Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196991 5.5 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows カーネルにおける情報を公開される脆弱性 CWE-200
情報漏えい 		CVE-2017-8564 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196992 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8562 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196993 5.5 警告
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows システム情報コンソールにおける情報を公開される脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-8557 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196994 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Graphics における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8556 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196995 7 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Graphics における権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-8467 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196996 7.8 重要
Local 		マイクロソフト - 複数の Microsoft Windows 製品の Windows Shell におけるリモートでコードを実行される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-8463 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196997 7.8 重要
Local 		マイクロソフト - Microsoft Office におけるリモートでコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2017-0243 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196998 6.5 警告
Network 		マイクロソフト - 複数の Microsoft Windows 製品の Windows パフォーマンス モニターにおける情報を公開される脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2017-0170 2017-07-21 16:53 2017-07-11 Show GitHub Exploit DB Packet Storm
196999 8.6 重要
Network 		Rockwell Automation - Rockwell Automation PanelView Plus 6 700-1500 における認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2017-7914 2017-07-21 16:41 2017-06-6 Show GitHub Exploit DB Packet Storm
197000 7.5 重要
Network 		Digital Canal Structural - Digital Canal Structural Wind Analysis におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-7910 2017-07-21 16:24 2017-06-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 9.9 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.7, the cron plugin utilizes commands in the app.json file to manage system cron running as the Dokku user. An app.json cron command utilizing special she… New CWE-78
OS Command  		CVE-2026-54636 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
2 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the openresty-vhosts plugin copies files from an app's openresty/http-includes/ git repository directory to the host and then interpolates their filen… New CWE-95
Eval Injection 		CVE-2026-45406 2026-06-27 04:01 2026-06-27 Show GitHub Exploit DB Packet Storm
3 5.4 MEDIUM
Network 		getgrav grav Grav before 1.6.30 contains a cross-site scripting vulnerability in the Admin plugin page editor default security configuration. Privileged users with page editing capabilities can inject malicious s… New CWE-79
Cross-site Scripting 		CVE-2020-37256 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
4 5.5 MEDIUM
Local 		freebsd freebsd When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not check the result before delivering the signal. The … New CWE-269
 Improper Privilege Management 		CVE-2026-45256 2026-06-27 03:58 2026-06-27 Show GitHub Exploit DB Packet Storm
5 7.5 HIGH
Network 		apache apache-airflow-providers-ftp The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but never called `prot_p()`, so although the control channel was TLS-protected the data channel was tran… New CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-49486 2026-06-27 03:58 2026-06-26 Show GitHub Exploit DB Packet Storm
6 5.4 MEDIUM
Network 		jupyter jupyter_server Jupyter Server is the backend for Jupyter web applications. Prior to 2.20, the nbconvert HTTP handlers in jupyter_server render user-authored notebook HTML under the Jupyter origin without a sandbox … New CWE-79
CWE-1021
Cross-site Scripting
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2026-44727 2026-06-27 03:57 2026-06-23 Show GitHub Exploit DB Packet Storm
7 7.8 HIGH
Local 		freebsd freebsd The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by se… New CWE-123
 Write-what-where Condition 		CVE-2026-45257 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
8 8.8 HIGH
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:from-archive and certs:add commands extract user-supplied tar/zip archives into temporary directories without sanitizing member paths or preve… New CWE-59
Link Following 		CVE-2026-45405 2026-06-27 03:56 2026-06-27 Show GitHub Exploit DB Packet Storm
9 5.5 MEDIUM
Local 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKU_ROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the net… New CWE-522
 Insufficiently Protected Credentials 		CVE-2026-45407 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm
10 9.0 CRITICAL
Network 		dokku dokku Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex (^[a-z0-9][^/:_A-Z]*$) permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted ap… New CWE-78
OS Command  		CVE-2026-45408 2026-06-27 03:55 2026-06-27 Show GitHub Exploit DB Packet Storm