Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 18, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1001	7.8	重要 Local	Synology Inc.	Active Backup for Business Recovery Media Creator	Synology Inc.のActive Backup for Business Recovery Media Creatorにおける信頼できない制御領域からの機能の組み込みに関する脆弱性	CWE-829 信頼性のない制御領域からの機能の組み込み	CVE-2022-49036	2026-06-11 16:14	2026-06-3	Show	GitHub Exploit DB Packet Storm

1002	5.5	警告 Local	cilium	eBPF	ciliumのeBPFにおける複数の脆弱性	CWE-189 CWE-190	CVE-2026-10722	2026-06-11 16:14	2026-06-3	Show	GitHub Exploit DB Packet Storm

1003	7.5	重要 Network	CRUX	Protocol::HTTP2	CRUXのProtocol::HTTP2における高圧縮データの処理 (データ増幅)に関する脆弱性	CWE-409 高圧縮データの不適切な処理 (データ増幅)	CVE-2026-10725	2026-06-11 16:14	2026-06-6	Show	GitHub Exploit DB Packet Storm

1004	6.1	警告 Network	HCL Technologies Limited	Digital Experience Compose digital experience	HCL Technologies Limitedのdigital experience等の複数製品におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-21825	2026-06-11 16:14	2026-06-5	Show	GitHub Exploit DB Packet Storm

1005	6.1	警告 Network	HCL Technologies Limited	Digital Experience Compose digital experience	HCL Technologies Limitedのdigital experience等の複数製品におけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-21826	2026-06-11 16:14	2026-06-5	Show	GitHub Exploit DB Packet Storm

1006	8.8	重要 Network	HCL Technologies Limited	Digital Experience Compose digital experience	HCL Technologies Limitedのdigital experience等の複数製品におけるOS コマンドインジェクションの脆弱性	CWE-78 OSコマンド・インジェクション	CVE-2026-21837	2026-06-11 16:14	2026-06-5	Show	GitHub Exploit DB Packet Storm

1007	5.3	警告 Local	LMSYS Org	SGLang	LMSYS OrgのSGLangにおけるリソースの不適切なシャットダウンおよびリリースに関する脆弱性	CWE-404 リソースの不適切なシャットダウンおよびリリース	CVE-2026-10775	2026-06-11 16:14	2026-06-3	Show	GitHub Exploit DB Packet Storm

1008	2.5	低 Local	Gradio project	Gradio	Gradio projectのGradioにおける複数の脆弱性	CWE-327 CWE-328	CVE-2026-10783	2026-06-11 16:14	2026-06-4	Show	GitHub Exploit DB Packet Storm

1009	4.7	警告 Local	snowflake	streamlit	Snowflake Inc.のStreamlitにおける複数の脆弱性	CWE-327 CWE-328	CVE-2026-10804	2026-06-11 16:14	2026-06-4	Show	GitHub Exploit DB Packet Storm

1010	7	重要 Local	Milvus	Milvus	Milvusにおける複数の脆弱性	CWE-327 CWE-328	CVE-2026-10814	2026-06-11 16:14	2026-06-4	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
255861	7.5	HIGH Network	gnu	binutils	GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow (of size 1) while attempting to unget an EOF character from the input stream, potentially leading to a program crash.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-7223	2024-11-21 12:31	2017-03-23	Show	GitHub Exploit DB Packet Storm

255862	6.1	MEDIUM Network	mantisbt	mantisbt	A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' i…	CWE-79 Cross-site Scripting	CVE-2017-7222	2024-11-21 12:31	2017-03-22	Show	GitHub Exploit DB Packet Storm

255863	6.1	MEDIUM Network	misp_project	misp	Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4…	CWE-79 Cross-site Scripting	CVE-2017-7215	2024-11-21 12:31	2017-03-22	Show	GitHub Exploit DB Packet Storm

255864	9.8	CRITICAL Network	openstack	nova	An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. Legacy notification exception contexts appearing in ERROR level lo…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2017-7214	2024-11-21 12:31	2017-03-22	Show	GitHub Exploit DB Packet Storm

255865	5.5	MEDIUM Local	gnu	binutils	objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-7210	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm

255866	5.5	MEDIUM Local	gnu	binutils	The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash.	CWE-476 NULL Pointer Dereference	CVE-2017-7209	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm

255867	7.1	HIGH Local	libav	libav	The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264…	CWE-125 Out-of-bounds Read	CVE-2017-7208	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm

255868	5.5	MEDIUM Local	artifex	ghostscript	The mem_get_bits_rectangle function in Artifex Software, Inc. Ghostscript 9.20 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PostScript document.	CWE-476 NULL Pointer Dereference	CVE-2017-7207	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm

255869	7.1	HIGH Local	libav	libav	The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory v…	CWE-125 Out-of-bounds Read	CVE-2017-7206	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm

255870	6.1	MEDIUM Network	gamepanelx	gamepanelx-v3	A Cross-Site Scripting (XSS) was discovered in GamePanelX-V3 3.0.12. The vulnerability exists due to insufficient filtration of user-supplied data (a) passed to the "GamePanelX-V3-master/ajax/ajax.ph…	CWE-79 Cross-site Scripting	CVE-2017-7205	2024-11-21 12:31	2017-03-21	Show	GitHub Exploit DB Packet Storm