Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191491 9.8 緊急
Network 		Joomla! - Joomla! における認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2017-16634 2017-11-29 16:06 2017-11-7 Show GitHub Exploit DB Packet Storm
191492 4.3 警告
Network 		Joomla! - Joomla! における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-16633 2017-11-29 16:06 2017-11-7 Show GitHub Exploit DB Packet Storm
191493 5.4 警告
Network 		Logitech - Logitech Media Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16568 2017-11-29 16:06 2017-11-3 Show GitHub Exploit DB Packet Storm
191494 5.4 警告
Network 		Logitech - Logitech Media Server におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16567 2017-11-29 16:06 2017-11-3 Show GitHub Exploit DB Packet Storm
191495 8.8 重要
Network 		Grandstream Networks - Vonage HT802 デバイスにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-16565 2017-11-29 15:05 2017-11-4 Show GitHub Exploit DB Packet Storm
191496 8 重要
Network 		Grandstream Networks - Vonage HT802 デバイスにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-16563 2017-11-29 15:05 2017-11-4 Show GitHub Exploit DB Packet Storm
191497 5.4 警告
Network 		Grandstream Networks - Vonage HT802 デバイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16564 2017-11-29 15:05 2017-11-4 Show GitHub Exploit DB Packet Storm
191498 5.4 警告
Network 		CMS Made Simple - CMS Made Simple における格納型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16799 2017-11-29 11:40 2017-11-13 Show GitHub Exploit DB Packet Storm
191499 5.4 警告
Network 		CMS Made Simple - CMS Made Simple におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16798 2017-11-29 11:40 2017-11-13 Show GitHub Exploit DB Packet Storm
191500 6.1 警告
Network 		NetIQ - NetIQ iManager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7425 2017-11-29 11:34 2017-07-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 5.3 MEDIUM
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XP… New CWE-416
 Use After Free 		CVE-2026-57437 2026-06-27 01:47 2026-06-26 Show GitHub Exploit DB Packet Storm
172 5.3 MEDIUM
Network 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, Nokogiri::XML::Document#root= validated only that the new root was a Nokogiri::XML::Node, allowing … New CWE-416
 Use After Free 		CVE-2026-57436 2026-06-27 01:47 2026-06-26 Show GitHub Exploit DB Packet Storm
173 3.8 LOW
Network 		mattermost mattermost_server Mattermost versions 11.7.x <= 11.7.0, 10.11.x <= 10.11.17 fail to validate bot targets when demoting users to guests which allows a lower-privileged administrator to degrade arbitrary bot accounts vi… New CWE-863
 Incorrect Authorization 		CVE-2026-8823 2026-06-27 01:39 2026-06-23 Show GitHub Exploit DB Packet Storm
174 10.0 CRITICAL
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. Prior to 3.7.3, there is a critical vulnerability in Traefik's HTTP/3 (QUIC) TLS configuration selection that allows unauthenticated clients to byp… New CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-53622 2026-06-27 01:39 2026-06-24 Show GitHub Exploit DB Packet Storm
175 7.1 HIGH
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.21 and 3.7.5, there is a high severity vulnerability in Traefik's Kubernetes Gateway provider affecting the crossProviderNamespaces al… New CWE-284
CWE-863
Improper Access Control
 Incorrect Authorization 		CVE-2026-54761 2026-06-27 01:37 2026-06-24 Show GitHub Exploit DB Packet Storm
176 8.6 HIGH
Network 		traefik traefik Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to… New CWE-636
CWE-693
 Not Failing Securely ('Failing Open')
 Protection Mechanism Failure 		CVE-2026-54762 2026-06-27 01:37 2026-06-24 Show GitHub Exploit DB Packet Storm
177 7.5 HIGH
Network 		- - Parse Server before 4.10.0 contains a supply chain vulnerability where incorrect version tags were pushed to the repository linking to unreviewed code in a personal fork. Attackers could exploit this… New CWE-494
 Download of Code Without Integrity Check 		CVE-2021-47986 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
178 7.5 HIGH
Network 		- - Flowise before 3.0.6 contains an arbitrary file read vulnerability in the chatId parameter of the /api/v1/get-upload-file and /api/v1/openai-assistants-file/download endpoints. The chatId value is no… New CWE-73
 External Control of File Name or Path 		CVE-2025-71324 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
179 9.1 CRITICAL
Network 		- - Flowise contains an authentication bypass vulnerability in the unprotected /api/v1/account/register endpoint that allows unauthenticated attackers to create user accounts. Remote attackers can exploi… New CWE-306
Missing Authentication for Critical Function 		CVE-2025-71327 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm
180 8.3 HIGH
Network 		- - Flowise before 3.0.10 contains an unverified password change vulnerability. An authenticated user can change their account password through the account settings (Security) section without supplying t… New CWE-620
 Unverified Password Change 		CVE-2025-71328 2026-06-27 01:19 2026-06-26 Show GitHub Exploit DB Packet Storm