Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 6:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
194991 6.1 警告
Network 		IBM - IBM Security Guardium におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1256 2017-07-26 10:21 2017-06-29 Show GitHub Exploit DB Packet Storm
194992 6.1 警告
Network 		IBM - IBM WebSphere Portal におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1217 2017-07-26 10:21 2017-06-27 Show GitHub Exploit DB Packet Storm
194993 9.1 緊急
Network 		Schneider Electric - 複数の Schneider Electric Modicon PLC Modicon ファームウェアにおけるエントロピー不足に関する脆弱性 CWE-331
エントロピー不足 		CVE-2017-6030 2017-07-26 09:59 2017-03-30 Show GitHub Exploit DB Packet Storm
194994 9.8 緊急
Network 		Schneider Electric - Schneider Electric Modicon PLC Modicon M241 および M251 ファームウェアにおける証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2017-6028 2017-07-26 09:59 2017-03-30 Show GitHub Exploit DB Packet Storm
194995 9.1 緊急
Network 		Schneider Electric - Schneider Electric Modicon PLC Modicon M241 および M251 ファームウェアにおける不十分なランダム値の使用に関する脆弱性 CWE-330
不十分なランダム値の使用 		CVE-2017-6026 2017-07-26 09:59 2017-03-30 Show GitHub Exploit DB Packet Storm
194996 7.5 重要
Network 		Arcadyan Technology Corporation - Arcadyan SLT-00 Star* デバイスの Web インターフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-10042 2017-07-25 18:21 2016-12-15 Show GitHub Exploit DB Packet Storm
194997 9.8 緊急
Network 		Marel - 複数の Marel Food Processing System 製品のファームウェアにおける危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2017-6041 2017-07-25 17:55 2017-04-4 Show GitHub Exploit DB Packet Storm
194998 6.2 警告
Local 		Antiy Labs - Antiy Antivirus Engine におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-10706 2017-07-25 17:35 2016-07-1 Show GitHub Exploit DB Packet Storm
194999 6.1 警告
Network 		Episerver - Ektron Content Management System におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6201 2017-07-25 17:30 2016-07-29 Show GitHub Exploit DB Packet Storm
195000 8.4 重要
Network 		ヒューレット・パッカード・エンタープライズ - HPE Helion Openstack Glance の glance-manage db における通知なく変更されたイメージを別のユーザが起動させられる脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-4383 2017-07-25 17:28 2016-10-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
161 - - - Stack-based Buffer Overflow vulnerability in Erlang OTP erts (inet_drv) allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctp_parse_error_chu… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-49759 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
162 - - - Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/… New CWE-863
CWE-1025
 Incorrect Authorization
 Comparison Using Wrong Factors 		CVE-2026-48860 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
163 - - - Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication. W… New CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-48859 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
164 4.3 MEDIUM
Network 		google chrome Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) New CWE-457
 Use of Uninitialized Variable 		CVE-2026-11668 2026-06-11 01:17 2026-06-9 Show GitHub Exploit DB Packet Storm
165 - - - Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp_internal:handle_ctrl_… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48858 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
166 - - - Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request… New CWE-601
Open Redirect 		CVE-2026-48856 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
167 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of… New CWE-200
Information Exposure 		CVE-2026-48855 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
168 5.0 MEDIUM
Network 		- - OpenFGA is an authorization/permission engine built for developers. Prior to version 1.16.0, when iterator caching is enabled, two distinct check requests can produce the same cache key, leading to O… New CWE-345
CWE-668
 Insufficient Verification of Data Authenticity
 Exposure of Resource to Wrong Sphere 		CVE-2026-48096 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
169 8.3 HIGH
Network 		- - Plane is an open-source project management tool. Prior to version 1.3.1, there is a cross-workspace asset authorization bypass lets any authenticated user read, copy, delete, and overwrite assets in … New CWE-639
CWE-862
 Authorization Bypass Through User-Controlled Key
 Missing Authorization 		CVE-2026-46558 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
170 7.8 HIGH
Local 		- - LMDeploy is a toolkit for compressing, deploying, and serving large language models. In versions 0.12.3 and prior, hardcoded "trust_remote_code=True" enables HF supply-chain RCE without user opt-in. … New CWE-94
CWE-915
CWE-1188
Code Injection
 Improperly Controlled Modification of Dynamically-Determined Object Attributes
 Insecure Default Initialization of Resource 		CVE-2026-46517 2026-06-11 01:17 2026-06-10 Show GitHub Exploit DB Packet Storm