Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
213071	5	警告	Python Software Foundation	-	Pillow におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-9601	2015-08-31 17:31	2014-12-30	Show	GitHub Exploit DB Packet Storm

213072	5	警告	pcre.org 日立	-	PCRE におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2014-8964	2015-08-31 17:31	2014-11-18	Show	GitHub Exploit DB Packet Storm

213073	6.4	警告	Squid-cache.org	-	Squid の pinger における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2014-7142	2015-08-31 17:31	2014-09-15	Show	GitHub Exploit DB Packet Storm

213074	6.8	警告	Squid-cache.org	-	Squid の snmp_core.cc の snmpHandleUdp 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2014-6270	2015-08-31 17:31	2014-09-9	Show	GitHub Exploit DB Packet Storm

213075	5	警告	Squid-cache.org	-	Squid の HttpHdrRange.cc におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-3609	2015-08-31 17:31	2014-08-28	Show	GitHub Exploit DB Packet Storm

213076	5	警告	Squid-cache.org Novell	-	Squid におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2014-0128	2015-08-31 17:31	2014-03-9	Show	GitHub Exploit DB Packet Storm

213077	4.6	警告	The PHP Group	-	PHP における WSDL インジェクション攻撃を実行される脆弱性	CWE-Other その他	CVE-2013-6501	2015-08-31 17:31	2013-09-17	Show	GitHub Exploit DB Packet Storm

213078	5	警告	Ruby-lang.org	-	Ruby の REXML パーサの lib/rexml/text.rb におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-1821	2015-08-31 17:31	2013-02-22	Show	GitHub Exploit DB Packet Storm

213079	5	警告	The PHP Group アップル	-	PHP の ext/soap/soap.c 内の do_soap_call 関数における重要な情報を取得される脆弱性	CWE-20 不適切な入力確認	CVE-2015-4148	2015-08-31 17:05	2015-03-19	Show	GitHub Exploit DB Packet Storm

213080	7.5	危険	The PHP Group アップル	-	PHP の ext/soap/soap.c の SoapClient::__call メソッドにおける任意のコードを実行される脆弱性	CWE-Other その他	CVE-2015-4147	2015-08-31 17:05	2015-03-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
531	5.4	MEDIUM Network	-	-	Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authentica… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-56774	2026-06-26 07:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

532	7.5	HIGH Network	-	-	Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with… New	CWE-494 Download of Code Without Integrity Check	CVE-2021-47987	2026-06-26 07:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

533	8.8	HIGH Network	-	-	Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth … New	CWE-862 Missing Authorization	CVE-2026-56767	2026-06-26 06:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

534	-		-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allows arbitrary data: URIs without proper restrictions,… New	CWE-80 Basic XSS	CVE-2026-52816	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

535	3.5	LOW Network	-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, … New	CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-52796	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

536	4.9	MEDIUM Network	-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the … New	CWE-20 Improper Input Validation	CVE-2025-64719	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

537	7.1	HIGH Network	-	-	Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by expl… New	CWE-862 Missing Authorization	CVE-2026-57520	2026-06-26 05:22	2026-06-26	Show	GitHub Exploit DB Packet Storm

538	5.5	MEDIUM Local	-	-	Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit New	CWE-88 Argument Injection	CVE-2026-11968	2026-06-26 05:21	2026-06-24	Show	GitHub Exploit DB Packet Storm

539	8.0	HIGH Network	-	-	py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w… New	CWE-59 Link Following	CVE-2026-23879	2026-06-26 05:21	2026-06-25	Show	GitHub Exploit DB Packet Storm

540	7.2	HIGH Network	-	-	3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by … New	CWE-73 External Control of File Name or Path	CVE-2026-55477	2026-06-26 05:21	2026-06-26	Show	GitHub Exploit DB Packet Storm