Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1951 5.4 警告
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のなりすましの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45465 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1952 5.4 警告
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のなりすましの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45479 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1953 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 24h2
Microsoft Windows 11 26h1
Microsoft Windows Server 2025
Microsoft Windows 11 25h2 		Windows カーネルモード ドライバーの特権の昇格の脆弱性 CWE-843
型の取り違え 		CVE-2026-45600 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1954 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows Server 2012
Microsoft Windows 11 24h2
Microsoft Windows 10 21h2
Microsoft Wind… 		UEFI セキュア ブートのセキュリティ機能バイパスの脆弱性 CWE-693
保護メカニズムの不具合 		CVE-2026-45656 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1955 9.8 緊急
Network 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows 11 24h2
Microsoft Windows Server 2022
Microsoft Windows 11 23h2
Microsoft Wind… 		Windows カーネルのリモートでコードが実行される脆弱性 CWE-122
CWE-416
CVE-2026-45657 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1956 6.8 警告
Physics 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows Server 2012
Microsoft Windows 11 24h2
Microsoft Windows 10 21h2
Microsoft Wind… 		Windows BitLocker セキュリティ機能バイパスの脆弱性 CWE-284
CWE-noinfo
CVE-2026-45658 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1957 7.5 重要
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性 CWE-776
DTD の再帰的なエンティティ参照の不適切な制限 		CVE-2026-45771 2026-06-11 16:23 2026-06-9 Show GitHub Exploit DB Packet Storm
1958 4.3 警告
Network 		University at Buffalo Open XDMoD University at BuffaloのOpen XDMoDにおけるアクセス制御に関する脆弱性 CWE-284
CWE-noinfo
CVE-2026-45776 2026-06-11 16:23 2026-06-5 Show GitHub Exploit DB Packet Storm
1959 9.8 緊急
Network 		University at Buffalo Open XDMoD University at BuffaloのOpen XDMoDにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-45777 2026-06-11 16:23 2026-06-5 Show GitHub Exploit DB Packet Storm
1960 5.4 警告
Network 		University at Buffalo Open XDMoD University at BuffaloのOpen XDMoDにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45778 2026-06-11 16:23 2026-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1011 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12850 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1012 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12851 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1013 5.4 MEDIUM
Network 		- - Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified crede… New CWE-862
 Missing Authorization 		CVE-2026-57291 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1014 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentia… New CWE-352
 Origin Validation Error 		CVE-2026-57292 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1015 4.3 MEDIUM
Network 		- - An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particul… New CWE-862
 Missing Authorization 		CVE-2026-57293 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1016 8.8 HIGH
Network 		- - Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with I… New CWE-22
Path Traversal 		CVE-2026-57296 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1017 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL usi… New CWE-352
 Origin Validation Error 		CVE-2026-57298 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1018 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{event_id}/update validates that the caller has write … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54006 2026-06-25 22:41 2026-06-24 Show GitHub Exploit DB Packet Storm
1019 6.5 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit mess… New CWE-346
 Origin Validation Error 		CVE-2026-54007 2026-06-25 22:40 2026-06-24 Show GitHub Exploit DB Packet Storm
1020 8.5 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/oauth.py::_process_picture_url calls validate_url(picture_u… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54008 2026-06-25 22:35 2026-06-24 Show GitHub Exploit DB Packet Storm