Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1111	9.9	緊急 Network	オラクル	Oracle WebCenter Portal	オラクルのOracle WebCenter Portalにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46847	2026-06-22 11:53	2026-06-17	Show	GitHub Exploit DB Packet Storm

1112	7.9	重要 Local	オラクル	Oracle WebLogic Server	オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46848	2026-06-22 11:53	2026-06-17	Show	GitHub Exploit DB Packet Storm

1113	8.1	重要 Network	オラクル	PeopleSoft Enterprise CS Campus Community	オラクルのPeopleSoft Enterprise CS Campus Communityにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-46851	2026-06-22 11:53	2026-06-17	Show	GitHub Exploit DB Packet Storm

1114	9.9	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-46852	2026-06-22 11:53	2026-06-17	Show	GitHub Exploit DB Packet Storm

1115	9.6	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-46853	2026-06-22 11:53	2026-06-17	Show	GitHub Exploit DB Packet Storm

1116	9.9	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46854	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

1117	9.9	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46855	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

1118	9.6	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-noinfo	CVE-2026-46856	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

1119	9.8	緊急 Network		-	オラクルのEnterprise Manager Base Platformにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46857	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

1120	9.1	緊急 Network	オラクル	Oracle Application Performance Management	オラクルのOracle Application Performance Managementにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46858	2026-06-22 11:52	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1071	-		-	-	SYMCRYPTO is the SiXG301's host side hardware engine accessed by PSA crypto library that accelerates symmetric cryptographic operations (AES encryption/decryption and hashing). DPA Countermeasures …	CWE-331 Insufficient Entropy	CVE-2026-4930	2026-06-26 05:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

1072	-		-	-	Jellyfin is an open source self hosted media server. Prior to 10.11.10, a specifically crafted MKV file containing forged filename tags can be leveraged to exploit missing path sanitization during pl…	CWE-22 Path Traversal	CVE-2026-49246	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

1073	8.8	HIGH Network	-	-	Warp is an agentic development environment. From 0.2025.03.05.08.02.stable_00 until 0.2026.05.06.15.42.stable_01, Warp accepts non-inline `OSC 1337;File` payloads from terminal output and materialize…	CWE-20 CWE-73 Improper Input Validation External Control of File Name or Path	CVE-2026-48720	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

1074	5.3	MEDIUM Network	-	-	swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validatio…	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-28898	2026-06-26 05:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

1075	-		-	-	FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's __call method accepts an order_id parameter and fetches the associ…	CWE-284 CWE-639 CWE-862 Improper Access Control Authorization Bypass Through User-Controlled Key Missing Authorization	CVE-2026-27708	2026-06-26 05:17	2026-06-25	Show	GitHub Exploit DB Packet Storm

1076	7.5	HIGH Network	-	-	List::SomeUtils::XS versions before 0.59 for Perl have a heap buffer overflow in the pairwise function. pairwise() collects the values returned by the block into a heap buffer sized to the longer in…	CWE-122 CWE-787 Heap-based Buffer Overflow Out-of-bounds Write	CVE-2026-12844	2026-06-26 05:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

1077	7.5	HIGH Network	-	-	An issue in the sqlo_natural_join_cond component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61021	2026-06-26 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1078	7.5	HIGH Network	-	-	An issue in the sqlo_key_part_best component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61019	2026-06-26 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

1079	7.5	HIGH Network	-	-	The Aclara Metrum Cellular Web Interface is vulnerable to unauthorized access due to the absence of authentication controls on critical system functions. This weakness exposes essential configuration…	CWE-306 Missing Authentication for Critical Function	CVE-2026-1840	2026-06-26 05:16	2026-06-25	Show	GitHub Exploit DB Packet Storm

1080	-		-	-	Horner Automation Cscape versions prior to 10.2 SP3 are vulnerable to an Out-of-Bounds Read vulnerability through parsing CSP files. Successful exploitation of this vulnerability could allow an attac…	CWE-125 Out-of-bounds Read	CVE-2026-12897	2026-06-26 05:16	2026-06-26	Show	GitHub Exploit DB Packet Storm