのGrafanaにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-33380 2026-06-17 15:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1132 8.1 重要
Network 		Grafana Labs Grafana Grafana LabsのGrafanaにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-33381 2026-06-17 15:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1133 5.4 警告
Network 		langflow Langflow Desktop langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-3341 2026-06-17 15:46 2026-06-11 Show GitHub Exploit DB Packet Storm
1134 6.1 警告
Network 		IBM IBM DevOps Plan IBMのIBM DevOps PlanにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性 CWE-644
HTTP ヘッダのスクリプト構文の不適切な無効化 		CVE-2026-4096 2026-06-17 15:46 2026-06-11 Show GitHub Exploit DB Packet Storm
1135 5.4 警告
Network 		VMware VMware Cloud Foundation
VMware Telco Cloud Platform
VMware vSphere
VMware Aria Operations 		VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
CWE-79
CVE-2026-41722 2026-06-17 15:46 2026-06-8 Show GitHub Exploit DB Packet Storm
1136 8 重要
Network 		VMware VMware Cloud Foundation
VMware Telco Cloud Platform
VMware vSphere
VMware Aria Operations 		VMwareのVMware Aria Operations等の複数製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41723 2026-06-17 15:46 2026-06-8 Show GitHub Exploit DB Packet Storm
1137 5.9 警告
Network 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-42767 2026-06-17 15:46 2026-06-9 Show GitHub Exploit DB Packet Storm
1138 3.7
Network 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおける暗号化処理の不備に関する脆弱性 CWE-325
暗号化処理の不備 		CVE-2026-42770 2026-06-17 15:46 2026-06-9 Show GitHub Exploit DB Packet Storm
1139 6.2 警告
Local 		OpenSSL Project OpenSSL OpenSSL ProjectのOpenSSLにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-42771 2026-06-17 15:46 2026-06-9 Show GitHub Exploit DB Packet Storm
1140 8.8 重要
Network 		Kovidgoyal Kitty KovidgoyalのKittyにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-42850 2026-06-17 15:46 2026-06-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
259281 10.0 CRITICAL
Network 		projectatomic bubblewrap When executing a program via the bubblewrap sandbox, the nonpriv session can escape to the parent session by using the TIOCSTI ioctl to push characters into the terminal's input buffer, allowing an a… CWE-20
 Improper Input Validation  		CVE-2017-5226 2024-11-21 12:27 2017-03-30 Show GitHub Exploit DB Packet Storm
259282 7.5 HIGH
Network 		eviewgps ev-07s_gps_tracker_firmware Due to a lack of standard encryption when transmitting sensitive information over the internet to a centralized monitoring service, the Eview EV-07S GPS Tracker discloses personally identifying infor… CWE-326
Inadequate Encryption Strength 		CVE-2017-5239 2024-11-21 12:27 2017-03-28 Show GitHub Exploit DB Packet Storm
259283 5.3 MEDIUM
Network 		eviewgps ev-07s_gps_tracker_firmware Due to a lack of bounds checking, several input configuration fields for the Eview EV-07S GPS Tracker will overflow data stored in one variable to another, overwriting the data of another field. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-5238 2024-11-21 12:27 2017-03-28 Show GitHub Exploit DB Packet Storm
259284 7.5 HIGH
Network 		eviewgps ev-07s_gps_tracker_firmware Due to a lack of authentication, an unauthenticated user who knows the Eview EV-07S GPS Tracker's phone number can revert the device to a factory default configuration with an SMS command, "RESET!" CWE-287
Improper Authentication 		CVE-2017-5237 2024-11-21 12:27 2017-03-28 Show GitHub Exploit DB Packet Storm
259285 7.8 HIGH
Local 		fedoraproject
kde 		fedora
ark 		ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. CWE-78
OS Command  		CVE-2017-5330 2024-11-21 12:27 2017-03-28 Show GitHub Exploit DB Packet Storm
259286 9.8 CRITICAL
Network 		imagemagick
debian 		imagemagick
debian_linux 		coders/psd.c in ImageMagick allows remote attackers to have unspecified impact by leveraging an improper cast, which triggers a heap-based buffer overflow. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-5511 2024-11-21 12:27 2017-03-25 Show GitHub Exploit DB Packet Storm
259287 7.8 HIGH
Local 		imagemagick
debian 		imagemagick
debian_linux 		coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. CWE-787
 Out-of-bounds Write 		CVE-2017-5510 2024-11-21 12:27 2017-03-25 Show GitHub Exploit DB Packet Storm
259288 7.8 HIGH
Local 		imagemagick imagemagick coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. CWE-787
 Out-of-bounds Write 		CVE-2017-5509 2024-11-21 12:27 2017-03-25 Show GitHub Exploit DB Packet Storm
259289 5.5 MEDIUM
Local 		imagemagick imagemagick Heap-based buffer overflow in the PushQuantumPixel function in ImageMagick before 6.9.7-3 and 7.x before 7.0.4-3 allows remote attackers to cause a denial of service (application crash) via a crafted… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-5508 2024-11-21 12:27 2017-03-25 Show GitHub Exploit DB Packet Storm
259290 7.5 HIGH
Network 		imagemagick
debian 		imagemagick
debian_linux 		Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving a pixel cache. CWE-772
 Missing Release of Resource after Effective Lifetime 		CVE-2017-5507 2024-11-21 12:27 2017-03-25 Show GitHub Exploit DB Packet Storm