Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
224081 7.5 危険 シマンテック - Symantec LiveUpdate Administrator の管理 GUI の forcepasswd.do における任意のパスワードをリセットされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2014-1644 2014-04-1 16:16 2014-03-27 Show GitHub Exploit DB Packet Storm
224082 6.1 警告 シスコシステムズ - Cisco IOS のパケットドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2014-2131 2014-04-1 16:15 2014-03-31 Show GitHub Exploit DB Packet Storm
224083 6.8 警告 マイクロソフト - Microsoft Windows Media Player におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-2671 2014-04-1 16:01 2014-03-24 Show GitHub Exploit DB Packet Storm
224084 4.3 警告 レッドハット - JBoss RichFaces の webapp/PushHandlerFilter.java の doFilter 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0086 2014-04-1 14:27 2014-02-26 Show GitHub Exploit DB Packet Storm
224085 5.1 警告 Novell
Igor Sysoev		 - nginx の SPDY の実装におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2014-0133 2014-04-1 13:38 2014-03-18 Show GitHub Exploit DB Packet Storm
224086 4.3 警告 gpEasy - gpEasy CMS の include/tool/editing_page.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0807 2014-04-1 12:24 2013-01-3 Show GitHub Exploit DB Packet Storm
224087 4.3 警告 WP Symposium - WordPress 用の WP Symposium プラグインの invite.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2695 2014-04-1 12:24 2013-04-12 Show GitHub Exploit DB Packet Storm
224088 5.8 警告 WP Symposium - WordPress 用の WP Symposium プラグインの invite.php におけるオープンリダイレクトの脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2694 2014-04-1 12:23 2013-04-12 Show GitHub Exploit DB Packet Storm
224089 4.3 警告 Cartpauj.com - WordPress 用 Mingle Forum プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0734 2014-04-1 12:23 2013-02-20 Show GitHub Exploit DB Packet Storm
224090 5.8 警告 シーメンス - Siemens SIMATIC S7-1500 CPU PLC デバイスの統合 Web サーバにおけるヘッダを挿入される脆弱性 CWE-Other
その他 		CVE-2014-2247 2014-03-31 15:09 2014-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1471 5.9 MEDIUM
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verificati… New CWE-295
Improper Certificate Validation  		CVE-2026-54323 2026-06-25 01:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1472 8.4 HIGH
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.184.0, organization invitations could be accepted (and declined) by a user whose… New CWE-287
CWE-863
Improper Authentication
 Incorrect Authorization 		CVE-2026-54320 2026-06-25 01:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1473 8.1 HIGH
Network 		- - Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, forward_auth copy_headers deletes the exact client-supplied identity header before copying the trusted value from the… New CWE-287
CWE-290
CWE-444
Improper Authentication
 Authentication Bypass by Spoofing
HTTP Request Smuggling 		CVE-2026-52845 2026-06-25 01:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1474 8.8 HIGH
Network 		- - NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands as root by … New CWE-78
OS Command  		CVE-2026-35018 2026-06-25 01:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1475 9.6 CRITICAL
Network 		autodesk fusion A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary c… New CWE-94
Code Injection 		CVE-2026-10789 2026-06-25 00:30 2026-06-23 Show GitHub Exploit DB Packet Storm
1476 9.6 CRITICAL
Network 		microsoft exchange_online Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. New CWE-862
 Missing Authorization 		CVE-2026-48582 2026-06-25 00:24 2026-06-20 Show GitHub Exploit DB Packet Storm
1477 10.0 CRITICAL
Network 		microsoft azure_active_directory Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network. New CWE-287
Improper Authentication 		CVE-2026-45480 2026-06-25 00:23 2026-06-20 Show GitHub Exploit DB Packet Storm
1478 8.8 HIGH
Network 		microsoft azure_ai_bot_service Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. New CWE-287
Improper Authentication 		CVE-2026-32174 2026-06-25 00:19 2026-06-19 Show GitHub Exploit DB Packet Storm
1479 6.5 MEDIUM
Network 		- - OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can … New CWE-862
 Missing Authorization 		CVE-2026-56695 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1480 5.5 MEDIUM
Local 		- - NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment file… New CWE-59
Link Following 		CVE-2026-56692 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm