Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201 6.5 警告
Network 		PEVANS (Paul Evans ) Metrics::Any::Adapter::SignalFx PEVANS (Paul Evans )のMetrics::Any::Adapter::SignalFxにおける複数の脆弱性 New CWE-150
CWE-93
CVE-2026-50637
CVE-2026-50638
CVE-2026-50639
CVE-2026-9270 		2026-06-26 11:51 2026-06-10 Show GitHub Exploit DB Packet Storm
202 7.5 重要
Network 		Devolutions UniGetUI DevolutionsのUniGetUIにおける誤って解決された名前や参照の使用に関する脆弱性 New CWE-706
誤って解決された名前や参照の使用 		CVE-2026-10696 2026-06-26 11:51 2026-06-17 Show GitHub Exploit DB Packet Storm
203 7.8 重要
Local 		デル AIOps Collector デルのAIOps Collectorにおけるデフォルトの認証情報の使用に関する脆弱性 New CWE-1392
デフォルトの認証情報の使用 		CVE-2026-32652 2026-06-26 11:50 2026-06-17 Show GitHub Exploit DB Packet Storm
204 9.1 緊急
Network 		UI UniFi OS Server UIのUniFi OS Serverにおける入力確認に関する脆弱性 New CWE-20
不適切な入力確認 		CVE-2026-33000 2026-06-26 11:50 2026-05-22 Show GitHub Exploit DB Packet Storm
205 7.7 重要
Network 		UI UniFi Dream Machine Special Edition Firmware (UDM-SE)
UniFi Cloud Gateway Ultra Firmware (UCG-Ultra)
UniFi Network Video Re… 		UIのEnterprise Fortress Gateway Firmware (EFG)等の複数製品におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-34911 2026-06-26 11:50 2026-05-22 Show GitHub Exploit DB Packet Storm
206 8.8 重要
Adjacent 		Palo Alto Networks IDIRA Privilege Cloud Connector Palo Alto NetworksのIDIRA Privilege Cloud Connectorにおける証明書検証に関する脆弱性 New CWE-295
不正な証明書検証 		CVE-2026-45170 2026-06-26 11:50 2026-06-12 Show GitHub Exploit DB Packet Storm
207 8.8 重要
Network 		Palo Alto Networks IDIRA Privileged Session Manager (PSM) Palo Alto NetworksのIDIRA Privileged Session Manager (PSM)におけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-45171 2026-06-26 11:50 2026-06-11 Show GitHub Exploit DB Packet Storm
208 8.8 重要
Network 		Palo Alto Networks Privileged Session Manager (PSM) Palo Alto NetworksのPrivileged Session Manager (PSM)におけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-45172 2026-06-26 11:50 2026-06-11 Show GitHub Exploit DB Packet Storm
209 8.2 重要
Local 		マイクロソフト Microsoft MANA Network Driver Microsoft Azure ネットワーク アダプターの特権昇格の脆弱性 New CWE-416
解放済みメモリの使用 		CVE-2026-45476 2026-06-26 11:50 2026-06-9 Show GitHub Exploit DB Packet Storm
210 7.8 重要
Local 		Leejet Stable-diffusion.cpp LeejetのStable-diffusion.cppにおける複数の脆弱性 New CWE-122
CWE-787
CVE-2026-47747 2026-06-26 11:50 2026-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
320801 8.8 HIGH
Network 		piwebsolution product_enquiry_for_woocommerce The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untr… CWE-502
 Deserialization of Untrusted Data 		CVE-2024-8922 2024-10-5 04:11 2024-09-27 Show GitHub Exploit DB Packet Storm
320802 6.1 MEDIUM
Network 		stellarwp the_events_calendar The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and ou… CWE-79
Cross-site Scripting 		CVE-2024-6931 2024-10-5 04:08 2024-09-27 Show GitHub Exploit DB Packet Storm
320803 5.4 MEDIUM
Network 		leap13 premium_addons_for_elementor The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Grid widget in all versions up to, and including, 4.10.52 due to insufficient… CWE-79
Cross-site Scripting 		CVE-2024-8681 2024-10-5 04:04 2024-09-27 Show GitHub Exploit DB Packet Storm
320804 5.4 MEDIUM
Network 		codesupply absolute_reviews The Absolute Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Name' field of a custom post criteria in all versions up to, and including, 1.1.3 due to insufficient i… CWE-79
Cross-site Scripting 		CVE-2024-8965 2024-10-5 04:04 2024-09-27 Show GitHub Exploit DB Packet Storm
320805 8.8 HIGH
Network 		advantech adam-5630_firmware Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same origin policy, which is designed to prevent different websites fro… CWE-352
 Origin Validation Error 		CVE-2024-28948 2024-10-5 03:58 2024-09-28 Show GitHub Exploit DB Packet Storm
320806 5.4 MEDIUM
Network 		hyumika openstreetmap The OSM – OpenStreetMap plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's osm_map and osm_map_v3 shortcodes in all versions up to, and including, 6.1.0 due to insuffi… CWE-79
Cross-site Scripting 		CVE-2024-8991 2024-10-5 03:56 2024-09-27 Show GitHub Exploit DB Packet Storm
320807 5.4 MEDIUM
Network 		fastlinemedia beaver_builder The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to… CWE-79
Cross-site Scripting 		CVE-2024-9049 2024-10-5 03:53 2024-09-27 Show GitHub Exploit DB Packet Storm
320808 4.3 MEDIUM
Network 		bg5sbk minicms A vulnerability was found in bg5sbk MiniCMS 1.11. It has been classified as problematic. Affected is an unknown function of the file page-edit.php. The manipulation leads to cross-site request forger… CWE-352
 Origin Validation Error 		CVE-2024-9282 2024-10-5 03:33 2024-09-27 Show GitHub Exploit DB Packet Storm
320809 7.5 HIGH
Network 		amirraminfar dozzle Dozzle is a realtime log viewer for docker containers. Before version 8.5.3, the app uses sha-256 as the hash for passwords, which leaves users susceptible to rainbow table attacks. The app switches … CWE-326
Inadequate Encryption Strength 		CVE-2024-47182 2024-10-5 03:31 2024-09-27 Show GitHub Exploit DB Packet Storm
320810 8.2 HIGH
Network 		openpetra openpetra Cross Site Scripting vulnerability in openPetra v.2023.02 allows a remote attacker to obtain sensitive information via the serverMCommon.asmx function. CWE-79
Cross-site Scripting 		CVE-2024-40510 2024-10-5 03:28 2024-09-28 Show GitHub Exploit DB Packet Storm