Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198051 8.8 重要
Network 		Erik de Castro Lopo - libsndfile におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-6892 2017-07-7 15:05 2017-05-23 Show GitHub Exploit DB Packet Storm
198052 5.5 警告
Local 		シスコシステムズ - Cisco Ultra Services Platform の ConfD サーバにおける重要な情報を閲覧される脆弱性 CWE-200
情報漏えい 		CVE-2017-6695 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198053 5.5 警告
Local 		シスコシステムズ - Cisco Ultra Services Platform の VNFM のログイン機能における重要なデータ を閲覧される脆弱性 CWE-200
情報漏えい 		CVE-2017-6694 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198054 8.8 重要
Network 		シスコシステムズ - Cisco Ultra Services Framework Element Manager における root ユーザの権限でデバイスにログインされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2017-6692 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198055 8.8 重要
Network 		シスコシステムズ - Cisco Ultra Services Framework Element Manager におけるデフォルトの認証情報を使用してシステムにログインされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2017-6687 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198056 8.8 重要
Network 		シスコシステムズ - Cisco Ultra Services Framework Element Manager における管理者または oper ユーザとしてログインされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2017-6686 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198057 6.1 警告
Network 		シスコシステムズ - Cisco Industrial Network Director の Web インターフェースにおける反射型クロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6675 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198058 7.5 重要
Network 		シスコシステムズ - Cisco FirePOWER システムソフトウェアの feature-license 管理機能におけるデバイスに設定された URL フィルタを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6674 2017-07-7 14:34 2017-05-24 Show GitHub Exploit DB Packet Storm
198059 6.5 警告
Network 		シスコシステムズ - Cisco FirePOWER Management Center におけるユーザの情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-6673 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
198060 7.5 重要
Network 		シスコシステムズ - Cisco Email Security Appliance 用 Cisco AsyncOS ソフトウェアにおけるデバイス上で設定されたフィルタを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2017-6671 2017-07-7 14:34 2017-06-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
281 5.3 MEDIUM
Network 		- - Unauthenticated Content Injection in Auros Core <= 5.3.1 versions. Update CWE-80
Basic XSS 		CVE-2025-64637 2026-06-30 01:16 2026-06-27 Show GitHub Exploit DB Packet Storm
282 9.8 CRITICAL
Network 		rclone rclone Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requ… Update CWE-306
CWE-78
Missing Authentication for Critical Function
OS Command  		CVE-2026-49980 2026-06-30 01:11 2026-06-25 Show GitHub Exploit DB Packet Storm
283 2.7 LOW
Network 		appsmith appsmith Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 1.99, the POST /api/v1/admin/send-test-email endpoint accepts attacker-controlled smtpHost and smtpPort values a… Update CWE-209
CWE-918
Information Exposure Through an Error Message
Server-Side Request Forgery (SSRF)  		CVE-2026-49979 2026-06-30 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
284 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2024-11171 (commit bb58a2d0) added limits: { fileSize } to createMulterInstance() in th… Update CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-54024 2026-06-30 01:03 2026-06-26 Show GitHub Exploit DB Packet Storm
285 5.4 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability in LibreChat's markdown artifact preview pipeline. The marked library v15.0.12… Update CWE-79
Cross-site Scripting 		CVE-2026-54025 2026-06-30 01:02 2026-06-26 Show GitHub Exploit DB Packet Storm
286 7.1 HIGH
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring an… Update CWE-306
Missing Authentication for Critical Function 		CVE-2026-54040 2026-06-30 01:00 2026-06-26 Show GitHub Exploit DB Packet Storm
287 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/for… Update CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-54037 2026-06-30 00:54 2026-06-26 Show GitHub Exploit DB Packet Storm
288 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This U… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54033 2026-06-30 00:39 2026-06-26 Show GitHub Exploit DB Packet Storm
289 6.5 MEDIUM
Network 		librechat librechat LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the DELETE /api/messages/:conversationId/:messageId endpoint allows any authenticated user to delete an… Update CWE-862
 Missing Authorization 		CVE-2026-54029 2026-06-30 00:36 2026-06-26 Show GitHub Exploit DB Packet Storm
290 5.4 MEDIUM
Network 		- - nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and … New CWE-444
HTTP Request Smuggling 		CVE-2026-58055 2026-06-30 00:16 2026-06-28 Show GitHub Exploit DB Packet Storm