Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231101	6.8	警告	tomaz-muraus	-	Tomaz Muraus Open Blog におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2010-3030	2012-12-20 19:29	2010-08-17	Show	GitHub Exploit DB Packet Storm

231102	7.5	危険	phpkick	-	PHPKick の statistics.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3029	2012-12-20 19:29	2010-08-16	Show	GitHub Exploit DB Packet Storm

231103	3.6	注意	Simon Phillips	-	Joomla! 用の Aardvertiser コンポーネントにおける特定のファイルを変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-3028	2012-12-20 19:29	2010-08-16	Show	GitHub Exploit DB Packet Storm

231104	7.5	危険	tycoon	-	Tycoon Baseball Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-3027	2012-12-20 19:29	2010-08-16	Show	GitHub Exploit DB Packet Storm

231105	5	警告	Wireshark	-	Wireshark の GSM A RR 解析子におけるサービス運用妨害 (DoS) の脆弱性	CWE-Other その他	CVE-2010-2992	2012-12-20 19:29	2010-06-21	Show	GitHub Exploit DB Packet Storm

231106	9.3	危険	raphael assenat	-	libmikmod の loaders/load_it.c におけるバッファオーバーリードを誘発される脆弱性	CWE-119 バッファエラー	CVE-2010-2971	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

231107	7.8	危険	ウインドリバー株式会社	-	Wind River VxWorks の FTP デーモンにおけるアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2968	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

231108	7.8	危険	ウインドリバー株式会社	-	Wind River VxWorks の loginLib におけるアクセス権を取得される脆弱性	CWE-310 暗号の問題	CVE-2010-2967	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

231109	7.8	危険	ウインドリバー株式会社	-	Wind River VxWorks の INCLUDE_SECURITY 機能におけるアクセス権を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2010-2966	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

231110	10	危険	Rockwell Automation ウインドリバー株式会社	-	Rockwell Automation 1756-ENBT series A で使用されている Wind River VxWorks における任意のメモリ領域を読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-2965	2012-12-20 19:29	2010-08-5	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1621	7.5	HIGH Network	-	-	Starlette is a lightweight ASGI framework/toolkit. From 0.4.1 until 1.3.1, request.form() accepts max_fields and max_part_size to bound resource consumption while parsing form data. These limits are …	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-54283	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1622	-		-	-	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2026-54276	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1623	-		-	-	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service (DoS) vu…	CWE-400 CWE-1333 Uncontrolled Resource Consumption Inefficient Regular Expression Complexity	CVE-2026-54268	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1624	5.3	MEDIUM Network	-	-	js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same alias many ti…	CWE-407 Inefficient Algorithmic Complexity	CVE-2026-53550	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1625	3.7	LOW Network	-	-	Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) headers with email.message.Message, which transparentl…	CWE-20 CWE-436 Improper Input Validation Interpretation Conflict	CVE-2026-53537	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1626	-		-	-	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerabilit…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-50170	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

1627	5.4	MEDIUM Network	-	-	Fabric.js is a Javascript HTML5 canvas library. Prior to 7.4.0, a potential Cross-Site Scripting (XSS) vulnerability exists in Fabric.js due to improper escaping of user-controlled input during SVG s…	CWE-79 CWE-116 Cross-site Scripting Improper Encoding or Escaping of Output	CVE-2026-44311	2026-06-24 02:16	2026-06-23	Show	GitHub Exploit DB Packet Storm

1628	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56406	2026-06-24 01:29	2026-06-22	Show	GitHub Exploit DB Packet Storm

1629	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56407	2026-06-24 01:28	2026-06-22	Show	GitHub Exploit DB Packet Storm

1630	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in copyString.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56408	2026-06-24 01:27	2026-06-22	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed