Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 13, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224271	7.4	危険	レッドハット	-	Red Hat Enterprise Virtualization Hypervisor などの製品で使用される libspice における任意の QEMU メモリを読まれるまたは書き込まれる脆弱性	CWE-119 バッファエラー	CVE-2010-0430	2014-01-6 15:23	2010-03-30	Show	GitHub Exploit DB Packet Storm

224272	4.3	警告	マイクロソフト	-	Windows XP 上で稼働する Microsoft Windows Movie Maker におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-4858	2014-01-6 15:03	2013-07-18	Show	GitHub Exploit DB Packet Storm

224273	9.3	危険	マイクロソフト	-	Microsoft Internet Explorer 9 および 10 における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-3846	2014-01-6 15:01	2013-07-9	Show	GitHub Exploit DB Packet Storm

224274	10	危険	Zimbra	-	Zimbra Collaboration Server におけるクリティカルな影響を受ける脆弱性	CWE-noinfo 情報不足	CVE-2013-7217	2013-12-27 11:55	2013-12-12	Show	GitHub Exploit DB Packet Storm

224275	5.2	警告	Xen プロジェクト	-	Xen の XEN_DOMCTL_getmemlist hypercall におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2013-4553	2013-12-27 11:31	2013-11-26	Show	GitHub Exploit DB Packet Storm

224276	5	警告	FFmpeg	-	FFmpeg の libavcodec/h264.c におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2013-4358	2013-12-27 11:26	2013-09-16	Show	GitHub Exploit DB Packet Storm

224277	2.6	注意	FFmpeg	-	FFmpeg の libavformat/utils.c の av_probe_input_buffer 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-6618	2013-12-27 11:25	2012-12-5	Show	GitHub Exploit DB Packet Storm

224278	4.3	警告	FFmpeg	-	FFmpeg の ffserver.c の prepare_sdp_description 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-DesignError	CVE-2012-6617	2013-12-27 11:24	2012-12-10	Show	GitHub Exploit DB Packet Storm

224279	5	警告	FFmpeg	-	FFmpeg の libavcodec/movtextdec.c の mov_text_decode_frame 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2012-6616	2013-12-27 11:24	2012-12-31	Show	GitHub Exploit DB Packet Storm

224280	4.3	警告	FFmpeg	-	FFmpeg の libavcodec/ass_split.c の ff_ass_split_override_codes 関数におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2012-6615	2013-12-27 11:23	2012-12-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
531	7.5	HIGH Network	-	-	IBM Langflow OSS 1.0.0 through 1.9.1 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-7787	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

532	8.8	HIGH Network	-	-	Improper Control of Generation of Code ('Code Injection') vulnerability in Apache OFBiz allows a low-privileged authenticated user with Content/DataResource editing privileges to perform template inj… New	CWE-94 Code Injection	CVE-2026-50223	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

533	8.6	HIGH Network	-	-	Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Fedify previously addressed SSRF/internal network access in GHSA-p9cg-vqcc-grcx by adding public URL validati… New	CWE-918 CWE-1286 CWE-1389 Server-Side Request Forgery (SSRF) Improper Validation of Syntactic Correctness of Input	CVE-2026-50131	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

534	6.5	MEDIUM Network	-	-	IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against… New	CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax	CVE-2026-4096	2026-06-12 01:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

535	3.7	LOW Network	-	-	Shopware is an open commerce platform. Prior to versions 6.6.10.18 and 6.7.10.1, an attacker is able to enumerate the usernames of administrator users by performing a timing attack. Versions 6.6.10.1… New	CWE-208 Information Exposure Through Timing Discrepancy	CVE-2026-48011	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

536	5.3	MEDIUM Network	-	-	Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, the russh server authentication path keeps internal userauth state across SSH_MSG_USERAUTH_REQUEST me… New	CWE-287 Improper Authentication	CVE-2026-46705	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

537	7.5	HIGH Network	-	-	libp2p is a JavaScript Implementation of libp2p networking stack. Prior to version 15.0.23, three cooperating omissions in @libp2p/gossipsub allow an unauthenticated single peer to exhaust the Node.j… New	CWE-20 CWE-400 CWE-401 Improper Input Validation Uncontrolled Resource Consumption Missing Release of Memory after Effective Lifetime	CVE-2026-46679	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

538	7.5	HIGH Network	-	-	Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh rele… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-46673	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

539	-		-	-	OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theor… New	CWE-20 Improper Input Validation	CVE-2026-46669	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm

540	3.6	LOW Local	-	-	bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.12, a one-byte off-by-one error in SafeOutPathBuilder::restoreSymlink() allo… New	CWE-22 CWE-193 Path Traversal Off-by-one Error	CVE-2026-45380	2026-06-12 01:16	2026-06-11	Show	GitHub Exploit DB Packet Storm