Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191521 6.1 警告
Network 		Inedo - Inedo BuildMaster におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16760 2017-11-28 17:30 2017-11-8 Show GitHub Exploit DB Packet Storm
191522 9.8 緊急
Network 		Inedo - Inedo BuildMaster における脆弱性 CWE-noinfo
情報不足 		CVE-2017-16521 2017-11-28 17:30 2017-11-8 Show GitHub Exploit DB Packet Storm
191523 5.4 警告
Network 		MyBB Group - MyBB におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16781 2017-11-28 16:58 2017-11-7 Show GitHub Exploit DB Packet Storm
191524 9.8 緊急
Network 		MyBB Group - MyBB における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-16780 2017-11-28 16:58 2017-11-7 Show GitHub Exploit DB Packet Storm
191525 6.5 警告
Network 		The Tor Project - Tor Browser における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-16541 2017-11-28 16:58 2017-11-3 Show GitHub Exploit DB Packet Storm
191526 7.5 重要
Network 		OpenEMR - OpenEMR における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2017-16540 2017-11-28 16:58 2017-11-10 Show GitHub Exploit DB Packet Storm
191527 6.1 警告
Network 		The Cacti Group - Cacti におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16785 2017-11-28 16:54 2017-11-13 Show GitHub Exploit DB Packet Storm
191528 6.1 警告
Network 		RemObjects Software - Delphi 用 RemObjects Remoting SDK におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-16665 2017-11-28 16:51 2017-11-7 Show GitHub Exploit DB Packet Storm
191529 9.8 緊急
Network 		Zoho Corporation - Zoho ManageEngine Applications Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-16543 2017-11-28 16:22 2017-11-5 Show GitHub Exploit DB Packet Storm
191530 8.8 重要
Network 		Zoho Corporation - Zoho ManageEngine Applications Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-16542 2017-11-28 16:22 2017-11-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
141 4.9 MEDIUM
Network 		- - A flaw was found in KubeVirt's network annotation generator. When a tenant creates a VirtualMachineInstance with a Multus network configuration, the supplied networkName value is written verbatim int… New CWE-20
 Improper Input Validation  		CVE-2026-13434 2026-06-27 02:16 2026-06-27 Show GitHub Exploit DB Packet Storm
142 8.4 HIGH
Local 		- - Broken Access Control in the devLXDInstancePatchHandler component of Canonical LXD allows an untrusted guest to mount, read, and overwrite another guest's custom storage volume via a crafted device P… New CWE-639
CWE-862
 Authorization Bypass Through User-Controlled Key
 Missing Authorization 		CVE-2026-12411 2026-06-27 02:16 2026-06-27 Show GitHub Exploit DB Packet Storm
143 7.5 HIGH
Network 		- - Bytes::Random::Secure::Tiny versions through 1.011 for Perl share internal state across forked processes. When an object is initialised before forking, then the internal state for the PRNG is shared… New CWE-335
 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) 		CVE-2026-11702 2026-06-27 02:16 2026-06-26 Show GitHub Exploit DB Packet Storm
144 7.5 HIGH
Network 		- - Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes. When an object is initialised before forking, or when the functional interface is used, then the in… New CWE-335
 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) 		CVE-2026-11625 2026-06-27 02:16 2026-06-26 Show GitHub Exploit DB Packet Storm
145 7.5 HIGH
Network 		wolfssl wolfssl wolfSSL's AVX2-optimized ML-KEM implementation (mlkem_cmp_avx2) compares only 1536 of the 1568 ciphertext bytes during the Fujisaki-Okamoto re-encryption check in ML-KEM-1024 decapsulation. Ciphertex… New CWE-697
 Incorrect Comparison 		CVE-2026-10097 2026-06-27 02:16 2026-06-26 Show GitHub Exploit DB Packet Storm
146 - - - An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing the input of an arbitrary message,… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2023-20572 2026-06-27 02:16 2026-06-27 Show GitHub Exploit DB Packet Storm
147 - - - An observable timing discrepancy in the ASP could allow a privileged attacker to perform a brute-force attack against the hash message authentication code, allowing arbitrary message input, potential… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2023-20540 2026-06-27 02:16 2026-06-27 Show GitHub Exploit DB Packet Storm
148 8.8 HIGH
Network 		langflow langflow Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow's /api/v1/monitor router exposes 7 endpoints that perform read, write, and delete operations on… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-33760 2026-06-27 02:10 2026-06-24 Show GitHub Exploit DB Packet Storm
149 6.5 MEDIUM
Network 		langflow langflow Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (POST /api/v1/knowledge_bases). This… New CWE-22
Path Traversal 		CVE-2026-42867 2026-06-27 02:09 2026-06-24 Show GitHub Exploit DB Packet Storm
150 9.6 CRITICAL
Network 		langflow langflow Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.2, the "Shareable Playground" (or "Public Flows" in code) contains a critical RCE vulnerability. Shareable … New CWE-94
Code Injection 		CVE-2026-48519 2026-06-27 02:07 2026-06-24 Show GitHub Exploit DB Packet Storm