Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189471 6.5 警告
Network 		EmbedPlus - WordPress 用 YouTube プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-1000224 2017-12-11 09:52 2017-07-25 Show GitHub Exploit DB Packet Storm
189472 9.8 緊急
Network 		Python Software Foundation - CPython におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-1000158 2017-12-11 09:49 2017-06-13 Show GitHub Exploit DB Packet Storm
189473 5.4 警告
Network 		MODX - MODX Revolution CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1000223 2017-12-8 18:27 2017-11-17 Show GitHub Exploit DB Packet Storm
189474 5.4 警告
Network 		EllisLab, Inc. - EllisLab ExpressionEngine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1000160 2017-12-8 18:27 2017-11-17 Show GitHub Exploit DB Packet Storm
189475 6.1 警告
Network 		Mikko Saari - Relevanssi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1000225 2017-12-8 18:24 2017-02-28 Show GitHub Exploit DB Packet Storm
189476 7.8 重要
Local 		OptiPNG - OptiPNG における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2017-1000229 2017-12-8 18:12 2017-11-19 Show GitHub Exploit DB Packet Storm
189477 5.4 警告
Network 		Vonage - Vonage VDV-23 デバイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16843 2017-12-8 18:04 2017-11-16 Show GitHub Exploit DB Packet Storm
189478 8.8 重要
Network 		NetApp - NetApp SnapCenter Server におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-15516 2017-12-8 17:59 2017-11-14 Show GitHub Exploit DB Packet Storm
189479 6.6 警告
Network 		UpdraftPlus.Com - WordPress 用 UpdraftPlus プラグインにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2017-16871 2017-12-8 17:58 2017-11-29 Show GitHub Exploit DB Packet Storm
189480 6.6 警告
Network 		UpdraftPlus.Com - WordPress 用 UpdraftPlus プラグインにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2017-16870 2017-12-8 17:58 2017-11-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
761 6.5 MEDIUM
Network 		- - Russh is a Rust SSH client & server library. From version 0.37.0 to before version 0.61.0, in the russh client keyboard-interactive authentication path, a malicious SSH server could send a USERAUTH_I… New CWE-20
 Improper Input Validation  		CVE-2026-48107 2026-06-12 00:24 2026-06-11 Show GitHub Exploit DB Packet Storm
762 5.3 MEDIUM
Network 		- - Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, russh did not enforce the SSH identification-string rules as deliberately as OpenSSH. In particular, … New CWE-20
 Improper Input Validation  		CVE-2026-48108 2026-06-12 00:24 2026-06-11 Show GitHub Exploit DB Packet Storm
763 - - - Cerebrate before version 1.37 contains a mass-assignment vulnerability in the generic CRUD add path. The add() handler attempted to remove an attacker-supplied id from $params before normalizing the … New CWE-20
 Improper Input Validation  		CVE-2026-53901 2026-06-12 00:24 2026-06-11 Show GitHub Exploit DB Packet Storm
764 - - - Cerebrate before version 1.37 allowed the id primary key field to be supplied through request input during CRUD edit operations and certain custom entity patching flows. In affected entities that did… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-53911 2026-06-12 00:24 2026-06-11 Show GitHub Exploit DB Packet Storm
765 - - - Cerebrate before version 1.37 exposed credential material from self-registration requests. The self-registration workflow stored the registrant’s hashed password in the inbox message data payload. Th… New CWE-200
Information Exposure 		CVE-2026-53912 2026-06-12 00:24 2026-06-11 Show GitHub Exploit DB Packet Storm
766 8.7 HIGH
Network 		- - GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authentic… New CWE-79
Cross-site Scripting 		CVE-2026-10087 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
767 4.3 MEDIUM
Network 		- - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that could have allowed an authenticated user to cause den… New CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-10733 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
768 6.5 MEDIUM
Network 		- - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authe… New CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-1500 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
769 3.1 LOW
Network 		- - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.0 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authen… New CWE-863
 Incorrect Authorization 		CVE-2026-3553 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm
770 - - - A Missing Authorization vulnerability in the playbook import functionality in Dialogflow CX on Google Cloud Platform allows an authenticated user with specific roles to escalate privileges and potent… New CWE-862
 Missing Authorization 		CVE-2026-4764 2026-06-12 00:22 2026-06-11 Show GitHub Exploit DB Packet Storm