Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 5.5 警告
Network 		Grokability, Inc. Snipe-IT Grokability, Inc.のSnipe-ITにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-48493 2026-06-29 11:16 2026-06-23 Show GitHub Exploit DB Packet Storm
202 9.6 緊急
Network 		langflow langflow langflowにおけるコードインジェクションの脆弱性 New CWE-94
コード・インジェクション 		CVE-2026-48519 2026-06-29 11:16 2026-06-23 Show GitHub Exploit DB Packet Storm
203 6.1 警告
Network 		langflow langflow langflowにおけるファイル名やパス名の外部制御に関する脆弱性 New CWE-73
ファイル名やパス名の外部制御 		CVE-2026-48520 2026-06-29 11:15 2026-06-23 Show GitHub Exploit DB Packet Storm
204 7.5 重要
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおける認可されていない行為者への個人情報の漏えいに関する脆弱性 New CWE-359
認可されていないアクターへの個人情報の漏えい 		CVE-2026-48615 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
205 6.5 警告
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるUnicode エンコーディングの処理に関する脆弱性 New CWE-176
Unicode エンコーディングの不適切な処理 		CVE-2026-48618 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
206 7.5 重要
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるリソースの枯渇に関する脆弱性 New CWE-400
リソースの枯渇 		CVE-2026-48619 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
207 7.5 重要
Network 		protobufjs project protobufjs protobufjs projectのprotobufjsにおける再帰制御に関する脆弱性 New CWE-674
不適切な再帰制御 		CVE-2026-48712 2026-06-29 11:15 2026-06-22 Show GitHub Exploit DB Packet Storm
208 5.3 警告
Network 		Encode Starlette EncodeのStarletteにおけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性 New CWE-470
クラスまたはコードを選択する外部から制御された入力の使用 		CVE-2026-48817 2026-06-29 11:15 2026-06-17 Show GitHub Exploit DB Packet Storm
209 7.5 重要
Network 		Encode Starlette EncodeのStarletteにおけるサーバサイドのリクエストフォージェリの脆弱性 New CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-48818 2026-06-29 11:15 2026-06-17 Show GitHub Exploit DB Packet Storm
210 5.4 警告
Network 		Node.js Foundation Node.js Node.js FoundationのNode.jsにおけるアクセス制御に関する脆弱性 New CWE-284
不適切なアクセス制御 		CVE-2026-48928 2026-06-29 11:15 2026-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
362241 - open_source_development_network slashcode Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack. NVD-CWE-Other
CVE-2001-1535 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362242 - speedxess ha-120_dsl_router SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access. NVD-CWE-Other
CVE-2001-1538 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362243 - david_f._mischler iproute IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header. NVD-CWE-Other
CVE-2001-1540 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362244 - bsdi bsd_os Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument. NVD-CWE-Other
CVE-2001-1541 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362245 - axis 2100_network_camera
2110_network_camera
2120_network_camera
neteye_200
neteye_200\+ 		Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera. NVD-CWE-Other
CVE-2001-1543 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362246 - macromedia jrun Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request. NVD-CWE-Other
CVE-2001-1544 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362247 - macromedia jrun Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack session… NVD-CWE-Other
CVE-2001-1545 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362248 - microsoft outlook_express Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remot… NVD-CWE-Other
CVE-2001-1547 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362249 - zonelabs zonealarm ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. NVD-CWE-Other
CVE-2001-1548 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm
362250 - tiny_software tiny_personal_firewall Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters. NVD-CWE-Other
CVE-2001-1549 2008-09-6 05:26 2001-12-31 Show GitHub Exploit DB Packet Storm