Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3411	5.5	警告 Local	Zeit, Inc.	Vercel CLI	Vercel, Inc. (旧 Zeit, Inc.)のVercel CLIにおける複数の脆弱性	CWE-200 CWE-532	CVE-2026-44479	2026-06-8 11:46	2026-05-13	Show	GitHub Exploit DB Packet Storm

3412	5.3	警告 Network	Open Quantum Safe	liboqs	Open Quantum Safeのliboqsにおける複数の脆弱性	CWE-125 CWE-20	CVE-2026-44518	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

3413	5.4	警告 Adjacent	MacGregor	Interschalt VDR G4e Firmware	MacGregorのInterschalt VDR G4e Firmwareにおける強度が不十分なパスワードハッシュの使用に関する脆弱性	CWE-916 強度が不十分なパスワードハッシュの使用	CVE-2026-44611	2026-06-8 11:46	2026-05-29	Show	GitHub Exploit DB Packet Storm

3414	6.5	警告 Network	librechat	librechat	LibreChatにおける送信データへの重要な情報の挿入に関する脆弱性	CWE-201 CWE-noinfo	CVE-2026-44653	2026-06-8 11:46	2026-06-2	Show	GitHub Exploit DB Packet Storm

3415	8.1	重要 Network	librechat	librechat	LibreChatにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-44654	2026-06-8 11:46	2026-06-2	Show	GitHub Exploit DB Packet Storm

3416	8.1	重要 Network	Broadcom	RabbitMQ Server	BroadcomのRabbitMQ Serverにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-44838	2026-06-8 11:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

3417	4.8	警告 Network	Broadcom	RabbitMQ Server	BroadcomのRabbitMQ Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-80 クロスサイトスクリプティング (Basic XSS)	CVE-2026-44839	2026-06-8 11:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

3418	4.9	警告 Network	OpenStack	OpenStack Ironic	OpenStackのOpenStack Ironicにおける領域間での誤ったリソース移動に関する脆弱性	CWE-669 領域間での誤ったリソース移動	CVE-2026-44917	2026-06-8 11:46	2026-06-4	Show	GitHub Exploit DB Packet Storm

3419	7.5	重要 Network	go-git project	go-git	go-git projectのgo-gitにおける複数の脆弱性	CWE-180 CWE-345	CVE-2026-45022	2026-06-8 11:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

3420	2.7	低 Network	Matrix	Synapse	ElementのSynapseにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-45076	2026-06-8 11:46	2026-05-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
491	8.8	HIGH Network	jenkins	script_security	Jenkins Script Security Plugin 1402.v94c9ce464861 and earlier does not intercept the implicit type casts applied to the elements of typed for-each loops in sandboxed Groovy scripts, allowing attacker… New	CWE-693 Protection Mechanism Failure	CVE-2026-57280	2026-06-27 04:59	2026-06-24	Show	GitHub Exploit DB Packet Storm

492	4.3	MEDIUM Network	hono	hono	hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using malformed attribute names. Attackers can craft speci… New	CWE-79 Cross-site Scripting	CVE-2026-56761	2026-06-27 04:59	2026-06-24	Show	GitHub Exploit DB Packet Storm

493	7.5	HIGH Network	docling	docling	Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. Prior to 2.91.0, the EasyOCR model download functionality extracted ZIP … New	CWE-22 Path Traversal	CVE-2026-44017	2026-06-27 04:58	2026-06-25	Show	GitHub Exploit DB Packet Storm

494	7.5	HIGH Network	docling	docling	Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard … New	CWE-776 XML Entity Expansion	CVE-2026-44020	2026-06-27 04:58	2026-06-25	Show	GitHub Exploit DB Packet Storm

495	5.5	MEDIUM Local	docling	docling	Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.73.0 until 2.91.0, he LaTeX backend's handling of \includegraphic… New	CWE-22 Path Traversal	CVE-2026-44022	2026-06-27 04:58	2026-06-25	Show	GitHub Exploit DB Packet Storm

496	5.5	MEDIUM Local	gpac	gpac	GPAC Multimedia Open Source Project GPAC Project/MP4Box 2.5-DEV-rev1593-gfe88c3545-master is affected by: Buffer Overflow. The impact is: cause a denial of service (local). The component is: filter_c… New	CWE-122 Heap-based Buffer Overflow	CVE-2025-60468	2026-06-27 04:56	2026-06-25	Show	GitHub Exploit DB Packet Storm

497	5.3	MEDIUM Network	fastapiexpert	python-multipart	Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) headers with email.message.Message, which transparentl… New	CWE-20 CWE-436 Improper Input Validation Interpretation Conflict	CVE-2026-53537	2026-06-27 04:54	2026-06-23	Show	GitHub Exploit DB Packet Storm

498	3.7	LOW Network	fastapiexpert	python-multipart	Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATW… New	CWE-436 CWE-444 Interpretation Conflict HTTP Request Smuggling	CVE-2026-53538	2026-06-27 04:52	2026-06-23	Show	GitHub Exploit DB Packet Storm

499	7.5	HIGH Network	-	-	Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, when the %REQUESTED_SERVER_NAME(X:Y)% is used in log format and host relate… New	CWE-476 NULL Pointer Dereference	CVE-2026-47220	2026-06-27 04:50	2026-06-27	Show	GitHub Exploit DB Packet Storm

500	5.9	MEDIUM Network	-	-	Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight a… New	CWE-416 Use After Free	CVE-2026-48090	2026-06-27 04:50	2026-06-27	Show	GitHub Exploit DB Packet Storm