Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2051 8.8 重要
Network 		Vim Vim Vimにおける複数の脆弱性 CWE-74
CWE-94
CVE-2026-47162 2026-06-15 11:16 2026-06-11 Show GitHub Exploit DB Packet Storm
2052 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11 26h1
Microsoft Windows 10 21h2
Microsoft … 		リモート デスクトップ クライアントのリモートでコードが実行される脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-47289 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2053 8 重要
Network 		マイクロソフト Microsoft SharePoint Server Microsoft SharePoint Server のリモートでコードが実行される脆弱性 CWE-285
不適切な認可 		CVE-2026-47298 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2054 8.8 重要
Network 		Apache Software Foundation Apache OFBiz Apache Software FoundationのApache OFBizにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-47342 2026-06-15 11:16 2026-06-10 Show GitHub Exploit DB Packet Storm
2055 8.8 重要
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11 26h1
Microsoft Windows 10 21h2
Microsoft … 		リモート デスクトップ クライアントのリモートでコードが実行される脆弱性 CWE-416
CWE-787
CVE-2026-47653 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2056 7.5 重要
Network 		マイクロソフト Microsoft Windows Server 2016
Microsoft Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows Server 2025 		リモート デスクトップ クライアントのリモートでコードが実行される脆弱性 CWE-416
CWE-787
CVE-2026-47654 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2057 7.8 重要
Local 		アドビシステムズ Adobe Acrobat Reader DC
Adobe Acrobat DC
Adobe Acrobat 		アドビのAdobe Acrobat等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-47915 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2058 7.8 重要
Local 		アドビシステムズ Adobe Acrobat Reader DC
Adobe Acrobat DC
Adobe Acrobat 		アドビのAdobe Acrobat等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-47916 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2059 7.8 重要
Local 		アドビシステムズ Adobe Acrobat Reader DC
Adobe Acrobat DC
Adobe Acrobat 		アドビのAdobe Acrobat等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-47917 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
2060 7.8 重要
Local 		アドビシステムズ Adobe Acrobat Reader DC
Adobe Acrobat DC
Adobe Acrobat 		アドビのAdobe Acrobat等の複数製品における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-47918 2026-06-15 11:16 2026-06-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1121 - - - Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI plat… CWE-20
 Improper Input Validation  		CVE-2026-12537 2026-06-26 04:51 2026-06-24 Show GitHub Exploit DB Packet Storm
1122 8.8 HIGH
Network 		- - Hydra through 9.7, fixed in commit 9cc84c2, contains a stack buffer overflow in NTLM authentication across SMTP, POP3, IMAP, NNTP, HTTP, HTTP-Proxy, and HTTP-Proxy-Urlenum modules when processing mal… CWE-121
Stack-based Buffer Overflow 		CVE-2026-56766 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1123 8.5 HIGH
Network 		- - Huly Platform through 0.7.423, fixed in commit 68cbf8a contains an authenticated server-side request forgery vulnerability in the /import endpoint of front pod that allows workspace users to make arb… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-56769 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1124 4.3 MEDIUM
Network 		- - NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary user_id values to the GET /social/inter… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-56772 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1125 6.4 MEDIUM
Network 		- - MaxKB before 2.10.0 contains a server-side request forgery vulnerability in tool creation and update endpoints that allows authenticated users to make arbitrary server requests by supplying unvalidat… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-56779 2026-06-26 04:50 2026-06-26 Show GitHub Exploit DB Packet Storm
1126 8.8 HIGH
Network 		- - Seahub before 13.0.23 does not enforce SHARE_LINK_LOGIN_REQUIRED on GET /api/v2.1/share-link-zip-task/, allowing unauthenticated users to bypass authentication. Attackers with a folder share-link tok… CWE-862
 Missing Authorization 		CVE-2026-56768 2026-06-26 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
1127 7.5 HIGH
Network 		- - libais through 0.15 VdmStream::AddLine uses an unchecked sentinel value as a vector index when processing AIS sentences with empty or out-of-range sequential message IDs. Remote attackers can crash s… CWE-129
 Improper Validation of Array Index 		CVE-2026-56770 2026-06-26 04:48 2026-06-26 Show GitHub Exploit DB Packet Storm
1128 6.5 MEDIUM
Local 		- - An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on hypervisor host environments (e.g., QEMU) allows a pr… CWE-125
Out-of-bounds Read 		CVE-2026-9539 2026-06-26 04:26 2026-06-24 Show GitHub Exploit DB Packet Storm
1129 8.2 HIGH
Network 		- - FlatPress contains a stored cross-site scripting vulnerability in comment and contact forms where name, URL, and email fields are rendered without proper output encoding in Smarty templates. Attacker… CWE-79
Cross-site Scripting 		CVE-2026-56785 2026-06-26 04:25 2026-06-24 Show GitHub Exploit DB Packet Storm
1130 6.5 MEDIUM
Network 		- - Tiptap for PHP before version 2.1.1 contains an input validation vulnerability that allows authenticated attackers to cause a denial of service by submitting Tiptap JSON with the attrs.href field set… CWE-241
 Improper Handling of Unexpected Data Type 		CVE-2026-47110 2026-06-26 04:25 2026-06-25 Show GitHub Exploit DB Packet Storm