Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 11, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
240621	4.3	警告	htmlpurifier	-	HTML Purifier の smoketests/configForm.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3498	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240622	5	警告	マイクロソフト	-	Microsoft Internet Explorer 7 におけるページ履歴の存在を特定される脆弱性	-	CVE-2007-3497	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240623	6.8	警告	Papoo Software	-	Papoo CMS におけるデータベース全体を読まれる脆弱性	-	CVE-2007-3494	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240624	7.5	危険	マイクロソフト nctsoft products	-	NCTAudioStudio2 の NCTWavChunksEditor2.dll における任意のファイルを上書きされる脆弱性	-	CVE-2007-3493	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240625	7.5	危険	マイクロソフト	-	Microsoft Excel 2003 SP2 における脆弱性	-	CVE-2007-3490	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240626	6.4	警告	ヒューレット・パッカード	-	HP Photo Digital Imaging の hpqxml.dll における絶対パストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2007-3487	2012-09-25 16:47	2007-06-29	Show	GitHub Exploit DB Packet Storm

240627	7.1	危険	pc soft	-	PCSoft WinDEV におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3480	2012-09-25 16:47	2007-06-28	Show	GitHub Exploit DB Packet Storm

240628	6.8	警告	pc soft	-	PCSoft の WinDEV におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-3479	2012-09-25 16:47	2007-06-28	Show	GitHub Exploit DB Packet Storm

240629	5	警告	LibGD project	-	libgd の imagearc 関数などにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2007-3477	2012-09-25 16:47	2007-06-28	Show	GitHub Exploit DB Packet Storm

240630	2.6	注意	LibGD project	-	libgd の GIF リーダにおける脆弱性	CWE-DesignError CWE-noinfo	CVE-2007-3474	2012-09-25 16:47	2007-06-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2071	5.5	MEDIUM Local	pypa	pip	pip would treat console_scripts and gui_scripts as paths instead of file names without sanitizing the resolved absolute path to the installation directory, leading to entry points being installed out…	CWE-22 Path Traversal	CVE-2026-8643	2026-06-5 01:52	2026-06-2	Show	GitHub Exploit DB Packet Storm

2072	6.8	MEDIUM Network	nextcloud	nextcloud_server	Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 31.0.0 to before 31.0.12, and 32.0.0 to before 32.0.3, a missing check of a relation allowed authenticate…	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-45810	2026-06-5 01:51	2026-06-2	Show	GitHub Exploit DB Packet Storm

2073	7.1	HIGH Network	nextcloud	tables	Nextcloud is an open source content collaboration platform. From versions 0.9.0 to before 0.9.7, and 1.0.0 to before 1.0.2, a missing sanitization in the Tables app allowed a user with access to the …	CWE-89 SQL Injection	CVE-2026-45722	2026-06-5 01:50	2026-06-2	Show	GitHub Exploit DB Packet Storm

2074	5.9	MEDIUM Network	nextcloud	nextcloud_server	Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, a pre-2FA session cookie (created after successful …	CWE-287 Improper Authentication	CVE-2026-45691	2026-06-5 01:50	2026-06-2	Show	GitHub Exploit DB Packet Storm

2075	5.9	MEDIUM Network	nextcloud	nextcloud_server	Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, an authentication bypass vulnerability allowed atta…	CWE-287 Improper Authentication	CVE-2026-45690	2026-06-5 01:50	2026-06-2	Show	GitHub Exploit DB Packet Storm

2076	8.2	HIGH Network	nextcloud	tables	Nextcloud is an open source content collaboration platform. From versions 0.7.0 to before 0.7.7, 0.8.0 to before 0.8.10, 0.9.0 to before 0.9.8, and 1.0.0 to before 1.0.4, an authenticated attacker wi…	CWE-89 SQL Injection	CVE-2026-45545	2026-06-5 01:50	2026-06-2	Show	GitHub Exploit DB Packet Storm

2077	4.3	MEDIUM Network	nextcloud	tables	Nextcloud is an open source content collaboration platform. From version 0.8.0 to before version 1.0.4, the view filter criteria is exposed to users with read-only permissions in Nextcloud Tables. Th…	CWE-1230 Exposure of Sensitive Information Through Metadata	CVE-2026-45544	2026-06-5 01:47	2026-06-2	Show	GitHub Exploit DB Packet Storm

2078	5.3	MEDIUM Network	nextcloud	forms	Nextcloud is an open source content collaboration platform. From version 4.3.0 to before version 5.2.7, a removed collaborator retains unauthorized read access to uploaded respondent files for the af…	CWE-552 Files or Directories Accessible to External Parties	CVE-2026-45543	2026-06-5 01:43	2026-06-2	Show	GitHub Exploit DB Packet Storm

2079	5.3	MEDIUM Network	-	-	Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characte…	CWE-117 Improper Output Neutralization for Logs	CVE-2026-5078	2026-06-5 01:40	2026-06-3	Show	GitHub Exploit DB Packet Storm

2080	-		-	-	SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using …	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2025-41259	2026-06-5 01:40	2026-06-3	Show	GitHub Exploit DB Packet Storm