Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1471	9.9	緊急 Network	オラクル	JD Edwards EnterpriseOne Integration with Oracle Global Order Promising	オラクルのJD Edwards EnterpriseOne Integration with Oracle Global Order Promisingにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46907	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1472	9.9	緊急 Network	オラクル	JD Edwards EnterpriseOne Accounts Payable	オラクルのJD Edwards EnterpriseOne Accounts Payableにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46908	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1473	9.6	緊急 Network	オラクル	JD Edwards EnterpriseOne Job Cost	オラクルのJD Edwards EnterpriseOne Job Costにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46911	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1474	8.5	重要 Network	オラクル	Oracle Complex Maintenance Repair And Overhaul	オラクルのOracle Complex Maintenance Repair And Overhaulにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46915	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1475	9.8	緊急 Network	オラクル	Siebel Cloud Manager	オラクルのSiebel Cloud Managerにおける複数の脆弱性	CWE-284 CWE-287 CWE-306	CVE-2026-46919	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1476	8.1	重要 Network	オラクル	Siebel Cloud Manager	オラクルのSiebel Cloud Managerにおける複数の脆弱性	CWE-284 CWE-306	CVE-2026-46920	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1477	8.8	重要 Network	オラクル	Siebel Cloud Manager	オラクルのSiebel Cloud Managerにおける複数の脆弱性	CWE-269 CWE-284 CWE-287 CWE-306	CVE-2026-46921	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1478	7.2	重要 Network	オラクル	Oracle HR Intelligence	オラクルのOracle HR Intelligenceにおける複数の脆弱性	CWE-269 CWE-284 CWE-306	CVE-2026-46922	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1479	8.3	重要 Adjacent	オラクル	Siebel Cloud Manager	オラクルのSiebel Cloud Managerにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46925	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

1480	8.8	重要 Local	オラクル	Siebel Cloud Manager	オラクルのSiebel Cloud Managerにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46926	2026-06-22 11:34	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
4031	6.1	MEDIUM Network	-	-	Ellucian Banner Self-Service before the April T2 release (2025-04-23) contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in …	CWE-79 Cross-site Scripting	CVE-2026-32856	2026-06-11 04:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

4032	5.4	MEDIUM Network	-	-	Evoluted PHP Directory Listing Script through 4.0.5 contains a reflected cross-site scripting vulnerability in index.php where the dir parameter value is reflected without HTML encoding inside the HT…	CWE-79 Cross-site Scripting	CVE-2026-25557	2026-06-11 04:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

4033	6.1	MEDIUM Network	-	-	OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious input through the …	CWE-79 Cross-site Scripting	CVE-2026-34416	2026-06-11 04:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

4034	6.1	MEDIUM Network	-	-	OpenClinic GA 5.351.19 contains a reflected cross-site scripting vulnerability in the DICOM image upload handler that allows attackers to execute arbitrary JavaScript in a victim's browser by embeddi…	CWE-79 Cross-site Scripting	CVE-2026-25860	2026-06-11 04:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

4035	6.1	MEDIUM Network	-	-	OSCAL-GUI contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser by injecting malicious content through th…	CWE-79 Cross-site Scripting	CVE-2026-34417	2026-06-11 04:41	2026-06-10	Show	GitHub Exploit DB Packet Storm

4036	7.8	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2025	Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.	CWE-362 CWE-416 Race Condition Use After Free	CVE-2026-42978	2026-06-11 04:38	2026-06-10	Show	GitHub Exploit DB Packet Storm

4037	7.0	HIGH Local	microsoft	windows_10_1809 windows_10_21h2 windows_10_22h2 windows_11_23h2 windows_11_24h2 windows_11_25h2 windows_11_26h1 windows_server_2019 windows_server_2022 windows_server_2025	Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.	CWE-416 Use After Free	CVE-2026-42984	2026-06-11 04:37	2026-06-10	Show	GitHub Exploit DB Packet Storm

4038	7.5	HIGH Network	apache f5 debian	http_server nginx debian_linux	Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 …	CWE-789 Memory Allocation with Excessive Size Value	CVE-2026-49975	2026-06-11 04:36	2026-06-9	Show	GitHub Exploit DB Packet Storm

4039	7.3	HIGH Network	apache	http_server	Use After Free vulnerability in Apache HTTP Server module mod_http2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67.	CWE-416 Use After Free	CVE-2026-48913	2026-06-11 04:31	2026-06-9	Show	GitHub Exploit DB Packet Storm

4040	8.8	HIGH Network	hcltech	digital_experience digital_experience_compose	HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may execute arbitrary operating system commands, typically inheriting the…	CWE-78 OS Command	CVE-2026-21837	2026-06-11 04:25	2026-06-5	Show	GitHub Exploit DB Packet Storm