Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 22, 2026, 12:22 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2341 9 緊急
Network 		lfprojects mlflow lfprojectsのmlflowにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-2651 2026-06-8 11:48 2026-05-25 Show GitHub Exploit DB Packet Storm
2342 6.5 警告
Network 		libxls project libxls libxls projectのlibxlsにおける初期化されていない変数の使用に関する脆弱性 CWE-457
初期化されていない変数の使用 		CVE-2026-26824 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
2343 5.3 警告
Network 		libxls project libxls libxls projectのlibxlsにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-26825 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
2344 7.5 重要
Network 		SolarWinds Web Help Desk SolarWindsのWeb Help Deskにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-28299 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2345 7.5 重要
Network 		SolarWinds Serv-U SolarWindsのServ-Uにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-28318 2026-06-8 11:47 2026-06-4 Show GitHub Exploit DB Packet Storm
2346 7.1 重要
Network 		librechat librechat LibreChatにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-31942 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2347 9.6 緊急
Network 		librechat librechat LibreChatにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-32625 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2348 4.7 警告
Network 		Shopify React Router ShopifyのReact Routerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-33245 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
2349 7.5 重要
Network 		Python Software Foundation Python Python Software FoundationのPythonにおける複数の脆弱性 CWE-116
CWE-20
CVE-2026-3644 2026-06-8 11:47 2026-03-16 Show GitHub Exploit DB Packet Storm
2350 6.1 警告
Network 		Shopify React Router ShopifyのReact Routerにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-40181 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 22, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306641 - apple itunes
webkit 		WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3233 2024-11-21 10:30 2011-10-13 Show GitHub Exploit DB Packet Storm
306642 - apple itunes Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.2… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3219 2024-11-21 10:30 2011-10-13 Show GitHub Exploit DB Packet Storm
306643 - adam_kennedy crypt-dsa The Crypt::DSA (aka Crypt-DSA) module 1.17 and earlier for Perl, when /dev/random is absent, uses the Data::Random module, which makes it easier for remote attackers to spoof a signature, or determin… CWE-310
Cryptographic Issues 		CVE-2011-3599 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306644 - zope
plone 		zope
plone 		Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the… NVD-CWE-noinfo
CVE-2011-3587 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306645 - quagga quagga Heap-based buffer overflow in the ecommunity_ecom2str function in bgp_ecommunity.c in bgpd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) or possibly exe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3327 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306646 - quagga quagga The ospf_flood function in ospf_flood.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via an invalid Link State Advertisement (LSA) type in an … CWE-399
 Resource Management Errors 		CVE-2011-3326 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306647 - quagga quagga ospf_packet.c in ospfd in Quagga before 0.99.19 allows remote attackers to cause a denial of service (daemon crash) via (1) a 0x0a type field in an IPv4 packet header or (2) a truncated IPv4 Hello pa… CWE-399
 Resource Management Errors 		CVE-2011-3325 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306648 - quagga quagga The ospf6_lsa_is_changed function in ospf6_lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (assertion failure and daemon exi… CWE-399
 Resource Management Errors 		CVE-2011-3324 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306649 - quagga quagga The OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service (out-of-bounds memory access and daemon crash) via a Link State Update message with a… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3323 2024-11-21 10:30 2011-10-10 Show GitHub Exploit DB Packet Storm
306650 - phppgadmin phppgadmin Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or … CWE-79
Cross-site Scripting 		CVE-2011-3598 2024-11-21 10:30 2011-10-8 Show GitHub Exploit DB Packet Storm