Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229121	6.9	警告	サン・マイクロシステムズオラクル	-	Oracle Java SE の Java Runtime Environment におけるクライアントのインストールプロセスの処理に関する脆弱性	CWE-noinfo 情報不足	CVE-2013-0430	2013-06-14 10:18	2013-02-1	Show	GitHub Exploit DB Packet Storm

229122	10	危険	オラクル	-	Oracle Java SE の JavaFX における脆弱性	CWE-noinfo 情報不足	CVE-2013-1483	2013-06-13 18:14	2013-02-1	Show	GitHub Exploit DB Packet Storm

229123	10	危険	オラクル	-	Oracle Java SE の JavaFX における脆弱性	CWE-noinfo 情報不足	CVE-2013-1482	2013-06-13 18:11	2013-02-1	Show	GitHub Exploit DB Packet Storm

229124	10	危険	サン・マイクロシステムズオラクル	-	Oracle Java SE の Java Runtime Environment および JavaFX における脆弱性	CWE-noinfo 情報不足	CVE-2013-1479	2013-06-13 17:49	2013-02-1	Show	GitHub Exploit DB Packet Storm

229125	4.9	警告	Linux	-	Linux Kernel の net/tipc/socket.c における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3235	2013-06-13 17:38	2013-04-7	Show	GitHub Exploit DB Packet Storm

229126	4.9	警告	Linux	-	Linux Kernel の net/iucv/af_iucv.c における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3229	2013-06-13 17:36	2013-04-7	Show	GitHub Exploit DB Packet Storm

229127	4.9	警告	Linux	-	Linux Kernel の net/caif/caif_socket.c における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3227	2013-06-13 17:36	2013-04-7	Show	GitHub Exploit DB Packet Storm

229128	4.9	警告	Linux	-	Linux Kernel の net/bluetooth/sco.c における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-3226	2013-06-13 17:35	2013-04-7	Show	GitHub Exploit DB Packet Storm

229129	10	危険	オラクル	-	Oracle Java SE の JavaFX における脆弱性	CWE-noinfo 情報不足	CVE-2013-1477	2013-06-13 17:35	2013-02-1	Show	GitHub Exploit DB Packet Storm

229130	5.8	警告	シスコシステムズ	-	Cisco Nexus 1000V 上で稼働する Cisco NX-OS におけるサーバになりすまされる脆弱性	CWE-310 暗号の問題	CVE-2013-1212	2013-06-13 17:23	2013-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1651	8.1	HIGH Network	-	-	picklescan before 0.0.29 fails to detect malicious pickle files using idlelib.autocomplete.AutoComplete.fetch_completions in reduce methods. Attackers can embed undetected code in pickle files that e…	CWE-502 Deserialization of Untrusted Data	CVE-2025-71376	2026-06-24 01:16	2026-06-23	Show	GitHub Exploit DB Packet Storm

1652	8.1	HIGH Network	-	-	Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran._eval_length gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files th…	CWE-502 Deserialization of Untrusted Data	CVE-2025-71339	2026-06-24 01:16	2026-06-23	Show	GitHub Exploit DB Packet Storm

1653	6.9	MEDIUM Local	libexpat_project	libexpat	xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56411	2026-06-24 01:16	2026-06-22	Show	GitHub Exploit DB Packet Storm

1654	7.6	HIGH Network	-	-	conda-smithy is a tool for combining a conda recipe with configurations to build using freely hosted CI services into a single repository. Prior to version 3.61.0, a vulnerability in the conda-forge …	CWE-284 Improper Access Control	CVE-2026-46699	2026-06-24 01:06	2026-06-19	Show	GitHub Exploit DB Packet Storm

1655	10.0	CRITICAL Network	-	-	mcp-pinot is a Python-based Model Context Protocol (MCP) server for interacting with Apache Pinot. In versions 3.0.1 and below, mcp-pinot defaults to running an HTTP MCP server bound to 0.0.0.0:8080 …	CWE-306 Missing Authentication for Critical Function	CVE-2026-49257	2026-06-24 01:06	2026-06-19	Show	GitHub Exploit DB Packet Storm

1656	6.5	MEDIUM Network	-	-	phpMyFAQ is an open source FAQ web application. Versions prior to 4.1.4 have Missing Authorization in the API CategoryController. CVE-2026-24421 addressed this in the BackupController by adding: $th…	CWE-862 Missing Authorization	CVE-2026-49205	2026-06-24 01:06	2026-06-19	Show	GitHub Exploit DB Packet Storm

1657	-		-	-	Slopsmith is a self-contained web application for browsing, playing, and practicing Rocksmith 2014 Custom DLC (CDLC). Prior to 0.2.9-alpha.5, a path-traversal vulnerability in Slopsmith's archive ext…	CWE-22 CWE-23 CWE-36 Path Traversal Relative Path Traversal Absolute Path Traversal	CVE-2026-49290	2026-06-24 01:06	2026-06-20	Show	GitHub Exploit DB Packet Storm

1658	4.3	MEDIUM Network	-	-	Statamic is a Laravel and Git powered content management system (CMS). Prior to 5.73.23 and 6.20.0, an authenticated Control Panel user could view metadata and content for resources they don't have p…	CWE-200 CWE-862 CWE-863 Information Exposure Missing Authorization Incorrect Authorization	CVE-2026-49288	2026-06-24 01:06	2026-06-20	Show	GitHub Exploit DB Packet Storm

1659	-		-	-	DevGuard provides vulnerability management for the full software supply chain. Prior to 1.4.2, on a DevGuard API instance with one or more public assets, any authenticated user — including users from…	CWE-285 CWE-863 Improper Authorization Incorrect Authorization	CVE-2026-48089	2026-06-24 01:06	2026-06-20	Show	GitHub Exploit DB Packet Storm

1660	5.3	MEDIUM Network	-	-	YARD is a documentation generation tool for the Ruby programming language. Prior to version 0.9.44, YARD's static cache lookup reads a request path before the router's path cleanup runs. When a serve…	CWE-22 Path Traversal	CVE-2026-49342	2026-06-24 01:06	2026-06-20	Show	GitHub Exploit DB Packet Storm