Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205581 9.8 緊急
Network 		オラクル - Oracle Fusion Middleware の Oracle WebLogic Server における WLS Core Components に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3586 2016-07-27 14:16 2016-07-19 Show GitHub Exploit DB Packet Storm
205582 8.1 重要
Network 		オラクル - Oracle Fusion Middleware の Oracle TopLink における JPA-RS に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3564 2016-07-27 14:15 2016-07-19 Show GitHub Exploit DB Packet Storm
205583 7.6 重要
Network 		オラクル - Oracle Fusion Middleware の Oracle Business Intelligence Enterprise Edition における Analytics Web General に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3544 2016-07-27 14:15 2016-07-19 Show GitHub Exploit DB Packet Storm
205584 8.1 重要
Local 		オラクル - Oracle Java SE における Install に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3552 2016-07-27 10:59 2016-07-19 Show GitHub Exploit DB Packet Storm
205585 7.7 重要
Local 		オラクル - Oracle Java SE における Deployment に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3511 2016-07-27 10:59 2016-07-19 Show GitHub Exploit DB Packet Storm
205586 5.3 警告
Network 		オラクル - Oracle Java SE における JavaFX に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3498 2016-07-27 10:59 2016-07-19 Show GitHub Exploit DB Packet Storm
205587 9.8 緊急
Network 		オラクル - Oracle Virtualization の Oracle Secure Global Desktop における OpenSSL に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3613 2016-07-27 10:30 2016-07-19 Show GitHub Exploit DB Packet Storm
205588 9 緊急
Network 		オラクル - Oracle Database Server の OJVM における脆弱性 CWE-noinfo
情報不足 		CVE-2016-3609 2016-07-27 10:01 2016-07-19 Show GitHub Exploit DB Packet Storm
205589 7.6 重要
Network 		オラクル - Oracle Retail Applications の Oracle Retail Integration Bus における Install に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-5476 2016-07-27 09:57 2016-07-19 Show GitHub Exploit DB Packet Storm
205590 5.4 警告
Network 		オラクル - Oracle Retail Applications の Oracle Retail Order Broker における System Administration に関する脆弱性 CWE-noinfo
情報不足 		CVE-2016-3611 2016-07-27 09:57 2016-07-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1791 6.1 MEDIUM
Network 		- - Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver JAVA (JDBC Test Servlet), an unauthenticated attacker could craft a URL that embeds a malicious script. If a victim clicks… CWE-79
Cross-site Scripting 		CVE-2026-44746 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1792 9.9 CRITICAL
Network 		- - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2026-44748 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1793 4.3 MEDIUM
Network 		- - SAP MDG (Review Match Groups Application) does not perform the necessary authorization checks for authenticated users. This could allow a low-privileged user to perform actions that would otherwise b… CWE-862
 Missing Authorization 		CVE-2026-44750 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1794 7.1 HIGH
Network 		- - Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belongi… CWE-862
 Missing Authorization 		CVE-2026-44751 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1795 6.6 MEDIUM
Network 		- - The Remote Function Call (RFC) modules of the Operational Data Provisioning Data Replication API (ODP-RFC) are missing caller identification of permitted SAP-internal applications and are being used … CWE-862
 Missing Authorization 		CVE-2026-44754 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1796 4.3 MEDIUM
Network 		- - SAP Business Objects Business Intelligence Platform does not sufficiently validate email sending parameters supplied by authenticated users, resulting in an email spoofing vulnerability.This vulnerab… CWE-346
 Origin Validation Error 		CVE-2026-44755 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1797 4.7 MEDIUM
Network 		- - SAP Wily Introscope Enterprise Manager allows an unauthenticated attacker to craft a specially crafted URL. Under certain conditions, when accessed by a victim, the injected script could execute in t… CWE-79
Cross-site Scripting 		CVE-2026-44757 2026-06-9 11:08 2026-06-9 Show GitHub Exploit DB Packet Storm
1798 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, CustomTemplate create and update mass-assignment allows cross-workspace template takeo… CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46476 2026-06-9 11:06 2026-06-9 Show GitHub Exploit DB Packet Storm
1799 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, dataset create and update mass-assignment allows cross-workspace dataset takeover. Thi… CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46477 2026-06-9 11:06 2026-06-9 Show GitHub Exploit DB Packet Storm
1800 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, DatasetRow create and update mass-assignment allows cross-workspace row takeover. This… CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46478 2026-06-9 11:06 2026-06-9 Show GitHub Exploit DB Packet Storm