Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
121 8.8 重要
Network 		vLLM vLLM vLLMにおける制御されていない検索パスの要素に関する脆弱性 New CWE-427
制御されていない検索パスの要素 		CVE-2026-54232 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
122 6.5 警告
Network 		vLLM vLLM vLLMにおける高圧縮データの処理 (データ増幅)に関する脆弱性 New CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-54233 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
123 6.5 警告
Network 		vLLM vLLM vLLMにおける指定されたタイプの入力に対する不適切な検証に関する脆弱性 New CWE-1287
指定されたタイプの入力に対する不適切な検証 		CVE-2026-54235 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
124 5.3 警告
Network 		vLLM vLLM vLLMにおけるログファイルからの情報漏えいに関する脆弱性 New CWE-532
ログファイルからの情報漏えい 		CVE-2026-54236 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
125 5.3 警告
Network 		protobufjs project protobufjs-cli
protobufjs 		protobufjs projectのprotobufjs-cli等の複数製品における複数の脆弱性 New CWE-674
CWE-754
CVE-2026-54269 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
126 5.3 警告
Network 		protobufjs project protobufjs protobufjs projectのprotobufjsにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-54270 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
127 8.2 重要
Network 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-54271 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
128 7.5 重要
Network 		Astro Astro Astroにおける複数の脆弱性 New CWE-20
CWE-918
CVE-2026-54299 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
129 5.4 警告
Network 		n8n n8n n8nにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-54303 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
130 10 緊急
Network 		n8n n8n n8nにおける重要な機能に対する認証の欠如に関する脆弱性 New CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-54309 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
257011 5.4 MEDIUM
Network 		genixcms genixcms GeniXCMS 1.0.2 has XSS triggered by an authenticated comment that is mishandled during a mouse operation by an administrator. CWE-79
Cross-site Scripting 		CVE-2017-8376 2024-11-21 12:33 2017-05-2 Show GitHub Exploit DB Packet Storm
257012 5.3 MEDIUM
Network 		craftcms craft_cms Craft CMS before 2.6.2976 does not prevent modification of the URL in a forgot-password email message. CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2017-8385 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257013 6.1 MEDIUM
Network 		craftcms craft_cms Craft CMS before 2.6.2976 allows XSS attacks because an array returned by HttpRequestService::getSegments() and getActionSegments() need not be zero-based. NOTE: this vulnerability exists because of … CWE-79
Cross-site Scripting 		CVE-2017-8384 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257014 5.3 MEDIUM
Network 		craftcms craft_cms Craft CMS before 2.6.2976 does not properly restrict viewing the contents of files in the craft/app/ folder. NVD-CWE-noinfo
CVE-2017-8383 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257015 9.8 CRITICAL
Network 		podofo_project podofo Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8378 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257016 5.5 MEDIUM
Local 		underbit mad_libmad The mad_bit_skip function in bit.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted audio file. CWE-125
Out-of-bounds Read 		CVE-2017-8374 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257017 7.8 HIGH
Local 		underbit mad_libmad The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecif… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8373 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257018 4.7 MEDIUM
Local 		underbit mad_libmad The mad_layer_III function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafte… CWE-617
 Reachable Assertion 		CVE-2017-8372 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257019 6.8 MEDIUM
Network 		schneider-electric struxureware_data_center_expert Schneider Electric StruxureWare Data Center Expert before 7.4.0 uses cleartext RAM storage for passwords, which might allow remote attackers to obtain sensitive information via unspecified vectors. CWE-522
 Insufficiently Protected Credentials 		CVE-2017-8371 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm
257020 9.8 CRITICAL
Network 		ettercap_project ettercap The strescape function in ec_strings.c in Ettercap 0.8.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other imp… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2017-8366 2024-11-21 12:33 2017-05-1 Show GitHub Exploit DB Packet Storm