Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
198811 7.5 重要
Network 		Atlassian - Atlassian Confluence における認証を回避される脆弱性 CWE-200
情報漏えい 		CVE-2017-7415 2017-06-2 16:49 2017-04-5 Show GitHub Exploit DB Packet Storm
198812 6.5 警告
Local 		Fabrice Bellard - QEMU の hw/9pfs/9p-xattr.c の v9fs_list_xattr 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2017-8086 2017-06-2 16:43 2017-04-10 Show GitHub Exploit DB Packet Storm
198813 8.8 重要
Local 		NVIDIA - NVIDIA GeForce Experience の NVIDIA Web Helper.exe におけるアプリケーション実行ポリシーを侵害される脆弱性 CWE-254
セキュリティ機能 		CVE-2017-6250 2017-06-2 16:36 2017-04-27 Show GitHub Exploit DB Packet Storm
198814 9.8 緊急
Network 		Linux - Linux Kernel の NFSv2/NFSv3 サーバの実装におけるポインタ演算エラーを誘発される脆弱性 CWE-189
数値処理の問題 		CVE-2017-7895 2017-06-2 16:31 2017-04-22 Show GitHub Exploit DB Packet Storm
198815 9.1 緊急
Network 		Technicolor - Technicolor DPC3928SL のファームウェアにおけるアクセス制御に関する脆弱性 CWE-284
不適切なアクセス制御 		CVE-2017-5135 2017-06-2 16:17 2017-04-4 Show GitHub Exploit DB Packet Storm
198816 7.5 重要
Network 		NetIQ
Novell		 - 複数の Novell および NetIQ 製品における暗号に関する脆弱性 CWE-310
暗号の問題 		CVE-2017-5186 2017-06-2 16:12 2017-04-27 Show GitHub Exploit DB Packet Storm
198817 7.5 重要
Network 		GNU Project - GNU Binutils の dwarf.c におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-8398 2017-06-2 16:03 2017-04-28 Show GitHub Exploit DB Packet Storm
198818 7.5 重要
Network 		GNU Project - GNU Binutils の Binary File Descriptor ライブラリにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-8397 2017-06-2 16:03 2017-04-26 Show GitHub Exploit DB Packet Storm
198819 7.5 重要
Network 		GNU Project - GNU Binutils の Binary File Descriptor ライブラリにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-8396 2017-06-2 16:03 2017-04-29 Show GitHub Exploit DB Packet Storm
198820 7.5 重要
Network 		GNU Project - GNU Binutils の Binary File Descriptor ライブラリにおける NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-8395 2017-06-2 16:03 2017-04-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1121 - - - Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI plat… New CWE-20
 Improper Input Validation  		CVE-2026-12537 2026-06-26 04:51 2026-06-24 Show GitHub Exploit DB Packet Storm
1122 8.8 HIGH
Network 		- - Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing mal… New CWE-121
Stack-based Buffer Overflow 		CVE-2026-56766 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1123 8.5 HIGH
Network 		- - Huly Platform through 0.7.423, fixed in commit 68cbf8a contains an authenticated server-side request forgery vulnerability in the /import endpoint of front pod that allows workspace users to make arb… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-56769 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1124 4.3 MEDIUM
Network 		- - NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary user_id values to the GET /social/inter… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-56772 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1125 6.4 MEDIUM
Network 		- - MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidat… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-56779 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1126 8.8 HIGH
Network 		- - Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link tok… New CWE-862
 Missing Authorization 		CVE-2026-56768 2026-06-26 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
1127 7.5 HIGH
Network 		- - libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash s… New CWE-129
 Improper Validation of Array Index 		CVE-2026-56770 2026-06-26 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
1128 6.5 MEDIUM
Local 		- - An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a pr… New CWE-125
Out-of-bounds Read 		CVE-2026-9539 2026-06-26 04:26 2026-06-24 Show GitHub Exploit DB Packet Storm
1129 8.2 HIGH
Network 		- - FlatPress contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attacker… New CWE-79
Cross-site Scripting 		CVE-2026-56785 2026-06-26 04:25 2026-06-24 Show GitHub Exploit DB Packet Storm
1130 6.5 MEDIUM
Network 		- - Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set… New CWE-241
 Improper Handling of Unexpected Data Type 		CVE-2026-47110 2026-06-26 04:25 2026-06-25 Show GitHub Exploit DB Packet Storm