Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228391 4.3 警告 OpenStack - OpenStack Compute Grizzly のセキュリティグループ拡張子におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-4179 2013-09-19 10:23 2013-08-8 Show GitHub Exploit DB Packet Storm
228392 5.4 警告 ジュニパーネットワークス - Juniper Junos Pulse Secure Access Service および Junos Pulse Access Control Service におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5650 2013-09-18 19:16 2013-09-11 Show GitHub Exploit DB Packet Storm
228393 4.3 警告 ジュニパーネットワークス - IVE OS を搭載した Juniper Junos Pulse Secure Access Service におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-5649 2013-09-18 18:59 2013-09-12 Show GitHub Exploit DB Packet Storm
228394 4.3 警告 Moodle - Moodle におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4341 2013-09-18 18:49 2013-09-16 Show GitHub Exploit DB Packet Storm
228395 7.5 危険 Moodle - Moodle における Microsoft SQL Server に対して SQL インジェクション攻撃を実行される脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4313 2013-09-18 18:48 2013-09-16 Show GitHub Exploit DB Packet Storm
228396 5.8 警告 Moodle - Moodle の Amazon S3 ライブラリの repository/s3/S3.php における SSL サーバになりすまされる脆弱性 CWE-20
不適切な入力確認 		CVE-2012-6087 2013-09-18 18:42 2013-09-16 Show GitHub Exploit DB Packet Storm
228397 4.3 警告 Chama-Net - ChamaCargo におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4704 2013-09-18 16:12 2013-09-13 Show GitHub Exploit DB Packet Storm
228398 6.9 警告 シトリックス・システムズ
インテル		 - 複数の Intel 製品で使用される Intel Trusted Execution Technology SINIT Authenticated Code Modules における Trusted Execution Technology 保護メカニズムを回避される脆弱性 CWE-noinfo
情報不足 		CVE-2013-5740 2013-09-18 16:10 2013-07-1 Show GitHub Exploit DB Packet Storm
228399 10 危険 ヒューレット・パッカード - 複数の HP 製品の Agent サーブレットにおける任意のコマンドを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2013-4813 2013-09-18 14:30 2013-09-9 Show GitHub Exploit DB Packet Storm
228400 10 危険 ヒューレット・パッカード - 複数の HP 製品の SNAC registration server におけるファイルをアップロードされる脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4812 2013-09-18 14:28 2013-09-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1741 9.6 CRITICAL
Network 		autodesk fusion A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary c… CWE-94
Code Injection 		CVE-2026-10789 2026-06-25 00:30 2026-06-23 Show GitHub Exploit DB Packet Storm
1742 9.6 CRITICAL
Network 		microsoft exchange_online Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network. CWE-862
 Missing Authorization 		CVE-2026-48582 2026-06-25 00:24 2026-06-20 Show GitHub Exploit DB Packet Storm
1743 10.0 CRITICAL
Network 		microsoft azure_active_directory Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network. CWE-287
Improper Authentication 		CVE-2026-45480 2026-06-25 00:23 2026-06-20 Show GitHub Exploit DB Packet Storm
1744 8.8 HIGH
Network 		microsoft azure_ai_bot_service Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network. CWE-287
Improper Authentication 		CVE-2026-32174 2026-06-25 00:19 2026-06-19 Show GitHub Exploit DB Packet Storm
1745 6.5 MEDIUM
Network 		- - OpenHarness ohmo gateway /resume and /summary slash commands default remote_invocable to True, allowing admitted remote senders to enumerate and load arbitrary session snapshots by ID. Attackers can … CWE-862
 Missing Authorization 		CVE-2026-56695 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1746 5.5 MEDIUM
Local 		- - NanoClaw before 2.1.17 contains a symlink following vulnerability in forwardAttachedFiles that allows container-controlled agents to exfiltrate host-readable files. The host validates attachment file… CWE-59
Link Following 		CVE-2026-56692 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1747 5.2 MEDIUM
Local 		- - Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when fetch() was called, Deno checked the destination hostname against --deny-net rules but did not re-check the IP addresse… CWE-693
CWE-918
 Protection Mechanism Failure
Server-Side Request Forgery (SSRF)  		CVE-2026-49859 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1748 9.9 CRITICAL
Network 		n8n n8n n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could achieve global prototype pollution… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-44789 2026-06-25 00:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1749 3.3 LOW
Local 		imagemagick imagemagick ImageMagick before 7.1.2-15 and 6.9.13-40 contains a heap use-after-free in the meta coder: when memory allocation fails, a single byte is written to a stale pointer. Remote attackers can trigger it … CWE-416
 Use After Free 		CVE-2026-56376 2026-06-24 23:41 2026-06-23 Show GitHub Exploit DB Packet Storm
1750 5.5 MEDIUM
Local 		imagemagick imagemagick ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious S… CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-56379 2026-06-24 23:37 2026-06-23 Show GitHub Exploit DB Packet Storm