Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
216681 9.3 危険 マイクロソフト - Microsoft Internet Explorer 11 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2015-1665 2015-04-16 15:42 2015-04-14 Show GitHub Exploit DB Packet Storm
216682 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 から 11 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2015-1666 2015-04-16 15:42 2015-04-14 Show GitHub Exploit DB Packet Storm
216683 9.3 危険 マイクロソフト - Microsoft Internet Explorer 8 から 11 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2015-1667 2015-04-16 15:42 2015-04-14 Show GitHub Exploit DB Packet Storm
216684 9.3 危険 マイクロソフト - Microsoft Internet Explorer 10 および 11 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題
CVE-2015-1668 2015-04-16 15:42 2015-04-14 Show GitHub Exploit DB Packet Storm
216685 4.3 警告 マイクロソフト - Microsoft Project Server 2010 および 2013 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-1640 2015-04-16 15:39 2015-04-14 Show GitHub Exploit DB Packet Storm
216686 4.3 警告 マイクロソフト - Microsoft SharePoint Foundation 2013 および SharePoint Server 2013 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-1653 2015-04-16 15:39 2015-04-14 Show GitHub Exploit DB Packet Storm
216687 4.3 警告 アドビシステムズ - Adobe ColdFusion におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-0345 2015-04-16 12:09 2015-04-14 Show GitHub Exploit DB Packet Storm
216688 7.1 危険 MediaWiki - MediaWiki におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2015-2942 2015-04-15 17:15 2015-03-31 Show GitHub Exploit DB Packet Storm
216689 4.3 警告 MediaWiki - MediaWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-2941 2015-04-15 17:15 2015-03-31 Show GitHub Exploit DB Packet Storm
216690 4.3 警告 MediaWiki - MediaWiki におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2015-2938 2015-04-15 17:15 2015-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1791 5.4 MEDIUM
Network
- - Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to… CWE-434
 Unrestricted Upload of File with Dangerous Type 
CVE-2026-53948 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1792 5.3 MEDIUM
Network
- - Ghost is a Node.js content management system. From 5.46.1 until 6.21.2, the validation applied to filters on the public API endpoints could be partially bypassed, making it possible to reveal private… CWE-200
CWE-693
Information Exposure
 Protection Mechanism Failure
CVE-2026-53949 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1793 7.5 HIGH
Network
- - @tryghost/activitypub is Ghost’s social/federation client app. Prior to 3.1.0, the ActivityPub client in Ghost was vulnerable to JavaScript injection on posts shared by a maliciously customised Activ… CWE-79
Cross-site Scripting
CVE-2026-53950 2026-06-26 01:07 2026-06-25 Show GitHub Exploit DB Packet Storm
1794 5.7 MEDIUM
Network
- - Jellyfin is an open source self hosted media server. Prior to 10.11.9, a potential XSS attack exists in Jellyfin which can allow a non-privileged user to execute arbitrary Javascript in the context o… CWE-79
Cross-site Scripting
CVE-2026-49220 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1795 9.6 CRITICAL
Network
- - Ghost is a Node.js content management system. From until 6.37.0, when Ghost is behind a shared caching layer that results in cached content being shared between different visitors, an unauthenticate… CWE-524
 Use of Cache Containing Sensitive Information
CVE-2026-53943 2026-06-26 01:06 2026-06-25 Show GitHub Exploit DB Packet Storm
1796 4.3 MEDIUM
Network
- - An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default. CWE-400
 Uncontrolled Resource Consumption
CVE-2026-42005 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1797 7.5 HIGH
Network
- - A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning. CWE-349
 Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2026-33612 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1798 3.7 LOW
Network
- - An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid output to be produced in the prometheus endpoint. The pr… CWE-116
 Improper Encoding or Escaping of Output
CVE-2026-40011 2026-06-26 01:00 2026-06-25 Show GitHub Exploit DB Packet Storm
1799 3.7 LOW
Network
- - An attacker might be able to delay the processing of DoH3 queries by sending DoH3 GET queries with an invalid DATA frame. CWE-705
 Incorrect Control Flow Scoping
CVE-2026-40208 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm
1800 5.3 MEDIUM
Network
- - An attacker might be able to cause outgoing TCP connections to backend to be stuck until a timeout occurs instead of being released immediately, by sending IXFR queries. This could be used to cause a… CWE-772
 Missing Release of Resource after Effective Lifetime
CVE-2026-40209 2026-06-26 00:59 2026-06-25 Show GitHub Exploit DB Packet Storm