Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188911 7.5 重要
Network 		シスコシステムズ - Cisco NX-OS におけるリソース管理に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2018-0090 2018-02-22 14:45 2018-01-17 Show GitHub Exploit DB Packet Storm
188912 6.7 警告
Local 		シスコシステムズ - Cisco Industrial Ethernet 4010 シリーズスイッチ上で稼動する Cisco IOS ソフトウェアにおける認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2018-0088 2018-02-22 14:45 2018-01-17 Show GitHub Exploit DB Packet Storm
188913 7.2 重要
Network 		Moxa Inc. - Moxa SoftNVR-IA Live Viewer における制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2017-5170 2018-02-22 14:19 2017-08-8 Show GitHub Exploit DB Packet Storm
188914 6.5 警告
Network 		libpam4j project
Debian
レッドハット		 - libpam4j における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-12197 2018-02-22 14:19 2017-10-17 Show GitHub Exploit DB Packet Storm
188915 9.8 緊急
Network 		Apache Software Foundation
レッドハット		 - Apache Groovy における信頼性のないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2016-6814 2018-02-22 14:19 2016-08-12 Show GitHub Exploit DB Packet Storm
188916 7.8 重要
Local 		インテル - インテル グラフィックス・ドライバーにおける信頼性のない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2017-5696 2018-02-22 12:07 2017-02-1 Show GitHub Exploit DB Packet Storm
188917 4.8 警告
Network 		パルスセキュア - Pulse Secure Pulse Connect Secure および Pulse Policy Secure におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-17947 2018-02-22 11:59 2017-12-28 Show GitHub Exploit DB Packet Storm
188918 6.1 警告
Network 		BizLogic - BizLogic xnami におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2018-5370 2018-02-22 11:57 2018-01-11 Show GitHub Exploit DB Packet Storm
188919 7 重要
Local 		Lenovo - Lenovo Enterprise Networking Operating System における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-3765 2018-02-22 11:55 2018-01-9 Show GitHub Exploit DB Packet Storm
188920 8.1 重要
Network 		Linux - Linux Kernel における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-15126 2018-02-22 11:53 2017-10-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1901 5.4 MEDIUM
Network 		eclipse open_vsx Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy o… CWE-79
Cross-site Scripting 		CVE-2026-4983 2026-06-25 01:55 2026-06-23 Show GitHub Exploit DB Packet Storm
1902 5.3 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory add… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-54236 2026-06-25 01:53 2026-06-23 Show GitHub Exploit DB Packet Storm
1903 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN… CWE-1287
 Improper Validation of Specified Type of Input 		CVE-2026-54235 2026-06-25 01:53 2026-06-23 Show GitHub Exploit DB Packet Storm
1904 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB… CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-54233 2026-06-25 01:52 2026-06-23 Show GitHub Exploit DB Packet Storm
1905 8.8 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package.… CWE-427
 Uncontrolled Search Path Element 		CVE-2026-54232 2026-06-25 01:51 2026-06-23 Show GitHub Exploit DB Packet Storm
1906 7.5 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (csrc/quantization/gguf… CWE-200
CWE-681
Information Exposure
 Incorrect Conversion between Numeric Types 		CVE-2026-53923 2026-06-25 01:51 2026-06-23 Show GitHub Exploit DB Packet Storm
1907 9.1 CRITICAL
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentica… CWE-444
HTTP Request Smuggling 		CVE-2026-48746 2026-06-25 01:49 2026-06-23 Show GitHub Exploit DB Packet Storm
1908 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-47155 2026-06-25 01:49 2026-06-23 Show GitHub Exploit DB Packet Storm
1909 7.5 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to … CWE-94
CWE-617
Code Injection
 Reachable Assertion 		CVE-2026-41523 2026-06-25 01:48 2026-06-23 Show GitHub Exploit DB Packet Storm
1910 5.3 MEDIUM
Network 		n8n n8n n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook UR… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-56357 2026-06-25 01:47 2026-06-23 Show GitHub Exploit DB Packet Storm