Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 4:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
228041 7.8 危険 Linux - Linux Kernel の net/ceph/auth_none.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2013-1059 2013-10-28 16:19 2013-07-2 Show GitHub Exploit DB Packet Storm
228042 7.1 危険 シスコシステムズ - Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2013-5549 2013-10-28 15:34 2013-10-23 Show GitHub Exploit DB Packet Storm
228043 6.9 警告 Linux - ARM プラットフォーム上の Linux Kernel の arch/arm/kernel/perf_event.c における権限を取得される脆弱性 CWE-20
不適切な入力確認
CVE-2013-4254 2013-10-28 15:34 2013-08-20 Show GitHub Exploit DB Packet Storm
228044 4.7 警告 Linux - Linux Kernel の kernel/user_namespace.c 内の unshare_userns 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2013-4205 2013-10-28 15:31 2013-08-11 Show GitHub Exploit DB Packet Storm
228045 6.8 警告 シスコシステムズ - Catalyst 3750X スイッチ上で稼働する Cisco IOS における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2013-5522 2013-10-28 15:31 2013-10-25 Show GitHub Exploit DB Packet Storm
228046 5 警告 Mozilla Foundation - 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-4196 2013-10-28 15:27 2012-10-26 Show GitHub Exploit DB Packet Storm
228047 5.1 警告 Mozilla Foundation - 複数の Mozilla 製品の nsLocation::CheckURL 関数におけるクロスサイトスクリプティングの脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-4195 2013-10-28 15:26 2012-10-26 Show GitHub Exploit DB Packet Storm
228048 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2012-4194 2013-10-28 15:24 2012-10-26 Show GitHub Exploit DB Packet Storm
228049 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2012-4192 2013-10-28 15:23 2012-10-11 Show GitHub Exploit DB Packet Storm
228050 9.3 危険 Mozilla Foundation - 複数の Mozilla 製品における同一生成元ポリシーを回避される脆弱性 CWE-DesignError
CVE-2012-4193 2013-10-28 15:22 2012-10-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1081 5.3 MEDIUM
Network
ibm datacap
datacap_navigator
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, … CWE-425
 Direct Request ('Forced Browsing')
CVE-2026-9610 2026-06-27 06:19 2026-06-23 Show GitHub Exploit DB Packet Storm
1082 8.8 HIGH
Network
misp-project misp The Azure Active Directory (AAD) authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees pro… CWE-384
 Session Fixation
CVE-2026-56425 2026-06-27 05:33 2026-06-22 Show GitHub Exploit DB Packet Storm
1083 7.5 HIGH
Network
vllm vllm vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can subm… CWE-20
NVD-CWE-noinfo
 Improper Input Validation 
CVE-2026-56340 2026-06-27 05:29 2026-06-21 Show GitHub Exploit DB Packet Storm
1084 7.5 HIGH
Network
vllm vllm vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the Ope… CWE-1333
 Inefficient Regular Expression Complexity
CVE-2025-71379 2026-06-27 05:25 2026-06-21 Show GitHub Exploit DB Packet Storm
1085 7.5 HIGH
Network
- - Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with… CWE-494
 Download of Code Without Integrity Check
CVE-2021-47987 2026-06-27 05:22 2026-06-26 Show GitHub Exploit DB Packet Storm
1086 5.4 MEDIUM
Network
ibm engineering_workflow_management IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to … CWE-79
Cross-site Scripting
CVE-2025-33128 2026-06-27 05:20 2026-06-22 Show GitHub Exploit DB Packet Storm
1087 5.0 MEDIUM
Network
jenkins git_client Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name… CWE-78
OS Command 
CVE-2026-57282 2026-06-27 05:20 2026-06-24 Show GitHub Exploit DB Packet Storm
1088 5.9 MEDIUM
Network
- - Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: * on every res… CWE-749
CWE-942
 Exposed Dangerous Method or Function
 Permissive Cross-domain Policy with Untrusted Domains
CVE-2026-54753 2026-06-27 05:20 2026-06-27 Show GitHub Exploit DB Packet Storm
1089 7.5 HIGH
Network
- - OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the journal diff endpoint discloses hidden historical field values without enforcing object and field vi… CWE-200
CWE-862
Information Exposure
 Missing Authorization
CVE-2026-47193 2026-06-27 05:20 2026-06-27 Show GitHub Exploit DB Packet Storm
1090 8.8 HIGH
Network
- - OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is a CSRF on TARGET through /users/:id via POST parameter "user[admin]". This vulnerability is fix… CWE-352
 Origin Validation Error
CVE-2026-52784 2026-06-27 05:20 2026-06-27 Show GitHub Exploit DB Packet Storm