Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3121 8.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45331 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3122 7.7 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45338 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3123 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-45339 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3124 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-45345 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3125 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 CWE-80
クロスサイトスクリプティング (Basic XSS) 		CVE-2026-45346 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3126 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-45347 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3127 7.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45349 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3128 7.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-45350 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3129 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2026-45351 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
3130 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおける認可に関する脆弱性 CWE-285
不適切な認可 		CVE-2026-45365 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
306271 - apache
redhat 		http_server
jboss_enterprise_web_server 		The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary "error s… CWE-400
 Uncontrolled Resource Consumption 		CVE-2011-3348 2024-11-21 10:30 2011-09-20 Show GitHub Exploit DB Packet Storm
306272 - ibm lotus_domino Cross-site scripting (XSS) vulnerability in IBM Lotus Domino 8.5.2 allows remote attackers to inject arbitrary web script or HTML via the PanelIcon parameter in an fmpgPanelHeader ReadForm action to … CWE-79
Cross-site Scripting 		CVE-2011-3576 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306273 - ibm lotus_domino Stack-based buffer overflow in the NSFComputeEvaluateExt function in Nnotes.dll in IBM Lotus Domino 8.5.2 allows remote authenticated users to execute arbitrary code via a long tHPRAgentName paramete… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3575 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306274 - tibco managed_file_transfer_command_center
managed_file_transfer_internet_server
slingshot 		Session fixation vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the server in… NVD-CWE-Other
CVE-2011-3424 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306275 - tibco managed_file_transfer_command_center
managed_file_transfer_internet_server
slingshot 		Cross-site scripting (XSS) vulnerability in the Managed File Transfer server in TIBCO Managed File Transfer Internet Server before 7.1.1 and Managed File Transfer Command Center before 7.1.1, and the… CWE-79
Cross-site Scripting 		CVE-2011-3423 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306276 - openfabrics enterprise_distribution ulp/sdp/sdp_proc.c in the ib_sdp module (aka ib_sdp.ko) in the ofa_kernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution (OFED) before 1.5.3 does not properly … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2011-3345 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306277 - google
apple 		chrome
iphone_os
itunes
safari 		Google Chrome before 14.0.835.163 does not properly handle boxes, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. CWE-125
Out-of-bounds Read 		CVE-2011-3234 2024-11-21 10:30 2011-09-19 Show GitHub Exploit DB Packet Storm
306278 - interactivedata esignal Untrusted search path vulnerability in eSignal 10.6.2425.1208, and possibly other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking atta… NVD-CWE-Other
CVE-2011-3503 2024-11-21 10:30 2011-09-17 Show GitHub Exploit DB Packet Storm
306279 - cogentdatahub cogent_datahub The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing (1) space or (2) %2e (encoded dot). CWE-200
Information Exposure 		CVE-2011-3502 2024-11-21 10:30 2011-09-17 Show GitHub Exploit DB Packet Storm
306280 - cogentdatahub cogent_datahub Integer overflow in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to cause a denial of service (crash) via a negative or large Content-Length value. CWE-189
Numeric Errors 		CVE-2011-3501 2024-11-21 10:30 2011-09-17 Show GitHub Exploit DB Packet Storm