Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
6671	7.2	重要 Network	D-Link Systems, Inc.	di-8100 ファームウェア	D-Link Corporationのdi-8100 ファームウェアにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-7855	2026-05-8 12:20	2026-05-5	Show	GitHub Exploit DB Packet Storm

6672	7.2	重要 Network	D-Link Systems, Inc.	di-8100 ファームウェア	D-Link Corporationのdi-8100 ファームウェアにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-7856	2026-05-8 12:20	2026-05-5	Show	GitHub Exploit DB Packet Storm

6673	7.2	重要 Network	D-Link Systems, Inc.	di-8100 ファームウェア	D-Link Corporationのdi-8100 ファームウェアにおける複数の脆弱性	CWE-119 CWE-120	CVE-2026-7857	2026-05-8 12:20	2026-05-5	Show	GitHub Exploit DB Packet Storm

6674	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける不変と仮定される Web パラメータの外部制御に関する脆弱性	CWE-472 不変と仮定される Web パラメータの外部制御	CVE-2026-7896	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6675	7.5	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7897	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6676	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7898	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6677	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける複数の脆弱性	CWE-125 CWE-787	CVE-2026-7899	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6678	8.3	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおけるヒープベースのバッファオーバーフローの脆弱性	CWE-122 ヒープオーバーフロー	CVE-2026-7900	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6679	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2026-7901	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

6680	8.8	重要 Network	Google	Google Chrome	GoogleのGoogle Chromeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-7902	2026-05-8 12:19	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1141	6.5	MEDIUM Network	-	-	pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm and pacquet expanded ${ENV_VAR} placeholders from repository-controlled .npmrc and pnpm-workspace.yaml into registry request destinations …	CWE-200 CWE-201 CWE-522 Information Exposure Insertion of Sensitive Information Into Sent Data Insufficiently Protected Credentials	CVE-2026-55180	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1142	5.9	MEDIUM Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the POST /api/auth/2fa/backup/regenerate endpoint regenerates all 2FA backup codes without requiring an…	CWE-306 Missing Authentication for Critical Function	CVE-2026-54040	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1143	6.5	MEDIUM Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2025-7105 added forkIpLimiter and forkUserLimiter rate limiters to POST /api/convos/for…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-54037	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1144	7.7	HIGH Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, LibreChat allows users to configure custom OpenAI-compatible API endpoints by setting a baseURL. This U…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-54033	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1145	5.4	MEDIUM Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, there is a vulnerability in LibreChat's markdown artifact preview pipeline. The marked library v15.0.12…	CWE-79 Cross-site Scripting	CVE-2026-54025	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1146	6.5	MEDIUM Network	-	-	LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. Prior to 0.8.4-rc1, the fix for CVE-2024-11171 (commit bb58a2d0) added limits: { fileSize } to createMulterInstance() in th…	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-54024	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1147	7.3	HIGH Network	-	-	pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm's patch application pipeline (@pnpm/patch-package) performs no path validation on file paths extracted from .patch files. An attacker who …	CWE-22 Path Traversal	CVE-2026-50015	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1148	7.5	HIGH Network	-	-	Zephyr's IPv6 network stack can be prevented from receiving or processing future incoming packets by sending a small number of maliciously fragmented IPv6 packets. When such a packet is handled by th…	CWE-772 Missing Release of Resource after Effective Lifetime	CVE-2026-13351	2026-06-26 04:16	2026-06-26	Show	GitHub Exploit DB Packet Storm

1149	7.5	HIGH Network	-	-	An issue in the st_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61023	2026-06-26 04:16	2026-06-24	Show	GitHub Exploit DB Packet Storm

1150	8.7	HIGH Local	-	-	Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0) validates only file presence and a version marker strin…	CWE-353 Missing Support for Integrity Check	CVE-2026-7574	2026-06-26 04:14	2026-06-24	Show	GitHub Exploit DB Packet Storm