Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 23, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
181 7.2 危険 Sendmail Consortium sendmail Eric Allmanのsendmailにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0163 2026-06-23 11:22 1997-01-1 Show GitHub Exploit DB Packet Storm
182 4.6 警告 University of Washington WU-FTPD Washington UniversityのWU-FTPDにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0156 2026-06-23 11:22 1997-07-1 Show GitHub Exploit DB Packet Storm
183 7.5 危険 GNU Project GNU Fingerd GNU ProjectのGNU Fingerdにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0150 2026-06-23 11:22 1997-07-1 Show GitHub Exploit DB Packet Storm
184 7.5 危険 University of Arizona
Internet WorkShop		 WebGlimpse
GlimpseHTTP 		University of ArizonaのGlimpseHTTP等の複数製品における不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0147 2026-06-23 11:22 1997-07-1 Show GitHub Exploit DB Packet Storm
185 7.5 危険 ncsa Campas
Servers 		ncsaのCampas等の複数製品における不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0146 2026-06-23 11:22 1997-07-15 Show GitHub Exploit DB Packet Storm
186 5 警告 University of Washington WU-FTPD Washington UniversityのWU-FTPDにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0081 2026-06-23 11:22 1997-01-11 Show GitHub Exploit DB Packet Storm
187 5 警告 Novell Novell Web Server NovellのNovell Web Serverにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0175 2026-06-23 11:22 1996-07-1 Show GitHub Exploit DB Packet Storm
188 4.6 警告 Process Software
サン・マイクロシステムズ
MIT Kerberos		 kerberos 5
Kerberos
MultiNet
Solaris 		MIT等の複数ベンダの製品における不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0143 2026-06-23 11:22 1996-02-21 Show GitHub Exploit DB Packet Storm
189 7.2 危険 Fred N. Van Kempen DIP Fred N. Van KempenのDIPにおける不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0137 2026-06-23 11:22 1996-07-9 Show GitHub Exploit DB Packet Storm
190 5 警告 FreeBSD
フォア・チューン
SCO		 FreeBSD
BSD/OS
SCO Internet FastStart
openserver 		フォア・チューン等の複数ベンダの製品における不特定の脆弱性 New CWE-Other
その他 		CVE-1999-0096 2026-06-23 11:22 1996-12-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3731 7.5 HIGH
Network 		- - Casdoor versions 2.362.0 and earlier do not enforce SAML assertion time bounds. The gosaml2 library reports all time-validation results, including NotOnOrAfter and NotBefore, in the assertionInfo.War… - CVE-2026-9096 2026-06-3 02:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3732 9.8 CRITICAL
Network 		- - Casdoor versions 2.362.0 and earlier contain a vulnerability enabling cross-organization token exchange. The GetTokenExchangeToken function in object/token_oauth.go validates JWT signatures but does … - CVE-2026-9094 2026-06-3 02:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3733 9.8 CRITICAL
Network 		- - In Casdoor versions 2.362.0 and earlier, the SAML service provider implementation does not validate the AudienceRestriction element in SAML assertions. The buildSp function in object/saml_sp.go never… - CVE-2026-9093 2026-06-3 02:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3734 5.9 MEDIUM
Network 		ibm websphere_application_server IBM WebSphere Application Server - Liberty 22.0.0.11 through 26.0.0.5 IBM WebSphere Application Server Liberty could allow a remote attacker to bypass security under limited conditions by exploiting … CWE-362
Race Condition 		CVE-2026-5516 2026-06-3 02:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3735 5.5 MEDIUM
Local 		ibm app_connect_enterprise IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user. CWE-922
CWE-532
 Insecure Storage of Sensitive Information
 Inclusion of Sensitive Information in Log Files 		CVE-2026-5515 2026-06-3 02:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3736 3.7 LOW
Network 		- - A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive informat… CWE-208
 Information Exposure Through Timing Discrepancy 		CVE-2026-5419 2026-06-3 02:16 2026-06-2 Show GitHub Exploit DB Packet Storm
3737 4.2 MEDIUM
Network 		pyjwt_project pyjwt PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient passes its uri argument directly to urllib.request.urlopen() which uses Python stdlib's default OpenerDirector registe… CWE-441
CWE-918
Confused Deputy
Server-Side Request Forgery (SSRF)  		CVE-2026-48522 2026-06-3 02:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3738 8.5 HIGH
Network 		oracle financials_common_modules Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable v… NVD-CWE-noinfo
CWE-284
Improper Access Control 		CVE-2026-46820 2026-06-3 02:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3739 4.3 MEDIUM
Network 		apache airflow The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the colle… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-46764 2026-06-3 02:16 2026-06-1 Show GitHub Exploit DB Packet Storm
3740 8.8 HIGH
Network 		- - Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fie… CWE-290
CWE-639
CWE-862
 Authentication Bypass by Spoofing
 Authorization Bypass Through User-Controlled Key
 Missing Authorization 		CVE-2026-46414 2026-06-3 02:16 2026-05-28 Show GitHub Exploit DB Packet Storm