Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 18, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 151 | 7.5 |
重要
Network |
Express.js | Multer | Express.jsのMulterにおける不完全なクリーンアップに関する脆弱性 New |
CWE-459
不完全なクリーンアップ |
CVE-2026-5038 | 2026-06-17 15:39 | 2026-06-15 | Show | GitHub Exploit DB Packet Storm |
| 152 | 7.5 |
重要
Network |
Express.js | Multer | Express.jsのMulterにおけるリソースの枯渇に関する脆弱性 New |
CWE-400
リソースの枯渇 |
CVE-2026-5079 | 2026-06-17 15:39 | 2026-06-15 | Show | GitHub Exploit DB Packet Storm |
| 153 | 8.1 |
重要
Network |
Zoom Video Communications, Inc. |
Zoom Meeting SDK Zoom Workplace |
Zoom Video Communications, Inc.のZoom Meeting SDK等の複数製品におけるカスタム URL スキームのハンドラの不適切な認可に関する脆弱性 New |
CWE-939
カスタム URL スキームのハンドラの不適切な認可 |
CVE-2026-53408 | 2026-06-17 15:39 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 154 | 6.6 |
警告
Local |
OpenClaw | OpenClaw | OpenClawにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-53820 | 2026-06-17 15:39 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 155 | 8.8 |
重要
Network |
OpenClaw | OpenClaw | OpenClawにおける認証の欠如に関する脆弱性 New |
CWE-862
認証の欠如 |
CVE-2026-53821 | 2026-06-17 15:39 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 156 | 8.8 |
重要
Network |
OpenClaw | OpenClaw | OpenClawにおける複数の脆弱性 New |
CWE-367 CWE-77 |
CVE-2026-53822 | 2026-06-17 15:39 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 157 | 8.1 |
重要
Network |
OpenClaw | OpenClaw | OpenClawにおけるスプーフィングによる認証回避に関する脆弱性 New |
CWE-290
スプーフィングによる認証回避 |
CVE-2026-53823 | 2026-06-17 15:38 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 158 | 6.5 |
警告
Network |
OpenClaw | OpenClaw | OpenClawにおけるセッション期限に関する脆弱性 New |
CWE-613
不適切なセッション期限 |
CVE-2026-53824 | 2026-06-17 15:38 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 159 | 6.5 |
警告
Network |
OpenClaw | OpenClaw | OpenClawにおけるパストラバーサルの脆弱性 New |
CWE-22
パス・トラバーサル |
CVE-2026-53825 | 2026-06-17 15:38 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
| 160 | 4.3 |
警告
Network |
OpenClaw | OpenClaw | OpenClawにおける誤った領域へのリソースの漏えいに関する脆弱性 New |
CWE-668
誤った領域へのリソースの漏えい |
CVE-2026-53826 | 2026-06-17 15:38 | 2026-06-12 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 18, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255161 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus firefox thu… |
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird < 52.3, Fir… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7786 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255162 | 5.3 |
MEDIUM
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert fr…
|
CWE-20
|
Improper Input Validation
CVE-2017-7791
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255163 | 7.5 |
HIGH
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. Thi…
|
CWE-200
|
Information Exposure
CVE-2017-7787
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255164 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
A buffer overflow can occur when manipulating Accessible Rich Internet Applications (ARIA) attributes within the DOM. This results in a potentially exploitable crash. This vulnerability affects Thund…
|
CWE-119
|
Incorrect Access of Indexable Resource ('Range Error')
CVE-2017-7785
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255165 | 9.8 |
CRITICAL
Network |
debian redhat mozilla |
debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux enterprise_linux_server_aus enterprise_linux_server_eus thunderbird
A use-after-free vulnerability can occur when reading an image observer during frame reconstruction after the observer has been freed. This results in a potentially exploitable crash. This vulnerabil…
|
CWE-416
|
Use After Free
CVE-2017-7784
|
2024-11-21 12:32 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 255166 | 7.5 |
HIGH
Network |
mozilla | firefox | If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash… |
CWE-20
Improper Input Validation |
CVE-2017-7783 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255167 | 5.3 |
MEDIUM
Network |
mozilla |
firefox firefox_esr thunderbird |
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is allocated but never protected, violating DEP protections. Note: This attack only affects Windows operating sys… |
CWE-269
Improper Privilege Management |
CVE-2017-7782 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255168 | 5.9 |
MEDIUM
Network |
mozilla | firefox | An error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates where it can yield a result "POINT_AT_INFINITY" when it should not. A man-in-the-middle atta… |
NVD-CWE-noinfo
|
CVE-2017-7781 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255169 | 9.8 |
CRITICAL
Network |
mozilla | firefox | Memory safety bugs were reported in Firefox 54. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary c… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2017-7780 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |
| 255170 | 9.8 |
CRITICAL
Network |
mozilla debian sil |
firefox thunderbird firefox_esr debian_linux graphite2 |
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory. These issues were addressed in Gra… |
CWE-119 CWE-125 CWE-787 Incorrect Access of Indexable Resource ('Range Error') Out-of-bounds Read Out-of-bounds Write |
CVE-2017-7778 | 2024-11-21 12:32 | 2018-06-12 | Show | GitHub Exploit DB Packet Storm |