Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231311	4.3	警告	Matthias Hutterer	-	Drupal 用 Email Field モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5587	2012-12-28 15:58	2012-11-28	Show	GitHub Exploit DB Packet Storm

231312	2.1	注意	Marc Ingram	-	Drupal 用 Services モジュールにおける任意のユーザの電子メールにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5586	2012-12-28 15:57	2012-11-28	Show	GitHub Exploit DB Packet Storm

231313	2.1	注意	Mixpanel Project	-	Drupal 用 Mixpanel モジュールにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-5585	2012-12-28 15:50	2012-11-28	Show	GitHub Exploit DB Packet Storm

231314	4.3	警告	Made to Order Software	-	Drupal 用 Table of Contents モジュールにおけるノードのヘッダを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-5584	2012-12-28 15:49	2012-11-14	Show	GitHub Exploit DB Packet Storm

231315	6.8	警告	Sensio Labs	-	Symfony における任意のサービスにアクセスされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6432	2012-12-28 15:20	2012-12-20	Show	GitHub Exploit DB Packet Storm

231316	6.4	警告	Sensio Labs	-	Symfony における URI の制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-6431	2012-12-28 15:18	2012-12-20	Show	GitHub Exploit DB Packet Storm

231317	4.3	警告	Sebastian Heinlein Canonical	-	Ubuntu の Aptdaemon における任意のパッケージレポジトリの GPG キーをインストールされる脆弱性	CWE-noinfo 情報不足	CVE-2012-0962	2012-12-28 15:03	2012-12-17	Show	GitHub Exploit DB Packet Storm

231318	2.1	注意	Debian	-	Ubuntu で使用される APT における重要なシェル情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-0961	2012-12-28 14:59	2012-12-12	Show	GitHub Exploit DB Packet Storm

231319	4.3	警告	PS Project Management Team	-	Firefox 用 Unity integration 拡張機能における同一生成元ポリシーを回避される脆弱性	CWE-DesignError	CVE-2012-0958	2012-12-28 14:58	2012-10-23	Show	GitHub Exploit DB Packet Storm

231320	-	-	Ruby on Rails project	-	削除 Ruby on Rails 用 Authlogic gem における SQL インジェクションの脆弱性	-	CVE-2012-5664	2012-12-28 14:22	2012-12-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2021	8.2	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4…	CWE-20 Improper Input Validation	CVE-2026-48109	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

2022	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attacker-controlled MessagePack extension len…	CWE-125 CWE-190 CWE-407 CWE-409 CWE-470 CWE-502 CWE-674 CWE-789 CWE-1188 Out-of-bounds Read Integer Overflow or Wraparound Inefficient Algorithmic Complexity Improper Handling of Highly Compressed Data (Data Amplification) Unsafe Reflection Deserialization of Untrusted Data Uncontrolled Recursion Memory Allocation with Excessive Size Value Insecure Default Initialization of Resource	CVE-2026-48502	2026-06-24 02:25	2026-06-23	Show	GitHub Exploit DB Packet Storm

2023	7.5	HIGH Network	messagepack	messagepack	MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o…	CWE-674 Uncontrolled Recursion	CVE-2026-48506	2026-06-24 02:24	2026-06-23	Show	GitHub Exploit DB Packet Storm

2024	8.1	HIGH Network	-	-	piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through…	CWE-94 CWE-1321 Code Injection Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-55388	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2025	6.1	MEDIUM Network	astro	astro	Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolate…	CWE-79 Cross-site Scripting	CVE-2026-54298	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2026	-		-	-	AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This…	CWE-200 CWE-522 Information Exposure Insufficiently Protected Credentials	CVE-2026-54276	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2027	-		-	-	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerabilit…	CWE-524 Use of Cache Containing Sensitive Information	CVE-2026-50170	2026-06-24 02:17	2026-06-23	Show	GitHub Exploit DB Packet Storm

2028	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56406	2026-06-24 01:29	2026-06-22	Show	GitHub Exploit DB Packet Storm

2029	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56407	2026-06-24 01:28	2026-06-22	Show	GitHub Exploit DB Packet Storm

2030	6.9	MEDIUM Local	libexpat_project	libexpat	libexpat before 2.8.2 has an integer overflow in copyString.	CWE-190 Integer Overflow or Wraparound	CVE-2026-56408	2026-06-24 01:27	2026-06-22	Show	GitHub Exploit DB Packet Storm