Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196521 9.8 緊急
Network 		レッドハット - Red Hat Jboss Application Server の JbossMQ の実装における信頼性のないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2017-7504 2017-06-23 14:45 2017-05-16 Show GitHub Exploit DB Packet Storm
196522 8.8 重要
Network 		ytnef project - ytnef の libytnef の lib/ytnef.c 内の TNEFFillMapi 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2017-9146 2017-06-23 14:38 2017-05-15 Show GitHub Exploit DB Packet Storm
196523 8.8 重要
Network 		GNU Project - GnuTLS libtasn1 におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-6891 2017-06-23 14:38 2017-05-19 Show GitHub Exploit DB Packet Storm
196524 8 重要
Network 		Apache Software Foundation - Apache Archiva におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-5657 2017-06-23 14:38 2017-05-16 Show GitHub Exploit DB Packet Storm
196525 7.5 重要
Network 		ImageMagick
GraphicsMagick		 - ImageMagick および GraphicsMagick におけるプロセスメモリ空間から重要な情報を漏えいされる脆弱性 CWE-200
情報漏えい 		CVE-2017-9098 2017-06-23 14:28 2017-03-9 Show GitHub Exploit DB Packet Storm
196526 7.8 重要
Local 		Schneider Electric - Schneider Electric Wonderware InduSoft Web Studio における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-7968 2017-06-23 14:17 2017-03-31 Show GitHub Exploit DB Packet Storm
196527 7.1 重要
Network 		DELL EMC (旧 EMC Corporation) - EMC Isilon OneFS における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-4979 2017-06-23 14:09 2017-05-10 Show GitHub Exploit DB Packet Storm
196528 5.4 警告
Network 		IBM - IBM Tivoli Federated Identity Manager におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-1320 2017-06-23 14:09 2017-05-11 Show GitHub Exploit DB Packet Storm
196529 8.2 重要
Network 		IBM - IBM SDK, Java Technology Edition における XML 外部エンティティの脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-1289 2017-06-23 14:09 2017-05-8 Show GitHub Exploit DB Packet Storm
196530 5.4 警告
Network 		IBM - IBM Business Process Manager におけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2017-1159 2017-06-23 14:09 2017-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3421 4.8 MEDIUM
Network 		jetbrains teamcity In JetBrains TeamCity before 2026.1 stored XSS on the SAML login page was possible CWE-79
Cross-site Scripting 		CVE-2026-49381 2026-06-2 21:36 2026-05-30 Show GitHub Exploit DB Packet Storm
3422 5.5 MEDIUM
Local 		synology storage_manager A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local users on Windows to obtain sensitive inf… CWE-598
Information Exposure Through Query Strings in GET Request  		CVE-2026-2237 2026-06-2 19:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3423 7.5 HIGH
Network 		jetbrains teamcity In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-49372 2026-06-2 13:07 2026-05-30 Show GitHub Exploit DB Packet Storm
3424 8.2 HIGH
Network 		jetbrains teamcity In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible CWE-79
Cross-site Scripting 		CVE-2026-49371 2026-06-2 13:06 2026-05-30 Show GitHub Exploit DB Packet Storm
3425 7.5 HIGH
Network 		- - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifyin… CWE-290
CWE-345
 Authentication Bypass by Spoofing
 Insufficient Verification of Data Authenticity 		CVE-2026-47123 2026-06-2 12:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3426 8.2 HIGH
Network 		- - form-data-objectizer converts FormData to object. Prior to 1.0.1, form-data-objectizer walks bracket-notation form keys (e.g. name[sub]) into nested objects without filtering __proto__, constructor, … CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-46510 2026-06-2 12:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3427 8.8 HIGH
Network 		- - Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.0 and earlier, the deleteRegistry function in Dokploy (packages/server/src/services/registry.ts) executes docker logout ${respon… CWE-78
OS Command  		CVE-2026-45662 2026-06-2 12:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3428 9.9 CRITICAL
Network 		- - Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitr… CWE-22
CWE-35
Path Traversal
 Path Traversal: '.../...//' 		CVE-2026-45661 2026-06-2 12:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3429 9.9 CRITICAL
Network 		- - Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to… CWE-78
OS Command  		CVE-2026-45629 2026-06-2 12:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3430 7.5 HIGH
Network 		yhirose cpp-httplib cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process cras… CWE-20
CWE-770
CWE-1285
 Improper Input Validation 
 Allocation of Resources Without Limits or Throttling
 Improper Validation of Specified Index, Position, or Offset in Input 		CVE-2026-45352 2026-06-2 12:16 2026-05-30 Show GitHub Exploit DB Packet Storm