Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 12:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
161 7.5 重要
Network 		Stichting NLnet Labs NSD NLnet LabsのNSDにおける解放済みメモリの使用に関する脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-12245 2026-06-29 11:25 2026-06-25 Show GitHub Exploit DB Packet Storm
162 8.1 重要
Network 		Stichting NLnet Labs NSD NLnet LabsのNSDにおける複数の脆弱性 New CWE-120
CWE-20
CVE-2026-12246 2026-06-29 11:25 2026-06-25 Show GitHub Exploit DB Packet Storm
163 6.1 警告
Network 		PowerSchool Inc. Employee Access Center PowerSchool Inc.のEmployee Access Centerにおけるクロスサイトスクリプティングの脆弱性 New CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-12425 2026-06-29 11:25 2026-06-16 Show GitHub Exploit DB Packet Storm
164 7.5 重要
Network 		Stichting NLnet Labs NSD NLnet LabsのNSDにおける複数の脆弱性 New CWE-284
CWE-306
CVE-2026-12490 2026-06-29 11:25 2026-06-25 Show GitHub Exploit DB Packet Storm
165 7.1 重要
Local 		シーメンス SIMATIC WinCC Unified PC Runtime シーメンスのSIMATIC WinCC Unified PC Runtimeにおけるファイル内またはディスク上の平文保存に関する脆弱性 New CWE-313
ファイル内またはディスク上の平文保存 		CVE-2026-24349 2026-06-29 11:25 2026-06-9 Show GitHub Exploit DB Packet Storm
166 8.2 重要
Network 		Docling Docling Doclingにおける複数の脆弱性 New CWE-918
CWE-94
CVE-2026-44016 2026-06-29 11:25 2026-06-24 Show GitHub Exploit DB Packet Storm
167 7.5 重要
Network 		Docling Docling Doclingにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-44017 2026-06-29 11:25 2026-06-24 Show GitHub Exploit DB Packet Storm
168 7.5 重要
Network 		Docling Docling DoclingにおけるDTD の再帰的なエンティティ参照の不適切な制限に関する脆弱性 New CWE-776
DTD の再帰的なエンティティ参照の不適切な制限 		CVE-2026-44020 2026-06-29 11:25 2026-06-24 Show GitHub Exploit DB Packet Storm
169 5.5 警告
Local 		Docling Docling Doclingにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-44022 2026-06-29 11:25 2026-06-24 Show GitHub Exploit DB Packet Storm
170 8.8 重要
Network 		Dokku Dokku Dokkuにおけるリンク解釈に関する脆弱性 New CWE-59
リンク解釈の問題 		CVE-2026-45405 2026-06-29 11:24 2026-06-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
320881 - - - Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty client_password parameter (client secret). - CVE-2024-45160 2024-10-10 21:51 2024-10-9 Show GitHub Exploit DB Packet Storm
320882 6.4 MEDIUM
Network 		- - The CMSMasters Content Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's multiple shortcodes in all versions up to, and including, 1.8.8 due to insufficient … CWE-79
Cross-site Scripting 		CVE-2024-7963 2024-10-10 21:51 2024-10-9 Show GitHub Exploit DB Packet Storm
320883 - - - Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) - CVE-2024-9603 2024-10-10 21:51 2024-10-9 Show GitHub Exploit DB Packet Storm
320884 - - - Type Confusion in V8 in Google Chrome prior to 129.0.6668.100 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) - CVE-2024-9602 2024-10-10 21:51 2024-10-9 Show GitHub Exploit DB Packet Storm
320885 - - - An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could … - CVE-2024-9412 2024-10-10 21:51 2024-10-9 Show GitHub Exploit DB Packet Storm
320886 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why] Encounter NULL pointer dereference uner mst + dsc setup. B… CWE-476
 NULL Pointer Dereference 		CVE-2024-43895 2024-10-10 21:15 2024-08-26 Show GitHub Exploit DB Packet Storm
320887 - - - Improper Privilege Management vulnerability in ZTE ZXR10 1800-2S series ,ZXR10 2800-4,ZXR10 3800-8,ZXR10 160 series on 64 bit allows Functionality Bypass.This issue affects ZXR10 1800-2S series ,ZXR1… - CVE-2024-22068 2024-10-10 18:15 2024-10-10 Show GitHub Exploit DB Packet Storm
320888 - - - VMware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX Edge CLI terminal may be able to craft malicious payloads to execute arbitrary commands on the operat… - CVE-2024-38817 2024-10-10 17:15 2024-10-10 Show GitHub Exploit DB Packet Storm
320889 - - - In version v0.3.8 of open-webui, an improper privilege management vulnerability exists in the API endpoints GET /api/v1/documents/ and POST /rag/api/v1/doc. This vulnerability allows a lower-privileg… CWE-269
 Improper Privilege Management 		CVE-2024-7048 2024-10-10 11:15 2024-10-10 Show GitHub Exploit DB Packet Storm
320890 - - - An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. - CVE-2024-9380 2024-10-10 10:00 2024-10-9 Show GitHub Exploit DB Packet Storm