Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
255901 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2871 2012-03-21 14:59 2012-03-8 Show GitHub Exploit DB Packet Storm
255902 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2011-2870 2012-03-21 14:58 2012-03-8 Show GitHub Exploit DB Packet Storm
255903 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0648 2012-03-21 14:52 2012-03-8 Show GitHub Exploit DB Packet Storm
255904 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0639 2012-03-21 14:51 2012-03-8 Show GitHub Exploit DB Packet Storm
255905 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0638 2012-03-21 14:49 2012-03-8 Show GitHub Exploit DB Packet Storm
255906 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0637 2012-03-21 14:47 2012-03-8 Show GitHub Exploit DB Packet Storm
255907 7.6 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0636 2012-03-21 14:46 2012-03-8 Show GitHub Exploit DB Packet Storm
255908 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0635 2012-03-21 14:44 2012-03-8 Show GitHub Exploit DB Packet Storm
255909 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0633 2012-03-21 14:41 2012-03-8 Show GitHub Exploit DB Packet Storm
255910 9.3 危険 アップル - 複数の Apple 製品で使用される WebKit における任意のコードを実行される脆弱性 CWE-119
バッファエラー
CVE-2012-0632 2012-03-21 14:38 2012-03-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
6721 4.3 MEDIUM
Network
openclaw openclaw OpenClaw before 2026.5.12 contains a privilege escalation vulnerability in Slack plugin approvals that allows exec-authorized users to resolve plugin approvals through the exec approver gate. Attacke… CWE-863
 Incorrect Authorization
CVE-2026-32906 2026-06-2 03:37 2026-05-30 Show GitHub Exploit DB Packet Storm
6722 5.3 MEDIUM
Network
mermaid_project mermaid Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, there is a denial-of-service attack when rendering gantt charts, i… CWE-835
 Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2026-41150 2026-06-2 03:37 2026-05-30 Show GitHub Exploit DB Packet Storm
6723 8.3 HIGH
Network
openclaw openclaw OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat senders to issue device-pairing bootstrap codes without… CWE-862
 Missing Authorization
CVE-2026-32905 2026-06-2 03:36 2026-05-30 Show GitHub Exploit DB Packet Storm
6724 5.4 MEDIUM
Network
openclaw openclaw OpenClaw before 2026.4.29 contains a policy bypass vulnerability in QQBot admin commands that allows authenticated senders to skip DM-only and allowFrom policy checks. Attackers can route admin comma… CWE-863
 Incorrect Authorization
CVE-2026-34507 2026-06-2 03:36 2026-05-30 Show GitHub Exploit DB Packet Storm
6725 4.8 MEDIUM
Network
tp-link tl-sg108pe_firmware A stored cross-site scripting (XSS) vulnerability has been identified in the web management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM configuration paramete… CWE-79
Cross-site Scripting
CVE-2026-34127 2026-06-2 03:35 2026-05-30 Show GitHub Exploit DB Packet Storm
6726 9.9 CRITICAL
Network
yhirose cpp-httplib cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header va… CWE-93
CWE-444
CRLF Injection
HTTP Request Smuggling
CVE-2026-45372 2026-06-2 03:34 2026-05-30 Show GitHub Exploit DB Packet Storm
6727 8.2 HIGH
Network
- - Espressif Shared GitHub DangerJS is a reusable GitHub Action CI DangerJS workflow for Espressif GitHub projects. Prior to 1.0.1, the action's entrypoint.sh invoked DangerJS from the caller's workspac… CWE-427
CWE-829
 Uncontrolled Search Path Element
 Inclusion of Functionality from Untrusted Control Sphere
CVE-2026-44358 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
6728 8.7 HIGH
Network
- - Local Path Provisioner provides a way for the Kubernetes users to utilize the local storage in each node. Prior to 0.0.36, a malicious user with permission to edit the local-path-config ConfigMap in … CWE-269
 Improper Privilege Management
CVE-2026-44543 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm
6729 7.4 HIGH
Network
- - FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. Prior to 3.12.0, /api/totp_setup.php is callable from a session that has only passed the passwo… CWE-200
CWE-287
CWE-306
Information Exposure
Improper Authentication
Missing Authentication for Critical Function
CVE-2026-44460 2026-06-2 03:33 2026-05-28 Show GitHub Exploit DB Packet Storm
6730 - - - mapfish-print is a component of MapFish for printing templated cartographic maps. From 3.23.0 to before 3.28.28, 3.30.30, 3.31.22, 3.33.14, and 4.0.3, the attacker can execute arbitrary code in Dyna… CWE-94
Code Injection
CVE-2026-44672 2026-06-2 03:33 2026-05-29 Show GitHub Exploit DB Packet Storm