Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1401 7.3 重要
Local 		マイクロソフト Microsoft .NET Framework
.NET 		.NET の特権の昇格の脆弱性 CWE-190
CWE-20
CWE-noinfo
CVE-2026-35433 2026-06-22 11:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1402 7.1 重要
Local 		Linux Foundation Kedro Linux FoundationのKedroにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-3840 2026-06-22 11:38 2026-06-12 Show GitHub Exploit DB Packet Storm
1403 8.8 重要
Network 		マイクロソフト SQL Server 2016
SQL Server 2019
SQL Server 2025
SQL Server 2022
SQL Server 2017 		SQL Server のリモート コードが実行される脆弱性 CWE-610
CWE-73
CVE-2026-40370 2026-06-22 11:38 2026-05-12 Show GitHub Exploit DB Packet Storm
1404 8.8 重要
Network 		マイクロソフト Microsoft Dynamics 365 Microsoft Dynamics 365 (オンプレミス) の特権昇格の脆弱性 CWE-280
CWE-755
CVE-2026-40371 2026-06-22 11:38 2026-06-9 Show GitHub Exploit DB Packet Storm
1405 7.2 重要
Network 		VMware Spring Security VMwareのSpring Securityにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-40993 2026-06-22 11:38 2026-06-10 Show GitHub Exploit DB Packet Storm
1406 8.4 重要
Network 		マイクロソフト Azure Stack Edge Azure Stack Edge のなりすましの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-41098 2026-06-22 11:38 2026-06-9 Show GitHub Exploit DB Packet Storm
1407 5.3 警告
Network 		opentelemetry opentelemetry opentelemetryにおける過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-41178 2026-06-22 11:38 2026-06-4 Show GitHub Exploit DB Packet Storm
1408 4.9 警告
Network 		Apache Software Foundation Apache DolphinScheduler Apache Software FoundationのApache DolphinSchedulerにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41280 2026-06-22 11:38 2026-06-17 Show GitHub Exploit DB Packet Storm
1409 6.1 警告
Network 		VMware Spring Security VMwareのSpring Securityにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-41706 2026-06-22 11:37 2026-06-10 Show GitHub Exploit DB Packet Storm
1410 6.5 警告
Network 		Apache Software Foundation Apache DolphinScheduler Apache Software FoundationのApache DolphinSchedulerにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42357 2026-06-22 11:37 2026-06-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
343671 - orbicule undercover Orbicule Undercover uses a third-party web server to determine the IP address through which the computer is accessing the Internet, but does not document this third-party disclosure, which leads to a… NVD-CWE-Other
CVE-2006-0641 2018-10-20 00:45 2006-02-10 Show GitHub Exploit DB Packet Storm
343672 - wiredred e_pop_web_conferencing Cross-site scripting (XSS) vulnerability in WiredRed e/pop Web Conferencing 4.1.0.755 allows remote authenticated users to inject arbitrary web script or HTML via the topic name of a conference. NVD-CWE-Other
CVE-2006-0643 2018-10-20 00:45 2006-02-10 Show GitHub Exploit DB Packet Storm
343673 - cpg-nuke dragonfly_cms Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Dragonfly CMS) 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory… NVD-CWE-Other
CVE-2006-0644 2018-10-20 00:45 2006-02-10 Show GitHub Exploit DB Packet Storm
343674 - free_software_foundation_inc. libtasn1 Tiny ASN.1 Library (libtasn1) before 0.2.18, as used by (1) GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and (2) GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbit… NVD-CWE-Other
CVE-2006-0645 2018-10-20 00:45 2006-02-11 Show GitHub Exploit DB Packet Storm
343675 - trend_micro interscan_messaging_security_suite
interscan_web_security_suite
serverprotect 		Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted … NVD-CWE-Other
CVE-2006-0642 2018-10-20 00:45 2006-02-10 Show GitHub Exploit DB Packet Storm
343676 - php_icalendar php_icalendar Multiple directory traversal vulnerabilities in PHP iCalendar 2.0.1, 2.1, and 2.2 allow remote attackers to include arbitrary files via the (1) getdate and possibly other parameters used in the repla… NVD-CWE-Other
CVE-2006-0648 2018-10-20 00:45 2006-02-13 Show GitHub Exploit DB Packet Storm
343677 - cpaint cpaint Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the CPAINT library before 2.0.3, as used in multiple scripts, allows remote attackers to inject arbitrary web script or HTML via the cpa… NVD-CWE-Other
CVE-2006-0650 2018-10-20 00:45 2006-02-13 Show GitHub Exploit DB Packet Storm
343678 - hinton_design phpht_topsites Multiple SQL injection vulnerabilities in Hinton Design phpht Topsites 1.3 allow remote attackers to execute arbitrary SQL commands via multiple vectors including the username parameter. NVD-CWE-Other
CVE-2006-0653 2018-10-20 00:45 2006-02-13 Show GitHub Exploit DB Packet Storm
343679 - hinton_design phpht_topsites check.php in Hinton Design phpht Topsites 1.3 does not validate passwords when using cookies, which allows remote attackers to bypass authentication via unspecified cookies. NVD-CWE-Other
CVE-2006-0654 2018-10-20 00:45 2006-02-13 Show GitHub Exploit DB Packet Storm
343680 - hinton_design phpht_topsites Multiple cross-site scripting (XSS) vulnerabilities in (1) link_edited.php and (2) link_added.php in Hinton Design phpht Topsites 1.3 allow remote attackers to inject arbitrary web script or HTML via… NVD-CWE-Other
CVE-2006-0655 2018-10-20 00:45 2006-02-13 Show GitHub Exploit DB Packet Storm