Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225701 4.3 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Demantra Demand Management における DM Others に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0379 2014-01-16 17:47 2014-01-14 Show GitHub Exploit DB Packet Storm
225702 5.5 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Demantra Demand Management における DM Others に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0372 2014-01-16 17:46 2014-01-14 Show GitHub Exploit DB Packet Storm
225703 3.5 注意 オラクル - Oracle Supply Chain Products Suite の Oracle Demantra Demand Management における DM Others に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0371 2014-01-16 17:46 2014-01-14 Show GitHub Exploit DB Packet Storm
225704 5.5 警告 オラクル - Oracle Supply Chain Products Suite の Oracle Agile Product Lifecycle Management for Process における Manage Data Cache に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5897 2014-01-16 17:45 2014-01-14 Show GitHub Exploit DB Packet Storm
225705 4 警告 Apache Software Foundation - Apache CloudStack におけるネットワーク ACL を一覧表示される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0031 2014-01-16 17:19 2014-01-10 Show GitHub Exploit DB Packet Storm
225706 6.9 警告 クアルコム
Android for MSM		 - MSM デバイス用 Qualcomm Innovation Center Android コントリビューションなどで使用される Linux Kernel 用 MSM カメラドライバにおける権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-6123 2014-01-16 16:48 2013-10-11 Show GitHub Exploit DB Packet Storm
225707 4 警告 シスコシステムズ - Cisco Identity Services Engine Software の RBAC の実装における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-0665 2014-01-16 16:40 2014-01-15 Show GitHub Exploit DB Packet Storm
225708 6.8 警告 The Icinga Project - Icinga の cmd.cgi におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-7107 2014-01-16 16:39 2013-12-23 Show GitHub Exploit DB Packet Storm
225709 6.5 警告 The Icinga Project - Icinga におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-7106 2014-01-16 16:37 2013-12-17 Show GitHub Exploit DB Packet Storm
225710 7.1 危険 ジュニパーネットワークス - Juniper Networks SRX シリーズサービスゲートウェイ上で稼働する Juniper Junos におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2014-0617 2014-01-16 16:06 2014-01-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
531 5.4 MEDIUM
Network 		- - Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authentica… New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-56774 2026-06-26 07:17 2026-06-26 Show GitHub Exploit DB Packet Storm
532 7.5 HIGH
Network 		- - Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with… New CWE-494
 Download of Code Without Integrity Check 		CVE-2021-47987 2026-06-26 07:16 2026-06-26 Show GitHub Exploit DB Packet Storm
533 8.8 HIGH
Network 		- - Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth … New CWE-862
 Missing Authorization 		CVE-2026-56767 2026-06-26 06:16 2026-06-26 Show GitHub Exploit DB Packet Storm
534 - - - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allows arbitrary data: URIs without proper restrictions,… New CWE-80
Basic XSS 		CVE-2026-52816 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
535 3.5 LOW
Network 		- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, … New CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine 		CVE-2026-52796 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
536 4.9 MEDIUM
Network 		- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the … New CWE-20
 Improper Input Validation  		CVE-2025-64719 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
537 7.1 HIGH
Network 		- - Bitwarden Server before 2026.5.0 contains a privilege escalation vulnerability that allows authenticated Custom users with ManageUsers permission to remove Admin accounts from an organization by expl… New CWE-862
 Missing Authorization 		CVE-2026-57520 2026-06-26 05:22 2026-06-26 Show GitHub Exploit DB Packet Storm
538 5.5 MEDIUM
Local 		- - Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit New CWE-88
Argument Injection 		CVE-2026-11968 2026-06-26 05:21 2026-06-24 Show GitHub Exploit DB Packet Storm
539 8.0 HIGH
Network 		- - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w… New CWE-59
Link Following 		CVE-2026-23879 2026-06-26 05:21 2026-06-25 Show GitHub Exploit DB Packet Storm
540 7.2 HIGH
Network 		- - 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by … New CWE-73
 External Control of File Name or Path 		CVE-2026-55477 2026-06-26 05:21 2026-06-26 Show GitHub Exploit DB Packet Storm