Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188921 4.7 警告
Local 		Google - Android における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-13218 2018-02-22 11:53 2017-08-23 Show GitHub Exploit DB Packet Storm
188922 7.5 重要
Network 		Google - Android におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2017-13211 2018-02-22 11:53 2017-08-23 Show GitHub Exploit DB Packet Storm
188923 6.1 警告
Network 		ソフォス - Sophos SFOS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-18014 2018-02-22 11:53 2017-12-20 Show GitHub Exploit DB Packet Storm
188924 6.2 警告
Physics 		ジュニパーネットワークス - Juniper Networks Junos OS におけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2018-0008 2018-02-22 11:53 2018-01-10 Show GitHub Exploit DB Packet Storm
188925 6.5 警告
Network 		ジュニパーネットワークス - Juniper Networks Junos OS におけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2018-0004 2018-02-22 11:53 2018-01-10 Show GitHub Exploit DB Packet Storm
188926 7.5 重要
Network 		Fabrice Bellard - Quick Emulator における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-15124 2018-02-22 11:51 2017-12-12 Show GitHub Exploit DB Packet Storm
188927 5.9 警告
Network 		シスコシステムズ - Cisco Prime Infrastructure における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2018-0096 2018-02-22 10:42 2018-01-17 Show GitHub Exploit DB Packet Storm
188928 7.8 重要
Local 		シスコシステムズ - Cisco Email Security Appliance および Content Security Management Appliance の Cisco AsyncOS における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2018-0095 2018-02-22 10:42 2018-01-17 Show GitHub Exploit DB Packet Storm
188929 7.5 重要
Network 		シスコシステムズ - Cisco UCS Central ソフトウェアにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2018-0094 2018-02-22 10:42 2018-01-17 Show GitHub Exploit DB Packet Storm
188930 7.1 重要
Local 		シスコシステムズ - Cisco NX-OS システムソフトウェアにおける認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2018-0092 2018-02-22 10:42 2018-01-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1901 5.4 MEDIUM
Network 		eclipse open_vsx Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security headers such as Content-Security-Policy o… CWE-79
Cross-site Scripting 		CVE-2026-4983 2026-06-25 01:55 2026-06-23 Show GitHub Exploit DB Packet Storm
1902 5.3 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory add… CWE-532
 Inclusion of Sensitive Information in Log Files 		CVE-2026-54236 2026-06-25 01:53 2026-06-23 Show GitHub Exploit DB Packet Storm
1903 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN… CWE-1287
 Improper Validation of Specified Type of Input 		CVE-2026-54235 2026-06-25 01:53 2026-06-23 Show GitHub Exploit DB Packet Storm
1904 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB… CWE-409
 Improper Handling of Highly Compressed Data (Data Amplification) 		CVE-2026-54233 2026-06-25 01:52 2026-06-23 Show GitHub Exploit DB Packet Storm
1905 8.8 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package.… CWE-427
 Uncontrolled Search Path Element 		CVE-2026-54232 2026-06-25 01:51 2026-06-23 Show GitHub Exploit DB Packet Storm
1906 7.5 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (csrc/quantization/gguf… CWE-200
CWE-681
Information Exposure
 Incorrect Conversion between Numeric Types 		CVE-2026-53923 2026-06-25 01:51 2026-06-23 Show GitHub Exploit DB Packet Storm
1907 9.1 CRITICAL
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). From 0.3.0 until 0.22.0, a vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentica… CWE-444
HTTP Request Smuggling 		CVE-2026-48746 2026-06-25 01:49 2026-06-23 Show GitHub Exploit DB Packet Storm
1908 6.5 MEDIUM
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, vLLM's revision pinning controls do not consistently apply to all artifacts loaded for a model. A deployment… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-47155 2026-06-25 01:49 2026-06-23 Show GitHub Exploit DB Packet Storm
1909 7.5 HIGH
Network 		vllm vllm vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.0, an assert-based security check in vLLM's activation function loading allows any unauthenticated attacker to … CWE-94
CWE-617
Code Injection
 Reachable Assertion 		CVE-2026-41523 2026-06-25 01:48 2026-06-23 Show GitHub Exploit DB Packet Storm
1910 5.3 MEDIUM
Network 		n8n n8n n8n before 1.123.15 and 2.5.0 contains a webhook forgery vulnerability in the GitHub Webhook Trigger node that fails to implement HMAC-SHA256 signature verification. Attackers who know the webhook UR… CWE-290
 Authentication Bypass by Spoofing 		CVE-2026-56357 2026-06-25 01:47 2026-06-23 Show GitHub Exploit DB Packet Storm