Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
235511	7.5	危険	scar4u	-	ScarNews の scarnews.inc.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1932	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235512	7.5	危険	smodcms	-	SmodCMS の slownik モジュールにおける SQL インジェクションの脆弱性	-	CVE-2007-1931	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235513	7.5	危険	witshare	-	witshare の index.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2007-1928	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235514	4.3	警告	Youngzsoft	-	CmailServer WebMail の signup.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-1927	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235515	6.5	警告	tru-zone	-	Tru-Zone Nuke ET の modules/Your_Account/index.php における任意のアカウントを削除される脆弱性	-	CVE-2007-1925	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235516	7.5	危険	smodbip	-	SmodBIP の aktualnosci モジュールの index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-1920	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235517	5	警告	SAP	-	SAP RFC Library の RFC_SET_REG_SERVER_PROPERTY 関数におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-1918	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235518	10	危険	SAP	-	SAP RFC Library の SYSTEM_CREATE_INSTANCE 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-1917	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235519	10	危険	SAP	-	SAP RFC Library の RFC_START_GUI 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-1916	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

235520	7.5	危険	SAP	-	SAP RFC Library の RFC_START_PROGRAM 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-1915	2012-12-20 18:19	2007-04-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
531	5.4	MEDIUM Network	-	-	Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authentica… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-56774	2026-06-26 07:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

532	7.5	HIGH Network	-	-	Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with… New	CWE-494 Download of Code Without Integrity Check	CVE-2021-47987	2026-06-26 07:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

533	8.8	HIGH Network	-	-	Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth … New	CWE-862 Missing Authorization	CVE-2026-56767	2026-06-26 06:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

534	-		-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allows arbitrary data: URIs without proper restrictions,… New	CWE-80 Basic XSS	CVE-2026-52816	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

535	3.5	LOW Network	-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, … New	CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine	CVE-2026-52796	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

536	4.9	MEDIUM Network	-	-	Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the … New	CWE-20 Improper Input Validation	CVE-2025-64719	2026-06-26 06:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

537	7.1	HIGH Network	-	-	Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by expl… New	CWE-862 Missing Authorization	CVE-2026-57520	2026-06-26 05:22	2026-06-26	Show	GitHub Exploit DB Packet Storm

538	5.5	MEDIUM Local	-	-	Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit New	CWE-88 Argument Injection	CVE-2026-11968	2026-06-26 05:21	2026-06-24	Show	GitHub Exploit DB Packet Storm

539	8.0	HIGH Network	-	-	py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w… New	CWE-59 Link Following	CVE-2026-23879	2026-06-26 05:21	2026-06-25	Show	GitHub Exploit DB Packet Storm

540	7.2	HIGH Network	-	-	3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by … New	CWE-73 External Control of File Name or Path	CVE-2026-55477	2026-06-26 05:21	2026-06-26	Show	GitHub Exploit DB Packet Storm