Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
200151	6.1	警告 Network	Poodll.com.	-	Moodle 用 PoodLL Filter プラグインにおける任意の HTML およびスクリプトコードを実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5945	2017-03-16 17:54	2017-01-9	Show	GitHub Exploit DB Packet Storm

200152	5.4	警告 Network	Tenable, Inc.	-	Tenable Log Correlation Engine におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9261	2017-03-16 17:53	2016-09-7	Show	GitHub Exploit DB Packet Storm

200153	5.4	警告 Network	Tenable, Inc.	-	Tenable Nessus におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-9259	2017-03-16 17:53	2016-11-9	Show	GitHub Exploit DB Packet Storm

200154	6.1	警告 Network	Emoncms	-	Emoncms における任意の HTML およびスクリプトコードを実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5964	2017-03-16 17:51	2017-02-12	Show	GitHub Exploit DB Packet Storm

200155	5.5	警告 Local	Fabrice Bellard	-	Virtio GPU Device エミュレーションサポートでビルドされた QEMU におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-10029	2017-03-16 17:51	2016-05-23	Show	GitHub Exploit DB Packet Storm

200156	5.5	警告 Local	Fabrice Bellard	-	Virtio GPU Device エミュレーションサポートでビルドされた QEMU におけるサービス運用妨害 (DoS) の脆弱性	CWE-125 境界外読み取り	CVE-2016-10028	2017-03-16 17:51	2016-05-23	Show	GitHub Exploit DB Packet Storm

200157	7.5	重要 Network	NVIDIA Advanced Micro Devices (AMD) Allwinner Technology Co. Ltd. インテルサムスン	-	ARM プロセッサにおけるサイドチャネル攻撃を実行される脆弱性	CWE-200 情報漏えい	CVE-2017-5927	2017-03-16 17:49	2017-02-27	Show	GitHub Exploit DB Packet Storm

200158	7.5	重要 Network	NVIDIA Advanced Micro Devices (AMD) Allwinner Technology Co. Ltd. インテルサムスン	-	AMD プロセッサにおけるサイドチャネル攻撃を実行される脆弱性	CWE-200 情報漏えい	CVE-2017-5926	2017-03-16 17:49	2017-02-27	Show	GitHub Exploit DB Packet Storm

200159	7.5	重要 Network	NVIDIA Advanced Micro Devices (AMD) Allwinner Technology Co. Ltd. インテルサムスン	-	インテルプロセッサにおけるサイドチャネル攻撃を実行される脆弱性	CWE-200 情報漏えい	CVE-2017-5925	2017-03-16 17:49	2017-02-27	Show	GitHub Exploit DB Packet Storm

200160	6.1	警告 Network	PhreeSoft	-	PhreeBooksERP における任意の HTML およびスクリプトコードを実行される脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2017-5990	2017-03-16 17:49	2017-02-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
531	7.5	HIGH Network	-	-	IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-7787	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

532	8.8	HIGH Network	-	-	Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template inj… New	CWE-94 Code Injection	CVE-2026-50223	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

533	8.6	HIGH Network	-	-	Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validati… New	CWE-918 CWE-1286 CWE-1389 Server-Side Request Forgery (SSRF) Improper Validation of Syntactic Correctness of Input	CVE-2026-50131	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

534	6.5	MEDIUM Network	-	-	IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against… New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2026-4096	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

535	3.7	LOW Network	-	-	Shopware is an open commerce platform. Prior to versions 6.6.10.18 and 6.7.10.1, an attacker is able to enumerate the usernames of administrator users by performing a timing attack. Versions 6.6.10.1… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48011	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

536	5.3	MEDIUM Network	-	-	Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, the russh server authentication path keeps internal userauth state across SSH_MSG_USERAUTH_REQUEST me… New	CWE-287 Improper Authentication	CVE-2026-46705	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

537	7.5	HIGH Network	-	-	libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.j… New	CWE-20 CWE-400 CWE-401 Improper Input Validation Uncontrolled Resource Consumption Missing Release of Memory after Effective Lifetime	CVE-2026-46679	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

538	7.5	HIGH Network	-	-	Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh rele… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-46673	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

539	-		-	-	OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theor… New	CWE-20 Improper Input Validation	CVE-2026-46669	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

540	3.6	LOW Local	-	-	bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allo… New	CWE-22 CWE-193 Path Traversal Off-by-one Error	CVE-2026-45380	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm