Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
161 8.8 重要
Network 		OpenClaw OpenClaw OpenClawにおける不正な認証に関する脆弱性 New CWE-863
不正な認証 		CVE-2026-53828 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
162 8 重要
Network 		OpenClaw OpenClaw OpenClawにおけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性 New CWE-451
ユーザインターフェースにおける重要情報の誤った表示 		CVE-2026-53829 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
163 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおけるセッション期限に関する脆弱性 New CWE-613
不適切なセッション期限 		CVE-2026-53830 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
164 8.1 重要
Network 		OpenClaw OpenClaw OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New CWE-367
CWE-noinfo
CVE-2026-53831 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
165 9.8 緊急
Network 		OpenClaw OpenClaw OpenClawにおけるTime-of-check Time-of-use (TOCTOU) 競合状態の脆弱性 New CWE-367
Time-of-check Time-of-use (TOCTOU) 競合状態 		CVE-2026-53838 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
166 6.5 警告
Network 		OpenClaw OpenClaw OpenClawにおける要素の欠如による不完全な比較に関する脆弱性 New CWE-1023
要素の欠如による不完全な比較 		CVE-2026-53839 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
167 5 警告
Local 		Kovidgoyal Kitty KovidgoyalのKittyにおける複数の脆弱性 New CWE-367
CWE-426
CWE-59
CVE-2026-54055 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
168 7.1 重要
Network 		Kovidgoyal Kitty KovidgoyalのKittyにおけるリンク解釈に関する脆弱性 New CWE-59
リンク解釈の問題 		CVE-2026-54056 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
169 7.8 重要
Local 		Kovidgoyal Kitty KovidgoyalのKittyにおける複数の脆弱性 New CWE-150
CWE-94
CVE-2026-54057 2026-06-17 15:38 2026-06-12 Show GitHub Exploit DB Packet Storm
170 7.7 重要
Network 		Mattermost, Inc. Mattermost Desktop Mattermost, Inc.のMattermost Desktopにおける認証情報の不十分な保護に関する脆弱性 New CWE-522
認証情報の不十分な保護 		CVE-2026-6517 2026-06-17 15:38 2026-06-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
255701 7.5 HIGH
Network 		netapp oncommand_unified_manager_core_package NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to obtain sensitive information via vectors involving error messages. CWE-200
Information Exposure 		CVE-2017-7439 2024-11-21 12:31 2017-05-26 Show GitHub Exploit DB Packet Storm
255702 7.5 HIGH
Network 		netapp oncommand_unified_manager_core_package SQL injection vulnerability in NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89
SQL Injection 		CVE-2017-7236 2024-11-21 12:31 2017-05-26 Show GitHub Exploit DB Packet Storm
255703 6.1 MEDIUM
Network 		synacor zimbra_collaboration_suite Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS) before 8.7.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2017-7288 2024-11-21 12:31 2017-05-23 Show GitHub Exploit DB Packet Storm
255704 5.5 MEDIUM
Local 		cairographics cairo Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash. CWE-476
 NULL Pointer Dereference 		CVE-2017-7475 2024-11-21 12:31 2017-05-20 Show GitHub Exploit DB Packet Storm
255705 6.5 MEDIUM
Network 		micro_focus vibe An absolute path traversal vulnerability (CWE-36) in Micro Focus Vibe 4.0.2 and earlier allows a remote authenticated attacker to download arbitrary files from the server by submitting a specially cr… CWE-22
Path Traversal 		CVE-2017-7433 2024-11-21 12:31 2017-05-18 Show GitHub Exploit DB Packet Storm
255706 6.5 MEDIUM
Network 		openvpn openvpn OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker. CWE-617
 Reachable Assertion 		CVE-2017-7479 2024-11-21 12:31 2017-05-16 Show GitHub Exploit DB Packet Storm
255707 7.5 HIGH
Network 		openvpn openvpn OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2. CWE-20
 Improper Input Validation  		CVE-2017-7478 2024-11-21 12:31 2017-05-16 Show GitHub Exploit DB Packet Storm
255708 10.0 CRITICAL
Network 		zohocorp manageengine_desktop_central Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors. CWE-20
 Improper Input Validation  		CVE-2017-7213 2024-11-21 12:31 2017-05-15 Show GitHub Exploit DB Packet Storm
255709 7.5 HIGH
Network 		postgresql postgresql PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which discloses foreign server passwords to any user having USAGE privilege on the associated foreign server. CWE-200
Information Exposure 		CVE-2017-7486 2024-11-21 12:31 2017-05-13 Show GitHub Exploit DB Packet Storm
255710 5.9 MEDIUM
Network 		postgresql postgresql In PostgreSQL 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3, it was found that the PGREQUIRESSL environment variable was no longer enforcing a SSL/TLS connectio… CWE-311
Missing Encryption of Sensitive Data 		CVE-2017-7485 2024-11-21 12:31 2017-05-13 Show GitHub Exploit DB Packet Storm