Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
6361	7.5	重要 Network	Quantum Networks	QN-I-470 Firmware	Quantum NetworksのQN-I-470 Firmwareにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-41039	2026-05-8 12:11	2026-04-21	Show	GitHub Exploit DB Packet Storm

6362	8.8	重要 Adjacent	D-Link Systems, Inc.	DIR-605L ファームウェア	D-Link CorporationのDIR-605L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42372	2026-05-8 12:11	2026-05-4	Show	GitHub Exploit DB Packet Storm

6363	8.8	重要 Adjacent	D-Link Systems, Inc.	DIR-605L ファームウェア	D-Link CorporationのDIR-605L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42373	2026-05-8 12:11	2026-05-4	Show	GitHub Exploit DB Packet Storm

6364	8.8	重要 Adjacent	D-Link Systems, Inc.	DIR-600L ファームウェア	D-Link CorporationのDIR-600L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42374	2026-05-8 12:11	2026-05-4	Show	GitHub Exploit DB Packet Storm

6365	8.8	重要 Adjacent	D-Link Systems, Inc.	DIR-600L ファームウェア	D-Link CorporationのDIR-600L ファームウェアにおけるハードコードされた認証情報の使用に関する脆弱性	CWE-798 ハードコードされた認証情報の使用	CVE-2026-42375	2026-05-8 12:11	2026-05-4	Show	GitHub Exploit DB Packet Storm

6366	9.8	緊急 Network	MIYAGAWA (Tatsuhiko Miyagawa)	Plack::Middleware::Session::Cookie	MIYAGAWA (Tatsuhiko Miyagawa)のPlack::Middleware::Session::Cookieにおける検証および完全性チェックを行っていない Cookie への依存に関する脆弱性	CWE-565 検証および完全性チェックを行っていない Cookie への依存	CVE-2014-125112	2026-05-8 12:11	2026-03-26	Show	GitHub Exploit DB Packet Storm

6367	7.5	重要 Network	Lobster DATA GmbH	Lobster_pro	Lobster DATA GmbHのLobster_proにおけるXML 外部エンティティの脆弱性	CWE-611 XML 外部エンティティ参照の不適切な制限	CVE-2024-13971	2026-05-8 12:11	2026-04-30	Show	GitHub Exploit DB Packet Storm

6368	9.8	緊急 Network	D-Link Systems, Inc.	DIR-1253 Firmware	D-Link CorporationのDIR-1253 Firmwareにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2025-29165	2026-05-8 12:11	2026-03-5	Show	GitHub Exploit DB Packet Storm

6369	4.4	警告 Local	IBM	Planning Analytics Advanced Certified Containers	IBMのPlanning Analytics Advanced Certified Containersにおける複数の脆弱性	CWE-312 CWE-526	CVE-2025-36105	2026-05-8 12:11	2026-03-10	Show	GitHub Exploit DB Packet Storm

6370	6.1	警告 Network	IBM	IBM InfoSphere Data Architect	IBMのIBM InfoSphere Data Architectにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-36173	2026-05-8 12:11	2026-03-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1831	8.2	HIGH Network	-	-	Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite paramete…	CWE-89 SQL Injection	CVE-2017-20256	2026-06-23 12:16	2026-06-20	Show	GitHub Exploit DB Packet Storm

1832	-		-	-	Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site S…	CWE-79 Cross-site Scripting	CVE-2026-50556	2026-06-23 07:16	2026-06-23	Show	GitHub Exploit DB Packet Storm

1833	7.8	HIGH Local	-	-	Comodo Chromodo Browser 52.15.25.664 contains an unquoted service path vulnerability in the ChromodoUpdater service that runs with SYSTEM privileges. A local attacker can insert a malicious executabl…	CWE-428 Unquoted Search Path or Element	CVE-2016-20088	2026-06-23 06:16	2026-06-20	Show	GitHub Exploit DB Packet Storm

1834	7.8	HIGH Local	-	-	Comodo Dragon Browser versions up to 52.15.25.663 contain a privilege escalation vulnerability in the DragonUpdater service due to an unquoted service path running with SYSTEM privileges. A local att…	CWE-428 Unquoted Search Path or Element	CVE-2016-20090	2026-06-23 06:16	2026-06-20	Show	GitHub Exploit DB Packet Storm

1835	4.3	MEDIUM Network	-	-	vLLM versions >= 0.6.3 and < 0.9.0 contain multiple regular expression denial of service (ReDoS) vulnerabilities. Several regex patterns — in vllm/lora/utils.py, the phi4mini tool parser, and the Ope…	CWE-1333 Inefficient Regular Expression Complexity	CVE-2025-71379	2026-06-23 06:16	2026-06-21	Show	GitHub Exploit DB Packet Storm

1836	8.8	HIGH Network	-	-	PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_…	CWE-863 Incorrect Authorization	CVE-2026-56075	2026-06-23 06:15	2026-06-19	Show	GitHub Exploit DB Packet Storm

1837	8.1	HIGH Network	-	-	PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks au…	CWE-942 Permissive Cross-domain Policy with Untrusted Domains	CVE-2026-56076	2026-06-23 06:15	2026-06-19	Show	GitHub Exploit DB Packet Storm

1838	7.8	HIGH Local	-	-	Realtek High Definition Audio Driver 6.0.1.6730 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by placing a malicious executable in the service pat…	CWE-428 Unquoted Search Path or Element	CVE-2016-20085	2026-06-23 06:14	2026-06-20	Show	GitHub Exploit DB Packet Storm

1839	7.8	HIGH Local	-	-	TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can p…	CWE-428 Unquoted Search Path or Element	CVE-2020-37250	2026-06-23 06:14	2026-06-20	Show	GitHub Exploit DB Packet Storm

1840	7.8	HIGH Local	-	-	Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers c…	CWE-428 Unquoted Search Path or Element	CVE-2016-20091	2026-06-23 06:14	2026-06-20	Show	GitHub Exploit DB Packet Storm