Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
193601 8.8 重要
Network 		シスコシステムズ - Cisco Unified Communications Manager における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-6757 2017-09-5 16:23 2017-08-2 Show GitHub Exploit DB Packet Storm
193602 7.8 重要
Local 		Hancom Inc. - Hangul Word Processor におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2015-6585 2017-09-5 16:21 2015-09-7 Show GitHub Exploit DB Packet Storm
193603 7.5 重要
Network 		eapmd5pass project - eapmd5pass における境界外読み取りに関する脆弱性 CWE-125
CWE-787
CVE-2017-11670 2017-09-5 16:16 2017-07-31 Show GitHub Exploit DB Packet Storm
193604 7.5 重要
Network 		eapmd5pass project - eapmd5pass における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-11669 2017-09-5 16:16 2017-07-31 Show GitHub Exploit DB Packet Storm
193605 7.5 重要
Network 		eapmd5pass project - eapmd5pass における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2017-11668 2017-09-5 16:16 2017-07-31 Show GitHub Exploit DB Packet Storm
193606 7.5 重要
Network 		OpenPGP.js - OpenPGP.js における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2015-8013 2017-09-5 16:16 2015-10-3 Show GitHub Exploit DB Packet Storm
193607 8.8 重要
Network 		ZyXEL - ZyXEL PK5001Z デバイスにおける証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2016-10401 2017-09-5 16:12 2017-07-25 Show GitHub Exploit DB Packet Storm
193608 6.5 警告
Local 		SAP - SAP NetWeaver AS JAVA における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-11457 2017-09-5 16:01 2017-04-12 Show GitHub Exploit DB Packet Storm
193609 6.5 警告
Network 		NetApp - NetApp OnCommand API Services におけアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-8919 2017-09-5 15:42 2017-07-18 Show GitHub Exploit DB Packet Storm
193610 7.5 重要
Network 		シスコシステムズ - Cisco ASR 5000 シリーズのアグリゲーションサービスルータにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-6672 2017-09-5 15:35 2017-07-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 7.5 HIGH
Network 		openvm openvm OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theor… New CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-46669 2026-06-13 04:38 2026-06-11 Show GitHub Exploit DB Packet Storm
172 4.6 MEDIUM
Network 		umbraco umbraco_cms Umbraco is an ASP.NET CMS. From version 14.0.0 to before version 17.4.0, authenticated users are able to inject HTML into an input field, which is rendered in the confirmation dialog without proper o… Update CWE-79
Cross-site Scripting 		CVE-2026-46609 2026-06-13 04:34 2026-06-11 Show GitHub Exploit DB Packet Storm
173 6.1 MEDIUM
Network 		umbraco umbraco_cms Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor t… Update CWE-601
Open Redirect 		CVE-2026-46616 2026-06-13 04:34 2026-06-11 Show GitHub Exploit DB Packet Storm
174 8.8 HIGH
Network 		apache ofbiz Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template inj… New CWE-94
Code Injection 		CVE-2026-50223 2026-06-13 04:30 2026-06-11 Show GitHub Exploit DB Packet Storm
175 7.8 HIGH
Local 		microsoft pc_manager Improper access control in Microsoft PC Manager allows an authorized attacker to bypass a security feature locally. Update CWE-284
Improper Access Control 		CVE-2026-49161 2026-06-13 04:30 2026-06-10 Show GitHub Exploit DB Packet Storm
176 9.8 CRITICAL
Network 		vmware spring_for_graphql Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Exec… New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-41699 2026-06-13 04:28 2026-06-11 Show GitHub Exploit DB Packet Storm
177 8.1 HIGH
Network 		microsoft teams Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Teams for Android allows an authorized attacker to disclose information over a network. Update CWE-74
Injection 		CVE-2026-42835 2026-06-13 04:28 2026-06-10 Show GitHub Exploit DB Packet Storm
178 8.2 HIGH
Local 		adobe acrobat_dc
acrobat_reader_dc
acrobat 		Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the cu… Update CWE-427
 Uncontrolled Search Path Element 		CVE-2026-47937 2026-06-13 04:23 2026-06-10 Show GitHub Exploit DB Packet Storm
179 5.5 MEDIUM
Local 		adobe acrobat_dc
acrobat_reader_dc
acrobat 		Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this v… Update CWE-125
Out-of-bounds Read 		CVE-2026-47926 2026-06-13 04:23 2026-06-10 Show GitHub Exploit DB Packet Storm
180 5.5 MEDIUM
Local 		adobe acrobat_dc
acrobat_reader_dc
acrobat 		Acrobat Reader versions 24.001.30365, 26.001.21651 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could… Update CWE-190
 Integer Overflow or Wraparound 		CVE-2026-47925 2026-06-13 04:23 2026-06-10 Show GitHub Exploit DB Packet Storm