Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
238231 5.8 警告 Roderick Baier
GitHub		 - GitHub Gaug.es などの製品で使用される weberknecht における SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5814 2012-11-7 17:38 2012-11-4 Show GitHub Exploit DB Packet Storm
238232 5.8 警告 EmoryM - Android 用 Android_Pusher ライブラリにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5813 2012-11-7 17:38 2012-11-4 Show GitHub Exploit DB Packet Storm
238233 5.8 警告 ACRA - Android 用 ACRA ライブラリにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5812 2012-11-7 17:38 2012-11-4 Show GitHub Exploit DB Packet Storm
238234 5.8 警告 Zen Cart
First Data		 - Zen Cart の LinkPoint モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5808 2012-11-7 16:40 2012-11-4 Show GitHub Exploit DB Packet Storm
238235 5.8 警告 Zen Cart
Authorize.Net		 - Zen Cart の Authorize.Net eCheck モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5807 2012-11-7 16:39 2012-11-4 Show GitHub Exploit DB Packet Storm
238236 5.8 警告 Zen Cart
PayPal		 - Zen Cart の PayPal Payments Pro モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5806 2012-11-7 16:37 2012-11-4 Show GitHub Exploit DB Packet Storm
238237 5.8 警告 Zen Cart
PayPal		 - Zen Cart の PayPal IPN 機能における SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5805 2012-11-7 16:36 2012-11-4 Show GitHub Exploit DB Packet Storm
238238 5.8 警告 CyberSource Corporation
Ubercart		 - Ubercart の CyberSource モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5804 2012-11-7 16:35 2012-11-4 Show GitHub Exploit DB Packet Storm
238239 5.8 警告 Hassan Consulting
Ubercart		 - Ubercart の Authorize.Net モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5803 2012-11-7 16:34 2012-11-4 Show GitHub Exploit DB Packet Storm
238240 5.8 警告 Ubercart - Ubercart の PayPal モジュールにおける SSL サーバを偽装される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-5802 2012-11-7 16:34 2012-11-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
901 9.6 CRITICAL
Network 		- - The default JVM can access files and directories under `/tmp/` including the `$TemporaryDirectory` of other users on the same cloud instance (`/tmp/UserTemporaryFiles/`). The `-init` file for the th… - CVE-2025-11919 2026-06-27 03:16 2026-06-27 Show GitHub Exploit DB Packet Storm
902 8.5 HIGH
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP prot… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-56663 2026-06-27 03:13 2026-06-27 Show GitHub Exploit DB Packet Storm
903 5.4 MEDIUM
Network 		- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the `POST /api/integrations/webhooks/{webhook_id}/ping` endpoint … CWE-284
CWE-639
Improper Access Control
 Authorization Bypass Through User-Controlled Key 		CVE-2026-56823 2026-06-27 03:13 2026-06-27 Show GitHub Exploit DB Packet Storm
904 5.3 MEDIUM
Network 		- - Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership… CWE-61
 UNIX Symbolic Link (Symlink) Following 		CVE-2026-55686 2026-06-27 03:13 2026-06-27 Show GitHub Exploit DB Packet Storm
905 9.1 CRITICAL
Network 		deno deno Deno is a JavaScript, TypeScript, and WebAssembly runtime. From 2.0.0 until 2.7.8, a flaw in Deno's Node.js tls compatibility layer could cause a TLS client to transmit application data in plaintext … CWE-319
Cleartext Transmission of Sensitive Information 		CVE-2026-44726 2026-06-27 03:11 2026-06-24 Show GitHub Exploit DB Packet Storm
906 5.4 MEDIUM
Network 		gitlab gitlab GitLab has remediated an issue in GitLab EE affecting all versions from 18.6 before 18.11.6, 19.0 before 19.0.3, and 19.1 before 19.1.1 that under certain conditions could have allowed an authenticat… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-5309 2026-06-27 03:05 2026-06-25 Show GitHub Exploit DB Packet Storm
907 8.1 HIGH
Network 		caddyserver caddy Caddy is an extensible server platform that uses TLS by default. From 2.7.0 until 2.11.3, the FastCGI transport's splitPos() in modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go misuses golang.org/x/… CWE-20
CWE-176
CWE-178
 Improper Input Validation 
 Improper Handling of Unicode Encoding
 Improper Handling of Case Sensitivity 		CVE-2026-45135 2026-06-27 03:04 2026-06-24 Show GitHub Exploit DB Packet Storm
908 3.8 LOW
Network 		caddyserver caddy Caddy is an extensible server platform that uses TLS by default. From 2.4.0 until 2.11.3, the authorization layer and the /config traversal layer do not agree on what object the path refers to. In th… CWE-187
CWE-863
 Partial String Comparison
 Incorrect Authorization 		CVE-2026-45692 2026-06-27 03:01 2026-06-24 Show GitHub Exploit DB Packet Storm
909 8.8 HIGH
Network 		- - Pagekit CMS 1.0.18 contains a privilege escalation vulnerability that allows authenticated users with the 'user: manage users' permission to escalate privileges by assigning arbitrary custom roles to… CWE-862
 Missing Authorization 		CVE-2026-57518 2026-06-27 02:49 2026-06-27 Show GitHub Exploit DB Packet Storm
910 8.4 HIGH
Local 		deno deno Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path su… CWE-41
CWE-176
 Improper Resolution of Path Equivalence
 Improper Handling of Unicode Encoding 		CVE-2026-49401 2026-06-27 02:43 2026-06-24 Show GitHub Exploit DB Packet Storm