Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201321 8.8 重要
Network 		GitLab.org - Gitlab の偽装の機能における他のユーザとして "ログイン" される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-4340 2017-02-8 18:15 2016-05-2 Show GitHub Exploit DB Packet Storm
201322 9.8 緊急
Network 		Magento, Inc. - Magento CE および EE における PHP オブジェクトインジェクション攻撃を実行される脆弱性 CWE-74
インジェクション 		CVE-2016-4010 2017-02-8 17:23 2016-05-17 Show GitHub Exploit DB Packet Storm
201323 9.8 緊急
Network 		LibGD project - GD Graphics ライブラリの gdImageWebPtr 関数におけるメモリ二重解放の脆弱性 CWE-415
二重解放 		CVE-2016-6912 2017-02-8 17:03 2016-08-17 Show GitHub Exploit DB Packet Storm
201324 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 エミュレータにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9386 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201325 6 警告
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen の x86 セグメントベースの書き込みのエミュレーション機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9385 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201326 8.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における任意のメモリを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9383 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201327 7.8 重要
Local 		シトリックス・システムズ
Xen プロジェクト		 - Xen における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9382 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201328 7.5 重要
Local 		シトリックス・システムズ
Fabrice Bellard		 - Xen の QEMU における権限を取得される脆弱性 CWE-264
CWE-362
CVE-2016-9381 2017-02-8 16:53 2016-11-22 Show GitHub Exploit DB Packet Storm
201329 8.8 重要
Adjacent 		Ubiquiti Networks - Ubiquiti Networks UniFi におけるデータベースを変更される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-7792 2017-02-8 16:52 2016-09-30 Show GitHub Exploit DB Packet Storm
201330 7.5 重要
Network 		jwt project - jwt の Encryption/Symmetric.php の verify 関数における署名を偽造される脆弱性 CWE-361
時間とステータス 		CVE-2016-7037 2017-02-8 16:50 2016-09-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 7.9 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally. New CWE-693
 Protection Mechanism Failure 		CVE-2026-48570 2026-06-11 02:17 2026-06-10 Show GitHub Exploit DB Packet Storm
532 4.4 MEDIUM
Local 		- - Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge() function during the variable merging pass. Attackers can trigger this vulnerability by crafti… New CWE-416
 Use After Free 		CVE-2026-52757 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
533 7.8 HIGH
Local 		- - Ghidra before 12.0.2 contains a path traversal vulnerability in the extension installer that fails to validate ZIP entry names during extraction. Attackers can craft malicious extensions with travers… New CWE-22
Path Traversal 		CVE-2026-52752 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
534 5.5 MEDIUM
Local 		- - Ghidra 10.2 before 12.1 contains an uncontrolled resource consumption vulnerability in ExportTrie.parseTrie() that lacks cycle detection when traversing Mach-O binary export tries. A crafted Mach-O b… New CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-49495 2026-06-11 02:16 2026-06-10 Show GitHub Exploit DB Packet Storm
535 5.4 MEDIUM
Network 		- - Umbraco is an ASP.NET CMS. Prior to versions 13.14.0 and 17.4.0, some of the Surface Controllers in the CMS provide to support member related operations fail to validate redirect URLs, making Razor t… New CWE-601
Open Redirect 		CVE-2026-46616 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
536 4.6 MEDIUM
Network 		- - Umbraco is an ASP.NET CMS. From version 14.0.0 to before version 17.4.0, authenticated users are able to inject HTML into an input field, which is rendered in the confirmation dialog without proper o… New CWE-79
Cross-site Scripting 		CVE-2026-46609 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
537 8.3 HIGH
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unau… New CWE-287
CWE-306
CWE-697
Improper Authentication
Missing Authentication for Critical Function
 Incorrect Comparison 		CVE-2026-45567 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
538 6.1 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or … New CWE-601
Open Redirect 		CVE-2026-45566 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
539 6.5 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45561 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm
540 6.1 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, wrap_line (app/modules/common/common.py:181-186) and highlight_word (app/modules/… New CWE-79
Cross-site Scripting 		CVE-2026-45560 2026-06-11 02:16 2026-06-11 Show GitHub Exploit DB Packet Storm