Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 12:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4211	8.1	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-45301	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

4212	7.7	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45303	2026-05-20 13:27	2026-05-15	Show	GitHub Exploit DB Packet Storm

4213	6.1	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける代替 XSS 構文の不適切な無効化に関する脆弱性	CWE-87 代替 XSS 構文の不適切な無効化	CVE-2026-45314	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4214	8.7	重要 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性	CWE-434 CWE-646 CWE-79	CVE-2026-45315	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4215	3.5	低 Network	openwebui	open webui	openwebuiのopen webuiにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-45316	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4216	4.6	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける複数の脆弱性	CWE-20 CWE-352	CVE-2026-45317	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4217	5.4	警告 Network	openwebui	open webui	openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45318	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4218	8.5	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-45331	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4219	7.7	重要 Network	openwebui	open webui	openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-45338	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

4220	6.5	警告 Network	openwebui	open webui	openwebuiのopen webuiにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-45339	2026-05-20 13:26	2026-05-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
307151	2.4	LOW Physics	google	android	The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.	CWE-200 Information Exposure	CVE-2011-2343	2024-11-21 10:28	2020-02-13	Show	GitHub Exploit DB Packet Storm

307152	6.5	MEDIUM Network	mozilla	firefox	Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue in the validation of certificates.	CWE-295 Improper Certificate Validation	CVE-2011-2669	2024-11-21 10:28	2020-01-22	Show	GitHub Exploit DB Packet Storm

307153	8.8	HIGH Network	mozilla	firefox	Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header	NVD-CWE-noinfo	CVE-2011-2668	2024-11-21 10:28	2020-01-22	Show	GitHub Exploit DB Packet Storm

307154	9.8	CRITICAL Network	drupal	drupal data	An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names.	CWE-89 SQL Injection	CVE-2011-2715	2024-11-21 10:28	2020-01-15	Show	GitHub Exploit DB Packet Storm

307155	6.1	MEDIUM Network	drupal	drupal data	A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display.	CWE-79 Cross-site Scripting	CVE-2011-2714	2024-11-21 10:28	2020-01-15	Show	GitHub Exploit DB Packet Storm

307156	6.1	MEDIUM Network	snewscms	snews	A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71.	CWE-79 Cross-site Scripting	CVE-2011-2706	2024-11-21 10:28	2020-01-15	Show	GitHub Exploit DB Packet Storm

307157	6.1	MEDIUM Network	mozilla	firefox	Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets	CWE-79 Cross-site Scripting	CVE-2011-2670	2024-11-21 10:28	2020-01-13	Show	GitHub Exploit DB Packet Storm

307158	9.8	CRITICAL Network	linux redhat	dhcp6c enterprise_linux	The DHCPv6 client (dhcp6c) as used in the dhcpv6 project through 2011-07-25 allows remote DHCP servers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP messag…	CWE-74 Injection	CVE-2011-2717	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

307159	9.8	CRITICAL Network	vsftpd_project debian	vsftpd debian_linux	vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.	CWE-78 OS Command	CVE-2011-2523	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm

307160	5.3	MEDIUM Local	packagekit_project debian redhat	packagekit debian_linux enterprise_linux_server	PackageKit 0.6.17 allows installation of unsigned RPM packages as though they were signed which may allow installation of non-trusted packages and execution of arbitrary code.	CWE-732 Incorrect Permission Assignment for Critical Resource	CVE-2011-2515	2024-11-21 10:28	2019-11-28	Show	GitHub Exploit DB Packet Storm