Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229791	7.5	危険	Google	-	Google Chrome におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2013-2836	2013-05-23 17:43	2013-05-21	Show	GitHub Exploit DB Packet Storm

229792	7.2	危険	Infotecs	-	複数の Infotecs ViPNet 製品における権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3496	2013-05-23 15:00	2013-05-22	Show	GitHub Exploit DB Packet Storm

229793	2.1	注意	OpenStack	-	OpenStack DevStack における重要な情報を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-1977	2013-05-23 14:52	2013-05-21	Show	GitHub Exploit DB Packet Storm

229794	4.3	警告	レッドハット	-	Red Hat subscription-manager の rhn-migrate-classic-to-rhsm における重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2012-6137	2013-05-23 14:45	2013-05-6	Show	GitHub Exploit DB Packet Storm

229795	5.8	警告	Canonical	-	telepathy-idle における SSL サーバを偽装される脆弱性	CWE-20 不適切な入力確認	CVE-2007-6746	2013-05-23 14:21	2013-04-22	Show	GitHub Exploit DB Packet Storm

229796	10	危険	Schneider Electric 三菱電機	-	Citect CitectFacilities および CitectSCADA に含まれる Mitsubishi MX Component におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-3075	2013-05-22 11:02	2013-04-1	Show	GitHub Exploit DB Packet Storm

229797	5	警告	Patrick Masotta	-	Serva にバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0145	2013-05-21 18:30	2013-05-14	Show	GitHub Exploit DB Packet Storm

229798	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-1378	2013-05-21 18:15	2013-04-9	Show	GitHub Exploit DB Packet Storm

229799	7.2	危険	マイクロソフト	-	複数の Microsoft Windows 製品のカーネルモードドライバの dxgkrnl.sys における権限昇格の脆弱性	CWE-119 バッファエラー	CVE-2013-1332	2013-05-21 18:11	2013-05-14	Show	GitHub Exploit DB Packet Storm

229800	10	危険	マイクロソフトアドビシステムズ Google	-	Adobe Flash Player および Adobe AIR におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-1375	2013-05-21 18:08	2013-03-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1841	8.2	HIGH Network	-	-	Joomla OSDownloads 1.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers…	CWE-89 SQL Injection	CVE-2017-20259	2026-06-24 03:17	2026-06-20	Show	GitHub Exploit DB Packet Storm

1842	8.2	HIGH Network	-	-	Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari param…	CWE-89 SQL Injection	CVE-2017-20253	2026-06-24 03:17	2026-06-20	Show	GitHub Exploit DB Packet Storm

1843	5.5	MEDIUM Local	-	-	NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-database writes without host-side authorization check…	CWE-602 Client-Side Enforcement of Server-Side Security	CVE-2026-56693	2026-06-24 02:58	2026-06-24	Show	GitHub Exploit DB Packet Storm

1844	5.4	MEDIUM Network	-	-	OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted r…	CWE-862 Missing Authorization	CVE-2026-56696	2026-06-24 02:58	2026-06-24	Show	GitHub Exploit DB Packet Storm

1845	4.8	MEDIUM Network	-	-	guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request meth…	CWE-93 CWE-113 CRLF Injection HTTP Response Splitting	CVE-2026-55766	2026-06-24 02:57	2026-06-24	Show	GitHub Exploit DB Packet Storm

1846	6.1	MEDIUM Network	flowiseai	flowise	Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScrip…	CWE-80 Basic XSS	CVE-2025-71331	2026-06-24 02:53	2026-06-21	Show	GitHub Exploit DB Packet Storm

1847	8.2	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4…	CWE-20 Improper Input Validation	CVE-2026-48109	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

1848	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attacker-controlled MessagePack extension len…	CWE-125 CWE-190 CWE-407 CWE-409 CWE-470 CWE-502 CWE-674 CWE-789 CWE-1188 Out-of-bounds Read Integer Overflow or Wraparound Inefficient Algorithmic Complexity Improper Handling of Highly Compressed Data (Data Amplification) Unsafe Reflection Deserialization of Untrusted Data Uncontrolled Recursion Memory Allocation with Excessive Size Value Insecure Default Initialization of Resource	CVE-2026-48502	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

1849	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o…	CWE-674 Uncontrolled Recursion	CVE-2026-48506	2026-06-24 02:24	2026-06-23	Show	GitHub Exploit DB Packet Storm

1850	8.1	HIGH Network	-	-	piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-55388	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm