Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189101	7.8	重要 Local	レッドハット	-	Red Hat OpenShift Enterprise におけるリンク解釈に関する脆弱性	CWE-59 リンク解釈の問題	CVE-2013-4364	2018-02-16 11:50	2013-09-18	Show	GitHub Exploit DB Packet Storm

189102	9.8	緊急 Network	Gravity Upload Ajax project	-	WordPress 用 Gravity Upload Ajax プラグインにおける危険なタイプのファイルの無制限アップロードに関する脆弱性	CWE-434 危険なタイプのファイルの無制限アップロード	CVE-2014-4972	2018-02-16 11:50	2014-08-1	Show	GitHub Exploit DB Packet Storm

189103	9.8	緊急 Network	Progress Software Corporation	-	Sitefinity における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2017-15883	2018-02-16 11:50	2017-10-25	Show	GitHub Exploit DB Packet Storm

189104	7.5	重要 Network	Flexense Ltd.	-	Flexense DiskBoss Enterprise におけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2017-15665	2018-02-16 11:39	2017-10-19	Show	GitHub Exploit DB Packet Storm

189105	7.5	重要 Network	Flexense Ltd.	-	Flexense Sync Breeze Enterprise におけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2017-15664	2018-02-16 11:39	2017-10-19	Show	GitHub Exploit DB Packet Storm

189106	7.5	重要 Network	Flexense Ltd.	-	Flexense Disk Pulse Enterprise におけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2017-15663	2018-02-16 11:39	2017-10-19	Show	GitHub Exploit DB Packet Storm

189107	7.5	重要 Network	Flexense Ltd.	-	Flexense VX Search Enterprise におけるセキュリティチェックに関する脆弱性	CWE-358 不適切に実装されたセキュリティチェック	CVE-2017-15662	2018-02-16 11:38	2017-10-19	Show	GitHub Exploit DB Packet Storm

189108	7.8	重要 Local	Google	-	Android の NVIDIA ドライバにおける整数オーバーフローの脆弱性	CWE-190 CWE-416	CVE-2017-0869	2018-02-16 11:35	2018-01-2	Show	GitHub Exploit DB Packet Storm

189109	7.8	重要 Local	Linux	-	Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2018-5344	2018-02-16 11:30	2018-01-6	Show	GitHub Exploit DB Packet Storm

189110	6.1	警告 Network	Atlassian	-	Atlassian Jira におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-14594	2018-02-16 11:30	2017-12-18	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2021	8.2	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4…	CWE-20 Improper Input Validation	CVE-2026-48109	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

2022	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attacker-controlled MessagePack extension len…	CWE-125 CWE-190 CWE-407 CWE-409 CWE-470 CWE-502 CWE-674 CWE-789 CWE-1188 Out-of-bounds Read Integer Overflow or Wraparound Inefficient Algorithmic Complexity Improper Handling of Highly Compressed Data (Data Amplification) Unsafe Reflection Deserialization of Untrusted Data Uncontrolled Recursion Memory Allocation with Excessive Size Value Insecure Default Initialization of Resource	CVE-2026-48502	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

2023	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o…	CWE-674 Uncontrolled Recursion	CVE-2026-48506	2026-06-24 02:24	2026-06-23	Show	GitHub Exploit DB Packet Storm

2024	8.1	HIGH Network	-	-	piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-55388	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2025	6.1	MEDIUM Network	astro	astro	Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolate…	CWE-79 Cross-site Scripting	CVE-2026-54298	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2026	-		-	-	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2026-54276	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2027	-		-	-	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerabilit…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-50170	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2028	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56406	2026-06-24 01:29	2026-06-22	Show	GitHub Exploit DB Packet Storm

2029	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56407	2026-06-24 01:28	2026-06-22	Show	GitHub Exploit DB Packet Storm

2030	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in copyString.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56408	2026-06-24 01:27	2026-06-22	Show	GitHub Exploit DB Packet Storm