Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 2 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
229011	4.3	警告	IBM	-	IBM Application Manager for Smart Business などの製品で使用される ITM におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2013-0548	2013-06-25 16:07	2013-06-17	Show	GitHub Exploit DB Packet Storm

229012	7.2	危険	IBM	-	IBM Notes の Multi User Profile Cleanup サービスにおける権限を取得される脆弱性(DoS)	CWE-264 認可・権限・アクセス制御	CVE-2013-0536	2013-06-25 16:05	2013-06-12	Show	GitHub Exploit DB Packet Storm

229013	7.1	危険	IBM	-	IBM AIX および VIOS の inet サブシステムの IPv6 の実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-3035	2013-06-25 15:57	2013-06-4	Show	GitHub Exploit DB Packet Storm

229014	1.9	注意	IBM	-	Lotus Notes クライアントおよび単独で使用される IBM Sametime の Connect クライアントにおける重要な情報を取得される脆弱性	CWE-255 証明書・パスワード管理	CVE-2013-0534	2013-06-25 15:56	2013-05-31	Show	GitHub Exploit DB Packet Storm

229015	5	警告	IBM	-	IBM Sterling Connect:Direct のブラウザにおける Cookie をキャプチャされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0529	2013-06-25 15:48	2013-06-11	Show	GitHub Exploit DB Packet Storm

229016	1.9	注意	IBM	-	IBM Sterling Connect:Direct のブラウザにおける管理者コンソールの重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2013-0527	2013-06-25 15:48	2013-06-11	Show	GitHub Exploit DB Packet Storm

229017	6.8	警告	WordPress.org	-	WordPress 用 WP Maintenance Mode プラグインにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3250	2013-06-25 14:15	2013-06-5	Show	GitHub Exploit DB Packet Storm

229018	4.3	警告	Suksit Sripitchayaphan	-	Drupal 用 Inf08 テーマの template.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-6572	2013-06-25 13:54	2012-09-12	Show	GitHub Exploit DB Packet Storm

229019	4.3	警告	シスコシステムズ	-	Cisco WebEx Social におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3392	2013-06-25 13:44	2013-06-21	Show	GitHub Exploit DB Packet Storm

229020	8.3	危険	シスコシステムズ	-	Cisco TelePresence TC Software におけるルート権限のシェルアクセスを取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-3379	2013-06-24 18:32	2013-06-19	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1571	7.8	HIGH Local	-	-	Missing symlink validation in Language Servers for AWS may allow an arbitrary file write outside of the workspace trust boundary. This may occur when a local user opens a workspace with a maliciously…	CWE-61 UNIX Symbolic Link (Symlink) Following	CVE-2026-12958	2026-06-24 04:36	2026-06-24	Show	GitHub Exploit DB Packet Storm

1572	6.5	MEDIUM Network	-	-	SQL Injection vulnerability in Cboard v.0.4.2 and before allows a remote attacker to execute arbitrary code via the getDimensionsValues component	CWE-89 SQL Injection	CVE-2026-52673	2026-06-24 04:35	2026-06-24	Show	GitHub Exploit DB Packet Storm

1573	-		-	-	Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2025-62180	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1574	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, when a WebSocket connection was opened, Deno checked the destination hostname against --deny-net rules but did not re-check …	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-49860	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1575	5.2	MEDIUM Local	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.1, environment access is gated by the env permission. You can deny it with --deny-env, or restrict it to a specific allowlist w…	CWE-863 Incorrect Authorization	CVE-2026-49983	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1576	4.3	MEDIUM Network	-	-	Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.5, a Deno program that opens a client WebSocket connection could be crashed by the remote server. While handling the WebSocket …	CWE-248 Uncaught Exception	CVE-2026-55517	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1577	7.6	HIGH Adjacent	-	-	Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant…	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-54317	2026-06-24 04:34	2026-06-24	Show	GitHub Exploit DB Packet Storm

1578	-		-	-	Claude Code is an agentic coding tool. From 0.2.54 until 2.1.163, because the hostname huggingface.co was pre-approved as a bare hostname for the WebFetch tool, any path on that domain—including att…	CWE-183 CWE-200 CWE-515 Permissive List of Allowed Inputs Information Exposure	CVE-2026-54316	2026-06-24 04:32	2026-06-24	Show	GitHub Exploit DB Packet Storm

1579	7.5	HIGH Network	-	-	An issue in the sqlo_try_in_loop component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61024	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm

1580	7.5	HIGH Network	-	-	An issue in the sqlo_untry component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.	CWE-89 SQL Injection	CVE-2025-61029	2026-06-24 04:26	2026-06-24	Show	GitHub Exploit DB Packet Storm