Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
191871 9.8 緊急
Network
Python Software Foundation - CPython におけるバッファエラーの脆弱性 CWE-119
バッファエラー
CVE-2017-1000158 2017-12-11 09:49 2017-06-13 Show GitHub Exploit DB Packet Storm
191872 5.4 警告
Network
MODX - MODX Revolution CMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-1000223 2017-12-8 18:27 2017-11-17 Show GitHub Exploit DB Packet Storm
191873 5.4 警告
Network
EllisLab, Inc. - EllisLab ExpressionEngine におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-1000160 2017-12-8 18:27 2017-11-17 Show GitHub Exploit DB Packet Storm
191874 6.1 警告
Network
Mikko Saari - Relevanssi におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-1000225 2017-12-8 18:24 2017-02-28 Show GitHub Exploit DB Packet Storm
191875 7.8 重要
Local
OptiPNG - OptiPNG における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド
CVE-2017-1000229 2017-12-8 18:12 2017-11-19 Show GitHub Exploit DB Packet Storm
191876 5.4 警告
Network
Vonage - Vonage VDV-23 デバイスにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2017-16843 2017-12-8 18:04 2017-11-16 Show GitHub Exploit DB Packet Storm
191877 8.8 重要
Network
NetApp - NetApp SnapCenter Server におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2017-15516 2017-12-8 17:59 2017-11-14 Show GitHub Exploit DB Packet Storm
191878 6.6 警告
Network
UpdraftPlus.Com - WordPress 用 UpdraftPlus プラグインにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション
CVE-2017-16871 2017-12-8 17:58 2017-11-29 Show GitHub Exploit DB Packet Storm
191879 6.6 警告
Network
UpdraftPlus.Com - WordPress 用 UpdraftPlus プラグインにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ
CVE-2017-16870 2017-12-8 17:58 2017-11-29 Show GitHub Exploit DB Packet Storm
191880 8.8 重要
Network
libbpg - libbpg などの製品におけるバッファエラーの脆弱性 CWE-119
バッファエラー
CVE-2017-14034 2017-12-8 17:56 2017-11-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2721 8.8 HIGH
Network
- - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. CWE-269
 Improper Privilege Management
CVE-2026-12289 2026-06-17 02:16 2026-06-16 Show GitHub Exploit DB Packet Storm
2722 9.1 CRITICAL
Network
- - Crypt::DSA versions before 1.21 for Perl reused the nonce across signatures, leading to private-key recovery. Crypt::DSA::sign caches the per-signature nonce material in the Key object without ever … CWE-323
 Reusing a Nonce, Key Pair in Encryption
CVE-2026-12205 2026-06-17 02:16 2026-06-16 Show GitHub Exploit DB Packet Storm
2723 8.8 HIGH
Network
- - Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to exec… CWE-78
OS Command 
CVE-2026-12161 2026-06-17 02:16 2026-06-16 Show GitHub Exploit DB Packet Storm
2724 9.1 CRITICAL
Network
- - Socket versions before 2.041 for Perl have an out-of-bounds heap read. In Socket.xs, pack_ip_mreq_source() checks the length of its source argument before the argument is read, so the check tests th… CWE-125
CWE-805
Out-of-bounds Read
 Buffer Access with Incorrect Length Value
CVE-2026-12087 2026-06-17 02:16 2026-06-16 Show GitHub Exploit DB Packet Storm
2725 9.1 CRITICAL
Network
- - Dancer2::Plugin::Auth::OAuth versions before 0.22 for Perl default to a predictable nonce. The default nonce was generated using an MD5 hash of the epoch time, which is predictable. CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CVE-2026-11832 2026-06-17 02:16 2026-06-16 Show GitHub Exploit DB Packet Storm
2726 7.5 HIGH
Network
expressjs multer Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files… CWE-459
 Incomplete Cleanup
CVE-2026-5038 2026-06-17 01:59 2026-06-16 Show GitHub Exploit DB Packet Storm
2727 7.7 HIGH
Network
mattermost mattermost_desktop Mattermost Desktop App versions <=6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded to in the Mattermost Desktop App which allows any user on a server w… CWE-522
 Insufficiently Protected Credentials
CVE-2026-6517 2026-06-17 01:54 2026-06-15 Show GitHub Exploit DB Packet Storm
2728 7.5 HIGH
Network
expressjs multer Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form data. The append-field dependency parses bracket no… CWE-400
 Uncontrolled Resource Consumption
CVE-2026-5079 2026-06-17 01:49 2026-06-15 Show GitHub Exploit DB Packet Storm
2729 7.8 HIGH
Local
foxit ai When the application executes the JavaScript script embedded in the PDF within the sandbox, it fails to intercept some dangerous interfaces, which allows remote scripts to be loaded, resulting in arb… CWE-829
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2026-12057 2026-06-17 01:43 2026-06-15 Show GitHub Exploit DB Packet Storm
2730 4.4 MEDIUM
Local
ibm security_qradar_edr IBM Security QRadar EDR 3.12 through 3.12.24 stores user credentials in plain text which can be read by a local privileged user. CWE-256
CWE-522
Plaintext Storage of a Password 
 Insufficiently Protected Credentials
CVE-2024-45636 2026-06-17 01:26 2026-06-12 Show GitHub Exploit DB Packet Storm