Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2111 7.5 重要
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける複数の脆弱性 CWE-125
CWE-20
CWE-787
CVE-2026-49475 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2112 9.1 緊急
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける複数の脆弱性 CWE-122
CWE-195
CWE-20
CWE-787
CVE-2026-49840 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2113 9.8 緊急
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける複数の脆弱性 CWE-122
CWE-131
CVE-2026-49841 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2114 7.5 重要
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-49842 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2115 5.3 警告
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-49843 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2116 7.5 重要
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-49847 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2117 4.3 警告
Network 		FreeSWITCH FreeSWITCH FreeSWITCHにおける認証に関する脆弱性 CWE-287
不適切な認証 		CVE-2026-49848 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2118 7.5 重要
Network 		Apache Software Foundation
Debian
F5 Networks		 Apache HTTP Server
nginx
Debian GNU/Linux 		Apache Software Foundation等の複数ベンダの製品における過剰なサイズ値のメモリ割り当てに関する脆弱性 CWE-789
過剰なサイズ値のメモリ割り当て 		CVE-2026-49975 2026-06-11 16:15 2026-06-8 Show GitHub Exploit DB Packet Storm
2119 6.8 警告
Physics 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows Server 2012
Microsoft Windows 11 24h2
Microsoft Windows 10 21h2
Microsoft Wind… 		Windows BitLocker セキュリティ機能バイパスの脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-50507 2026-06-11 16:15 2026-06-9 Show GitHub Exploit DB Packet Storm
2120 9.1 緊急
Network 		BINARY DataDog::DogStatsd BINARYのDataDog::DogStatsdにおける複数の脆弱性 CWE-150
CWE-93
CVE-2026-46719
CVE-2026-46720
CVE-2026-46741
CVE-2026-9270 		2026-06-11 16:15 2026-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1071 6.5 MEDIUM
Network 		- - The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staff_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the u… New CWE-89
SQL Injection 		CVE-2026-2508 2026-06-25 22:26 2026-06-25 Show GitHub Exploit DB Packet Storm
1072 6.5 MEDIUM
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gat… New CWE-639
CWE-863
 Authorization Bypass Through User-Controlled Key
 Incorrect Authorization 		CVE-2026-54324 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1073 7.0 HIGH
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private coul… New CWE-613
CWE-863
 Insufficient Session Expiration
 Incorrect Authorization 		CVE-2026-54321 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1074 4.2 MEDIUM
Network 		- - Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, … New CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-52846 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1075 7.6 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, Open WebUI patched SVG XSS in user profile images and webhook profile images but for… New CWE-79
CWE-116
CWE-693
Cross-site Scripting
 Improper Encoding or Escaping of Output
 Protection Mechanism Failure 		CVE-2026-54013 2026-06-25 22:06 2026-06-24 Show GitHub Exploit DB Packet Storm
1076 - - - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walk_s1() and kvm_walk_nested_s2() expect… New - CVE-2026-53277 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1077 - - - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: ISO: Fix a use-after-free of the hci_conn pointer In iso_sock_rebind_bc(), the bis pointer is cached, then the socket … New - CVE-2026-53276 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1078 - - - In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: Fix use-after-free when processing MLD queries When processing an MLD query, a pointer to the multicast group addres… New - CVE-2026-53275 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1079 - - - In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS A logic flaw in __smc_setsockopt() allows a local unprivil… New - CVE-2026-53274 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1080 - - - In the Linux kernel, the following vulnerability has been resolved: tee: optee: prevent use-after-free when the client exits before the supplicant Commit 70b0d6b0a199 ("tee: optee: Fix supplicant w… New - CVE-2026-53273 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm