Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
258801 5 警告 The Perl Foundation
レッドハット
- Perl の lc、lcfirst、uc および ucfirst 関数における汚染 (Taint) 保護メカニズムを回避される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1487 2011-05-26 09:55 2011-03-1 Show GitHub Exploit DB Packet Storm
258802 7.5 危険 IBM
サイバートラスト株式会社
サン・マイクロシステムズ
Sendmail Consortium
ターボリナックス
ヒューレット・パッカード
レッドハット
- sendmail における X.509 証明書の処理に関する任意の SSL-based SMTP サーバになりすまされる脆弱性 CWE-310
暗号の問題
CVE-2009-4565 2011-05-26 09:52 2010-01-4 Show GitHub Exploit DB Packet Storm
258803 5 警告 シックス・アパート株式会社 - Movable Type におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2008-5845 2011-05-25 14:03 2011-05-25 Show GitHub Exploit DB Packet Storm
258804 9.3 危険 マイクロソフト - Microsoft PowerPoint におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2011-1270 2011-05-25 12:24 2011-05-10 Show GitHub Exploit DB Packet Storm
258805 9.3 危険 マイクロソフト - 複数の Microsoft 製品における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1269 2011-05-25 12:22 2011-05-10 Show GitHub Exploit DB Packet Storm
258806 9.3 危険 マイクロソフト - Microsoft Windows の WINS における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認
CVE-2011-1248 2011-05-25 12:15 2011-05-10 Show GitHub Exploit DB Packet Storm
258807 7.5 危険 サムスン - Samsung Integrated Management System DMS に SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-4284 2011-05-25 12:12 2011-05-9 Show GitHub Exploit DB Packet Storm
258808 5 警告 VMware - 複数の VMware 製品の self-extracting インストーラにおけるソフトウェアの配布を偽造される脆弱性 CWE-310
暗号の問題
CVE-2011-1789 2011-05-25 12:09 2011-05-5 Show GitHub Exploit DB Packet Storm
258809 - - Proofpoint, Inc. - Proofpoint Protection Server に複数の脆弱性 - - 2011-05-25 12:07 2011-05-6 Show GitHub Exploit DB Packet Storm
258810 5.1 警告 Aleksey
レッドハット
- WebKit などで利用される xslt.c における任意のファイルを作成される脆弱性 CWE-264
認可・権限・アクセス制御
CVE-2011-1425 2011-05-24 10:03 2011-03-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1591 2.5 LOW
Local
cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtool_function_update() can corrupt RRDtool metric value… CWE-474
 Use of Function with Inconsistent Implementations
CVE-2026-39894 2026-06-26 05:19 2026-06-25 Show GitHub Exploit DB Packet Storm
1592 7.6 HIGH
Network
- - Twenty is an open-source CRM (customer relationship management) platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direct object reference (IDOR) in the AI agent monitor's … CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-55583 2026-06-26 05:18 2026-06-25 Show GitHub Exploit DB Packet Storm
1593 9.6 CRITICAL
Network
- - immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting (XSS) vulnerability on the /auth/login page allows a… CWE-79
CWE-601
Cross-site Scripting
Open Redirect
CVE-2026-53662 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1594 9.0 CRITICAL
Network
- - LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-54157 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1595 - - - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap … CWE-120
Classic Buffer Overflow
CVE-2026-54257 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1596 7.8 HIGH
Local
- - rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treat… CWE-863
 Incorrect Authorization
CVE-2026-54555 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1597 9.6 CRITICAL
Network
- - Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for buildin… CWE-20
CWE-601
 Improper Input Validation 
Open Redirect
CVE-2026-54588 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1598 6.9 MEDIUM
Network
- - Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-cont… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File
CVE-2026-47693 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1599 8.8 HIGH
Local
- - Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2026-54639 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1600 - - - OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, `FileFormatSpi3D.cpp:163` uses `sscanf` with `%s` into 64-byte stack buffers when parsing LUT dat… CWE-120
Classic Buffer Overflow
CVE-2026-42450 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm