Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1551 5.3 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品における複数の脆弱性 CWE-119
CWE-416
CWE-476
CVE-2026-12329 2026-06-17 15:46 2026-06-16 Show GitHub Exploit DB Packet Storm
1552 5.4 警告
Network 		Mozilla Foundation Mozilla Firefox
Mozilla Thunderbird 		Mozilla FoundationのMozilla Firefox等の複数製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2026-12330 2026-06-17 15:46 2026-06-16 Show GitHub Exploit DB Packet Storm
1553 6.5 警告
Network 		- シスコシステムズのCisco Catalyst SD-WAN Managerにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-20262 2026-06-17 15:46 2026-06-15 Show GitHub Exploit DB Packet Storm
1554 7.8 重要
Local 		NVIDIA NeMo NVIDIAのNeMoにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-24155 2026-06-17 15:46 2026-06-16 Show GitHub Exploit DB Packet Storm
1555 7.8 重要
Local 		NVIDIA NeMo NVIDIAのNeMoにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-24228 2026-06-17 15:46 2026-06-16 Show GitHub Exploit DB Packet Storm
1556 5.5 警告
Local 		Advanced Micro Devices (AMD) uprof Advanced Micro Devices (AMD)のuprofにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-28237 2026-06-17 15:46 2026-06-9 Show GitHub Exploit DB Packet Storm
1557 6.5 警告
Network 		Grafana Labs Grafana Grafana LabsのGrafanaにおける外部からアクセス可能なファイルまたはディレクトリに関する脆弱性 CWE-552
外部からアクセス可能なファイルまたはディレクトリ 		CVE-2026-33380 2026-06-17 15:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1558 8.1 重要
Network 		Grafana Labs Grafana Grafana LabsのGrafanaにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-33381 2026-06-17 15:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1559 5.4 警告
Network 		langflow Langflow Desktop langflowのLangflow Desktopにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-3341 2026-06-17 15:46 2026-06-11 Show GitHub Exploit DB Packet Storm
1560 6.1 警告
Network 		IBM IBM DevOps Plan IBMのIBM DevOps PlanにおけるHTTP ヘッダのスクリプト構文の不適切な無効化に関する脆弱性 CWE-644
HTTP ヘッダのスクリプト構文の不適切な無効化 		CVE-2026-4096 2026-06-17 15:46 2026-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
831 6.5 MEDIUM
Network 		- - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal through the Report format_file Parameter, causing arbitrary file read. … New CWE-22
Path Traversal 		CVE-2026-40084 2026-06-27 01:09 2026-06-26 Show GitHub Exploit DB Packet Storm
832 - - - Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue ha… New CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-40941 2026-06-27 01:09 2026-06-26 Show GitHub Exploit DB Packet Storm
833 6.5 MEDIUM
Network 		- - The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to unauthor… New CWE-862
 Missing Authorization 		CVE-2026-1869 2026-06-27 00:49 2026-06-26 Show GitHub Exploit DB Packet Storm
834 6.5 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons E… New CWE-79
Cross-site Scripting 		CVE-2026-57620 2026-06-27 00:49 2026-06-26 Show GitHub Exploit DB Packet Storm
835 5.3 MEDIUM
Network 		- - Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. New CWE-80
Basic XSS 		CVE-2025-64637 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm
836 5.3 MEDIUM
Network 		- - Unauthenticated Insecure Direct Object References (IDOR) in BookPro <= 1.1.0 versions. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2025-66123 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm
837 6.5 MEDIUM
Network 		- - Contributor Cross Site Scripting (XSS) in BNE Testimonials <= 2.0.8 versions. New CWE-79
Cross-site Scripting 		CVE-2025-68075 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm
838 5.3 MEDIUM
Network 		- - Unauthenticated Broken Access Control in SiteGround Email Marketing <= 1.7.5 versions. New CWE-862
 Missing Authorization 		CVE-2026-24547 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm
839 7.6 HIGH
Network 		- - Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54826 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm
840 9.3 CRITICAL
Network 		- - Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions. New CWE-89
SQL Injection 		CVE-2026-54827 2026-06-27 00:49 2026-06-27 Show GitHub Exploit DB Packet Storm