Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1751	5.5	警告 Local	GPAC	GPAC	GPACにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-55641	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1752	6.5	警告 Network	GPAC	GPAC	GPACにおけるゼロ除算に関する脆弱性	CWE-369 ゼロ除算	CVE-2025-55642	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1753	5.5	警告 Local	GPAC	GPAC	GPACにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-55643	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1754	5.5	警告 Local	GPAC	GPAC	GPACにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2025-55644	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1755	5.5	警告 Local	GPAC	GPAC	GPACにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2025-55645	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1756	5.5	警告 Local	GPAC	GPAC	GPACにおける整数オーバーフローの脆弱性	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2025-55647	2026-06-17 15:36	2026-06-15	Show	GitHub Exploit DB Packet Storm

1757	5.5	警告 Local	GPAC	GPAC	GPACにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2025-55648	2026-06-17 15:35	2026-06-15	Show	GitHub Exploit DB Packet Storm

1758	5.5	警告 Local	GPAC	GPAC	GPACにおけるNULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2025-55649	2026-06-17 15:35	2026-06-15	Show	GitHub Exploit DB Packet Storm

1759	5.5	警告 Local	GPAC	GPAC	GPACにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2025-55650	2026-06-17 15:35	2026-06-15	Show	GitHub Exploit DB Packet Storm

1760	5.5	警告 Local	Advanced Micro Devices (AMD)	uprof	Advanced Micro Devices (AMD)のuprofにおける認可されていない制御領域への重要情報の漏えいに関する脆弱性	CWE-497 認可されていない制御領域への重要情報の漏えい	CVE-2026-0466	2026-06-17 15:35	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1051	4.9	MEDIUM Network	-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the …	CWE-20 Improper Input Validation	CVE-2025-64719	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

1052	5.5	MEDIUM Local	-	-	Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit	CWE-88 Argument Injection	CVE-2026-11968	2026-06-26 05:21	2026-06-24	Show	GitHub Exploit DB Packet Storm

1053	8.0	HIGH Network	-	-	py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w…	CWE-59 Link Following	CVE-2026-23879	2026-06-26 05:21	2026-06-25	Show	GitHub Exploit DB Packet Storm

1054	7.2	HIGH Network	-	-	3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by …	CWE-73 External Control of File Name or Path	CVE-2026-55477	2026-06-26 05:21	2026-06-26	Show	GitHub Exploit DB Packet Storm

1055	3.5	LOW Network	-	-	HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.	CWE-284 CWE-319 Improper Access Control Cleartext Transmission of Sensitive Information	CVE-2025-15619	2026-06-26 05:20	2026-06-24	Show	GitHub Exploit DB Packet Storm

1056	7.6	HIGH Network	-	-	A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaScript execution within the context of the victim's b…	CWE-791 Incomplete Filtering of Special Elements	CVE-2026-11998	2026-06-26 05:20	2026-06-25	Show	GitHub Exploit DB Packet Storm

1057	2.5	LOW Local	cacti	cacti	Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtool_function_update() can corrupt RRDtool metric value…	CWE-474 Use of Function with Inconsistent Implementations	CVE-2026-39894	2026-06-26 05:19	2026-06-25	Show	GitHub Exploit DB Packet Storm

1058	7.6	HIGH Network	-	-	Twenty is an open-source CRM (customer relationship management) platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direct object reference (IDOR) in the AI agent monitor's …	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-55583	2026-06-26 05:18	2026-06-25	Show	GitHub Exploit DB Packet Storm

1059	9.6	CRITICAL Network	-	-	immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting (XSS) vulnerability on the /auth/login page allows a…	CWE-79 CWE-601 Cross-site Scripting Open Redirect	CVE-2026-53662	2026-06-26 05:18	2026-06-24	Show	GitHub Exploit DB Packet Storm

1060	9.0	CRITICAL Network	-	-	LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-54157	2026-06-26 05:18	2026-06-24	Show	GitHub Exploit DB Packet Storm