Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
192881 7.1 重要
Physics
インテル - 複数の Intel NUC Kit 製品のファームウェアにおける認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-5701 2017-11-10 16:13 2017-10-6 Show GitHub Exploit DB Packet Storm
192882 8.4 重要
Local
インテル - 複数の Intel NUC Kit 製品のファームウェアにおける証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理
CVE-2017-5700 2017-11-10 16:13 2017-10-6 Show GitHub Exploit DB Packet Storm
192883 6.5 警告
Network
GridGain Systems, Inc. - GridGain におけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2017-14614 2017-11-10 16:05 2017-10-5 Show GitHub Exploit DB Packet Storm
192884 7.5 重要
Network
Digium - Asterisk および Certified Asterisk における情報漏えいに関する脆弱性 CWE-200
情報漏えい
CVE-2017-14603 2017-11-10 16:01 2017-09-19 Show GitHub Exploit DB Packet Storm
192885 5 警告
Local
Mp3splt project - Libmp3splt における入力確認に関する脆弱性 CWE-20
不適切な入力確認
CVE-2017-15185 2017-11-10 15:59 2017-09-26 Show GitHub Exploit DB Packet Storm
192886 7.5 重要
Network
InFocus Corporation - InFocus Mondopad における認証に関する脆弱性 CWE-287
不適切な認証
CVE-2017-14972 2017-11-10 15:54 2017-09-29 Show GitHub Exploit DB Packet Storm
192887 5.5 警告
Local
InFocus Corporation - Infocus Mondopad における情報漏えいに関する脆弱性 CWE-200
情報漏えい
CVE-2017-14971 2017-11-10 15:54 2017-09-29 Show GitHub Exploit DB Packet Storm
192888 7.8 重要
Local
X.Org Foundation
Debian
- X.Org Server におけるバッファエラーの脆弱性 CWE-119
バッファエラー
CVE-2017-13723 2017-11-10 15:51 2017-10-4 Show GitHub Exploit DB Packet Storm
192889 4.7 警告
Local
X.Org Foundation
Debian
- X.Org Server における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2017-13721 2017-11-10 15:51 2017-10-4 Show GitHub Exploit DB Packet Storm
192890 8.8 重要
Network
Jenkins プロジェクト - Role-based Authorization Strategy プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反
CVE-2017-1000090 2017-11-10 15:41 2017-07-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3981 6.5 MEDIUM
Adjacent
- - aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the pa… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-47157 2026-06-12 03:16 2026-06-12 Show GitHub Exploit DB Packet Storm
3982 5.3 MEDIUM
Network
- - Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.9, Fediverse Embeds registered the unauthenticated AJAX action wp_ajax_nopriv_ftf_get_site_info (includes/Site_Info.ph… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-46698 2026-06-12 03:16 2026-06-12 Show GitHub Exploit DB Packet Storm
3983 7.5 HIGH
Network
- - Fediverse Embeds embeds fediverse posts on WordPress sites. Prior to version 1.5.8, Fediverse Embeds registered an unauthenticated REST route ftf/media-proxy (includes/Media_Proxy.php) with permissio… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-46697 2026-06-12 03:16 2026-06-12 Show GitHub Exploit DB Packet Storm
3984 - - - A remote unauthenticated attacker may be able to conduct credential-guessing attacks against user accounts in Sonatype Nexus Repository via authentication endpoints. CWE-307
mproper Restriction of Excessive Authentication Attempts
CVE-2026-3329 2026-06-12 03:16 2026-06-12 Show GitHub Exploit DB Packet Storm
3985 4.9 MEDIUM
Network
- - A flaw was found in the admin-ui-ext component of Keycloak, which provides extended administrative user interface capabilities. The issue occurs because certain bulk role-removal endpoints fail to pe… CWE-425
 Direct Request ('Forced Browsing')
CVE-2026-11986 2026-06-12 03:16 2026-06-12 Show GitHub Exploit DB Packet Storm
3986 8.8 HIGH
Local
espressif esp-idf ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, the esp_tee component exposes secure-service wrappers in esp_secure_services.c and esp_secure_servi… CWE-20
CWE-787
 Improper Input Validation 
 Out-of-bounds Write
CVE-2026-45328 2026-06-12 03:15 2026-06-10 Show GitHub Exploit DB Packet Storm
3987 7.5 HIGH
Network
espressif esp-idf ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.4, and 6.0, a NULL-pointer dereference exists in the WebSocket subprotocol-negotiation pa… CWE-476
 NULL Pointer Dereference
CVE-2026-45541 2026-06-12 03:05 2026-06-10 Show GitHub Exploit DB Packet Storm
3988 6.5 MEDIUM
Local
espressif esp-idf ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.5.4 and 6.0, several ESP-TEE secure-service wrappers in esp_secure_services.c and esp_secure_services_iram.c val… CWE-20
CWE-125
CWE-200
 Improper Input Validation 
Out-of-bounds Read
Information Exposure
CVE-2026-45329 2026-06-12 03:04 2026-06-10 Show GitHub Exploit DB Packet Storm
3989 6.5 MEDIUM
Network
7-zip 7-zip 7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCa… CWE-908
 Use of Uninitialized Resource
CVE-2026-48101 2026-06-12 03:02 2026-06-6 Show GitHub Exploit DB Packet Storm
3990 7.8 HIGH
Local
microsoft windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2022
windows_server_2025
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. CWE-843
CWE-125
Type Confusion
Out-of-bounds Read
CVE-2026-45641 2026-06-12 02:42 2026-06-10 Show GitHub Exploit DB Packet Storm