Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
224941	6.8	警告	The phpMyAdmin Project	-	phpMyAdmin におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2418	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224942	7.5	危険	raydium	-	Raydium SVN におけるバッファオーバーフローの脆弱性	-	CVE-2006-2411	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224943	7.5	危険	FileZilla	-	FileZilla におけるバッファオーバーフローの脆弱性	-	CVE-2006-2403	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224944	5	警告	outgun	-	Outgun におけるバッファオーバーフローの脆弱性	-	CVE-2006-2402	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224945	5.8	警告	turnkey web tools	-	PHP Live Helper におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2394	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224946	7.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC Retrospect Client におけるバッファオーバーフローの脆弱性	-	CVE-2006-2391	2014-03-11 17:43	2006-05-16	Show	GitHub Exploit DB Packet Storm

224947	5.8	警告	vizra	-	Vizra におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2365	2014-03-11 17:43	2006-05-15	Show	GitHub Exploit DB Packet Storm

224948	4.3	警告	phpBB	-	phpBB におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2359	2014-03-11 17:43	2006-05-15	Show	GitHub Exploit DB Packet Storm

224949	2.6	注意	New Atlanta Communications, LLC.	-	Windows 用 BlueDragon Server および Server JX におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-2311	2014-03-11 17:43	2006-06-26	Show	GitHub Exploit DB Packet Storm

224950	6.4	警告	mirabilis	-	ICQ Client におけるクロスアプリケーションスクリプティングの脆弱性	-	CVE-2006-2303	2014-03-11 17:43	2006-05-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1891	7.1	HIGH Network	-	-	libde265 is an open source implementation of the h.265 video codec. Prior to version 1.1.0, a crafted H.265 bitstream with large SPS dimensions and 16-bit bit depth causes a signed integer overflow i…	CWE-190 Integer Overflow or Wraparound	CVE-2026-49346	2026-06-24 01:00	2026-06-20	Show	GitHub Exploit DB Packet Storm

1892	8.7	HIGH Network	-	-	nanobot is a personal AI assistant. In versions 0.1.5.post3 and prior, the WhatsApp bridge in bridge/src/whatsapp.ts constructs a filesystem path using the fileName field from an incoming WhatsApp do…	CWE-22 Path Traversal	CVE-2026-48716	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

1893	-		-	-	OneDev is a Git server with CI/CD, kanban, and packages. In versions 15.0.6 and below, TarUtils.untar() creates symbolic links verbatim from TAR entry getLinkName() without validating whether the tar…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-49248	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

1894	9.9	CRITICAL Network	-	-	deepstream is a server that allows clients and backend services to sync data, send messages and make rpcs at scale. Versions prior to 10.0.5 are vulnerable to Prototype Pollution. Exploitation can l…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-49252	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

1895	9.1	CRITICAL Network	-	-	Relyra is a strict-by-default SAML 2.0 Service Provider library for Elixir and Phoenix. Versions 1.0.0 and 1.1.0 accept forged SAML signatures because SignatureValue was not cryptographically verifie…	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-49454	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

1896	-		-	-	Line Desktop MCP is a project that, while unaffiliated with the official line-bot-mcp-server, allows users to directly operate the LINE Desktop application on Windows or Mac via MCP. `line-desktop-mc…	CWE-306 CWE-862 Missing Authentication for Critical Function Missing Authorization	CVE-2026-49357	2026-06-24 00:59	2026-06-19	Show	GitHub Exploit DB Packet Storm

1897	7.4	HIGH Network	-	-	Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.23 and 6.20.0, the fix for CVE-2026-41175 was incomplete. It addressed the issue in the query builder, but the sam…	CWE-470 Unsafe Reflection	CVE-2026-49287	2026-06-24 00:59	2026-06-20	Show	GitHub Exploit DB Packet Storm

1898	8.1	HIGH Network	-	-	mcp-memory-service is a semantic memory layer for AI applications. Prior to version 10.65.3, the HTTP MCP JSON-RPC endpoint at `/mcp` requires only OAuth `read` scope for all requests, then dispatche…	CWE-862 Missing Authorization	CVE-2026-49291	2026-06-24 00:59	2026-06-20	Show	GitHub Exploit DB Packet Storm

1899	-		-	-	Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, Mercator's Query Engine (`/admin/queries/execute`) accepts a JSON DSL (`from` /…	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2026-49344	2026-06-24 00:59	2026-06-20	Show	GitHub Exploit DB Packet Storm

1900	-		-	-	Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Server-Side Request Forgery (SSRF) vulnerability exists in Mercator's CVE con…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49345	2026-06-24 00:59	2026-06-20	Show	GitHub Exploit DB Packet Storm