Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
221 5.3 警告
Network 		JoomlaWorks Ltd. K2 JoomlaWorks Ltd.のK2における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-48945 2026-06-29 11:14 2026-06-25 Show GitHub Exploit DB Packet Storm
222 6.3 警告
Network 		JoomlaWorks Ltd. K2 JoomlaWorks Ltd.のK2における危険なタイプのファイルの無制限アップロードに関する脆弱性 New CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2026-48946 2026-06-29 11:14 2026-06-25 Show GitHub Exploit DB Packet Storm
223 6.5 警告
Network 		struktur AG libheif struktur AGのlibheifにおける境界外読み取りに関する脆弱性 New CWE-125
境界外読み取り 		CVE-2026-49271 2026-06-29 11:14 2026-06-19 Show GitHub Exploit DB Packet Storm
224 7.5 重要
Network 		sunnyadn js-toml sunnyadnのjs-tomlにおける複数の脆弱性 New CWE-1333
CWE-400
CWE-407
CVE-2026-49293 2026-06-29 11:14 2026-06-19 Show GitHub Exploit DB Packet Storm
225 7.1 重要
Network 		struktur AG libde265 struktur AGのlibde265における境界外書き込みに関する脆弱性 New CWE-787
境界外書き込み 		CVE-2026-49295 2026-06-29 11:14 2026-06-19 Show GitHub Exploit DB Packet Storm
226 7.1 重要
Network 		struktur AG libde265 struktur AGのlibde265における整数オーバーフローの脆弱性 New CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-49346 2026-06-29 11:14 2026-06-19 Show GitHub Exploit DB Packet Storm
227 3.6
Local 		Babel Babel Babelにおける複数の脆弱性 New CWE-200
CWE-22
CVE-2026-49356 2026-06-29 11:14 2026-06-22 Show GitHub Exploit DB Packet Storm
228 8.4 重要
Local 		Deno Land Deno Deno Land Inc.のDenoにおける複数の脆弱性 New CWE-176
CWE-41
CVE-2026-49401 2026-06-29 11:14 2026-06-23 Show GitHub Exploit DB Packet Storm
229 8.1 重要
Network 		Deno Land Deno Deno Land Inc.のDenoにおけるOS コマンドインジェクションの脆弱性 New CWE-78
OSコマンド・インジェクション 		CVE-2026-49402 2026-06-29 11:14 2026-06-23 Show GitHub Exploit DB Packet Storm
230 5.5 警告
Local 		Deno Land Deno Deno Land Inc.のDenoにおけるパストラバーサルの脆弱性 New CWE-22
パス・トラバーサル 		CVE-2026-49406 2026-06-29 11:14 2026-06-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254211 7.2 HIGH
Network 		jenkins z\/os_connector A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jen… CWE-522
 Insufficiently Protected Credentials 		CVE-2018-1000608 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254212 6.5 MEDIUM
Network 		jenkins fortify_cloudscan A arbitrary file write vulnerability exists in Jenkins Fortify CloudScan Plugin 1.5.1 and earlier in ArchiveUtil.java that allows attackers able to control rulepack zip file contents to overwrite any… CWE-20
 Improper Input Validation  		CVE-2018-1000607 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254213 6.5 MEDIUM
Network 		jenkins urltrigger A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET reque… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2018-1000606 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254214 7.4 HIGH
Network 		jenkins collabnet A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any s… CWE-295
Improper Certificate Validation  		CVE-2018-1000605 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254215 5.4 MEDIUM
Network 		jenkins badge A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge conten… CWE-79
Cross-site Scripting 		CVE-2018-1000604 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254216 5.9 MEDIUM
Network 		jenkins saml A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-… CWE-384
 Session Fixation 		CVE-2018-1000602 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254217 6.5 MEDIUM
Network 		jenkins ssh_credentials A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configu… CWE-200
Information Exposure 		CVE-2018-1000601 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254218 8.8 HIGH
Network 		jenkins openstack_cloud A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JClo… CWE-200
Information Exposure 		CVE-2018-1000603 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254219 8.8 HIGH
Network 		jenkins github A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using att… CWE-200
Information Exposure 		CVE-2018-1000600 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm
254220 6.1 MEDIUM
Network 		qutebrowser qutebrowser qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via… CWE-79
Cross-site Scripting 		CVE-2018-1000559 2024-11-21 12:40 2018-06-27 Show GitHub Exploit DB Packet Storm