Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 15, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
217601 5.4 警告 lazyer - Android 用 Doodle Drop アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6017 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217602 5.4 警告 celluloidapp - Android 用 Celluloid アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6016 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217603 5.4 警告 tucarro - Android 用 TuCarro アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6015 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217604 5.4 警告 ingen-studios - Android 用 Conquest Of Fantasia アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6014 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217605 5.4 警告 nuphoto - Android 用 nuSquare アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6013 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217606 5.4 警告 toddm - Android 用 Gravity Bounce アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6012 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217607 5.4 警告 formnage - Android 用 cutprice アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6011 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217608 5.4 警告 awesomewidgets - Android 用 Rasta Weed Widgets HD アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6010 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217609 5.4 警告 zombie detector project - Android 用 Zombie Detector アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6009 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
217610 5.4 警告 secondfiction - Android 用 Blitz Bingo アプリケーションにおけるサーバになりすまされる脆弱性 CWE-310
暗号の問題 		CVE-2014-6008 2014-12-17 09:57 2014-09-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1111 - - - Reliance on IP Address for Authentication vulnerability in Erlang/OTP ssl (inet_tls_dist module) allows unauthenticated bypass of the distribution-over-TLS LAN allowlist. The inet_tls_dist:check_ip/… CWE-863
CWE-1025
 Incorrect Authorization
 Comparison Using Wrong Factors 		CVE-2026-48860 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1112 - - - Observable Timing Discrepancy vulnerability in Erlang/OTP ssh (ssh_auth, ssh_options modules) allows unauthenticated remote username enumeration via timing side-channel in password authentication. W… CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-48859 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1113 4.3 MEDIUM
Network 		google chrome Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) CWE-457
 Use of Uninitialized Variable 		CVE-2026-11668 2026-06-11 01:17 2026-06-9 Show GitHub Exploit DB Packet Storm
1114 - - - Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request… CWE-601
Open Redirect 		CVE-2026-48856 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1115 - - - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The SSH_FXP_READLINK handler in ssh_sftpd sends the raw result of… CWE-200
Information Exposure 		CVE-2026-48855 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1116 - - - Crawlee is a web scraping and browser automation library. From version 1.0.0 to before version 1.7.0, Crawlee is vulnerable to SSRF via sitemap-derived URLs. This issue has been patched in version 1.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-46497 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1117 8.1 HIGH
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString (app/modules/roxywi/class_models.py:16-30) is the centralised Pydan… CWE-20
CWE-22
CWE-117
 Improper Input Validation 
Path Traversal
 Improper Output Neutralization for Logs 		CVE-2026-45565 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1118 8.8 HIGH
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions/<service>/<server_ip>/<configver>/save interpolates the URL… CWE-78
OS Command  		CVE-2026-45564 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1119 4.3 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, GET /history/<service>/<server_ip> re-uses the server_ip path parameter as a user… CWE-639
CWE-863
 Authorization Bypass Through User-Controlled Key
 Incorrect Authorization 		CVE-2026-45563 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm
1120 4.9 MEDIUM
Network 		- - Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, get_ldap_email (app/modules/roxywi/user.py:120-157) builds the LDAP search filter… CWE-90
LDAP Injection 		CVE-2026-45559 2026-06-11 01:17 2026-06-11 Show GitHub Exploit DB Packet Storm