Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3261 9.8 緊急
Network 		マイクロソフト Azure HorizonDB Azure HorizonDB Elevation of Privilege Vulnerability CWE-290
スプーフィングによる認証回避 		CVE-2026-48567 2026-06-8 12:28 2026-06-4 Show GitHub Exploit DB Packet Storm
3262 7.5 重要
Network 		マイクロソフト Microsoft Exchange Online Microsoft Exchange Online Information Disclosure Vulnerability CWE-285
不適切な認可 		CVE-2026-48579 2026-06-8 12:27 2026-06-4 Show GitHub Exploit DB Packet Storm
3263 9.1 緊急
Network 		CHORNY Apache::Session::Generate::ModUniqueId CHORNYのApache::Session::Generate::ModUniqueIdにおける予測可能な数字や識別子の生成に関する脆弱性 CWE-340
予測可能な数字や識別子の生成 		CVE-2026-5081 2026-06-8 12:27 2026-05-6 Show GitHub Exploit DB Packet Storm
3264 7.1 重要
Adjacent 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける重要な情報の平文での送信に関する脆弱性 CWE-319
重要な情報の平文での送信 		CVE-2026-8874 2026-06-8 12:27 2026-06-3 Show GitHub Exploit DB Packet Storm
3265 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2026-8881 2026-06-8 12:27 2026-06-3 Show GitHub Exploit DB Packet Storm
3266 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおける複数の脆弱性 CWE-1333
CWE-917
CVE-2026-8888 2026-06-8 12:27 2026-06-3 Show GitHub Exploit DB Packet Storm
3267 7.5 重要
Network 		Securly, Inc. Securly Securly, Inc.のSecurlyにおけるアルゴリズムの複雑さに関する脆弱性 CWE-407
アルゴリズムの複雑性 		CVE-2026-8889 2026-06-8 12:27 2026-06-3 Show GitHub Exploit DB Packet Storm
3268 9.8 緊急
Network 		IBM IBM Operations Analytics Log Analysis IBMのIBM Operations Analytics Log Analysisにおける脆弱なパスワードの要求に関する脆弱性 CWE-521
CWE-521
CVE-2024-40684 2026-06-8 12:27 2026-05-27 Show GitHub Exploit DB Packet Storm
3269 8.8 重要
Network 		IBM IBM Security QRadar SIEM IBMのIBM Security QRadar SIEMにおける複数の脆弱性 CWE-530
CWE-552
CVE-2024-56462 2026-06-8 12:27 2026-05-27 Show GitHub Exploit DB Packet Storm
3270 9.8 緊急
Network 		Python Software Foundation Python Python Software FoundationのPythonにおける複数の脆弱性 CWE-20
CWE-434
CWE-74
CVE-2025-13462 2026-06-8 12:27 2026-03-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
661 7.5 HIGH
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys … CWE-316
 Cleartext Storage of Sensitive Information in Memory 		CVE-2026-8636 2026-06-27 06:20 2026-06-23 Show GitHub Exploit DB Packet Storm
662 5.3 MEDIUM
Network 		ibm datacap
datacap_navigator 		IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, … CWE-425
 Direct Request ('Forced Browsing') 		CVE-2026-9610 2026-06-27 06:19 2026-06-23 Show GitHub Exploit DB Packet Storm
663 8.8 HIGH
Network 		misp-project misp The Azure Active Directory (AAD) authentication implementation contained multiple weaknesses in its OAuth 2.0 authorization flow that could allow attackers to bypass important security guarantees pro… CWE-384
 Session Fixation 		CVE-2026-56425 2026-06-27 05:33 2026-06-22 Show GitHub Exploit DB Packet Storm
664 7.5 HIGH
Network 		vllm vllm vLLM versions >= 0.10.2 and < 0.13.0 are missing sparse tensor validation in multimodal embeddings processing. Because PyTorch disables sparse tensor invariant checks by default, an attacker can subm… CWE-20
NVD-CWE-noinfo
 Improper Input Validation  		CVE-2026-56340 2026-06-27 05:29 2026-06-21 Show GitHub Exploit DB Packet Storm
665 7.5 HIGH
Network 		vllm vllm vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the Ope… CWE-1333
 Inefficient Regular Expression Complexity 		CVE-2025-71379 2026-06-27 05:25 2026-06-21 Show GitHub Exploit DB Packet Storm
666 7.5 HIGH
Network 		- - Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with… CWE-494
 Download of Code Without Integrity Check 		CVE-2021-47987 2026-06-27 05:22 2026-06-26 Show GitHub Exploit DB Packet Storm
667 5.4 MEDIUM
Network 		ibm engineering_workflow_management IBM Engineering Workflow Management 7.0.3 through 7.0.3 Interim Fix 020, and 7.1 through 7.1 Interim Fix 007 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to … CWE-79
Cross-site Scripting 		CVE-2025-33128 2026-06-27 05:20 2026-06-22 Show GitHub Exploit DB Packet Storm
668 5.0 MEDIUM
Network 		jenkins git_client Jenkins Git client Plugin 6.6.0 and earlier does not correctly escape the workspace directory name when it is embedded into a generated SSH wrapper script, allowing attackers able to control the name… CWE-78
OS Command  		CVE-2026-57282 2026-06-27 05:20 2026-06-24 Show GitHub Exploit DB Packet Storm
669 5.9 MEDIUM
Network 		- - Nx is a monorepo solution for TypeScript and polyglot codebases. From 17.0.4 until 22.7.2 and 23.0.0-beta.2, the local HTTP server started by nx graph sent Access-Control-Allow-Origin: * on every res… CWE-749
CWE-942
 Exposed Dangerous Method or Function
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-54753 2026-06-27 05:20 2026-06-27 Show GitHub Exploit DB Packet Storm
670 7.5 HIGH
Network 		- - OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the journal diff endpoint discloses hidden historical field values without enforcing object and field vi… CWE-200
CWE-862
Information Exposure
 Missing Authorization 		CVE-2026-47193 2026-06-27 05:20 2026-06-27 Show GitHub Exploit DB Packet Storm