Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
221951 4.9 警告 MicroPact - MicroPact icomplaints にクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-2971 2014-07-28 17:16 2014-07-21 Show GitHub Exploit DB Packet Storm
221952 5 警告 GNU Project - GnuTLS の lib/x509/common.c の gnutls_x509_dn_oid_name 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2014-3465 2014-07-28 17:04 2014-01-31 Show GitHub Exploit DB Packet Storm
221953 5 警告 LIGHTTPD - lighttpd におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-2324 2014-07-28 17:03 2014-03-12 Show GitHub Exploit DB Packet Storm
221954 7.5 危険 LIGHTTPD - lighttpd の mod_mysql_vhost.c における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-2323 2014-07-28 17:02 2014-03-12 Show GitHub Exploit DB Packet Storm
221955 4.3 警告 RubyGems - rubygems におけるインストール中に gem を変更される脆弱性 CWE-310
暗号の問題 		CVE-2012-2126 2014-07-28 17:02 2012-04-19 Show GitHub Exploit DB Packet Storm
221956 5.8 警告 RubyGems - rubygems におけるインストール中に gem を監視または変更される脆弱性 CWE-Other
その他 		CVE-2012-2125 2014-07-28 17:02 2012-04-19 Show GitHub Exploit DB Packet Storm
221957 4.6 警告 X.Org Foundation - X.Org xf86-video-intel の tools/backlight_helper.c におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2014-4910 2014-07-28 15:39 2014-07-4 Show GitHub Exploit DB Packet Storm
221958 4.3 警告 Honeywell International Inc. - Honeywell FALCON XLWeb Linux コントローラおよび FALCON XLWeb XLWebExe コントローラにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-3110 2014-07-28 13:48 2014-07-22 Show GitHub Exploit DB Packet Storm
221959 7.6 危険 Honeywell International Inc. - Honeywell FALCON XLWeb Linux コントローラおよび FALCON XLWeb XLWebExe コントローラにおける認証を回避される脆弱性 CWE-Other
その他 		CVE-2014-2717 2014-07-28 13:47 2014-07-22 Show GitHub Exploit DB Packet Storm
221960 7.5 危険 Ilya Birman - E2 における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-4736 2014-07-28 12:27 2014-07-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
471 5.3 MEDIUM
Network 		- - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances XML-RPC server (glances -s, implemented in glances/server.py) does not validate the HTTP Host header, leav… New CWE-346
CWE-350
 Origin Validation Error
 Reliance on Reverse DNS Resolution for a Security-Critical Action 		CVE-2026-46611 2026-06-26 13:17 2026-06-26 Show GitHub Exploit DB Packet Storm
472 5.5 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Prior to 9.2.0671, when Vim opens a file encrypted with the VimCrypt~04! or VimCrypt~05! method (xchacha20poly1305, requires the +sodium feature) whos… New CWE-125
CWE-191
Out-of-bounds Read
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-57452 2026-06-26 13:12 2026-06-26 Show GitHub Exploit DB Packet Storm
473 6.1 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Prior to 9.2.0670, get_text_props() in src/textprop.c reads a uint16 property count stored inline after a line's text and returns it as the number of … New CWE-125
Out-of-bounds Read 		CVE-2026-57451 2026-06-26 13:11 2026-06-26 Show GitHub Exploit DB Packet Storm
474 6.6 MEDIUM
Local 		nokogiri nokogiri Nokogiri is an open source XML and HTML library for the Ruby programming language. Prior to 1.19.4, XInclude substitution performed by Nokogiri::XML::Node#do_xinclude replaced each <xi:include> in pl… New CWE-416
 Use After Free 		CVE-2026-57438 2026-06-26 13:11 2026-06-26 Show GitHub Exploit DB Packet Storm
475 5.5 MEDIUM
Local 		vim vim Vim is an open source, command line text editor. Prior to 9.2.0662, the dump_prefixes() function in src/spell.c walks a spell-file prefix trie iteratively with a depth counter while dumping the prefi… New CWE-787
 Out-of-bounds Write 		CVE-2026-55892 2026-06-26 12:53 2026-06-26 Show GitHub Exploit DB Packet Storm
476 8.8 HIGH
Network 		angular angular_language_service The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. Prior to 21.2.4, the client-side Angular Language Service VS Code extension reads the custom T… New CWE-79
CWE-94
CWE-427
CWE-494
Cross-site Scripting
Code Injection
 Uncontrolled Search Path Element
 Download of Code Without Integrity Check 		CVE-2026-49241 2026-06-26 12:47 2026-06-23 Show GitHub Exploit DB Packet Storm
477 8.8 HIGH
Network 		angular angular_language_service The Angular Language Service VS Code Extension provides a rich editing experience for Angular templates. the client-side Angular Language Service VS Code extension configures the tooltip Markdown ren… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-50178 2026-06-26 11:57 2026-06-23 Show GitHub Exploit DB Packet Storm
478 5.4 MEDIUM
Network 		coturn_project coturn Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.11.0 contain a stored cross-site scripting (XSS) vulnerability in the web-admin HTTPS interface. An attacker w… New CWE-79
Cross-site Scripting 		CVE-2026-43915 2026-06-26 11:35 2026-06-19 Show GitHub Exploit DB Packet Storm
479 6.5 MEDIUM
Network 		libssh2 libssh2 libssh2 through 1.11.1, fixed in commit 2dae302, contains an out-of-bounds heap read vulnerability in the sftp_symlink() function in src/sftp.c that allows a malicious SSH server or man-in-the-middle… New CWE-125
Out-of-bounds Read 		CVE-2025-15661 2026-06-26 11:35 2026-06-19 Show GitHub Exploit DB Packet Storm
480 9.8 CRITICAL
Network 		coturn_project coturn Coturn is a free open source implementation of TURN and STUN Server. Versions prior to 4.10.0 contain a stack buffer overflow in decode_oauth_token_gcm(). A uint16_t nonce_len field read from an atta… New CWE-120
Classic Buffer Overflow 		CVE-2026-43994 2026-06-26 11:30 2026-06-19 Show GitHub Exploit DB Packet Storm