Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
230761	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0771	2013-02-25 16:06	2013-01-8	Show	GitHub Exploit DB Packet Storm

230762	10	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0768	2013-02-25 16:04	2013-01-8	Show	GitHub Exploit DB Packet Storm

230763	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の nsSOCKSSocketInfo::ConnectToProxy 関数における任意のコードを実行される脆弱性	CWE-310 暗号の問題	CVE-2013-0764	2013-02-25 16:03	2013-01-8	Show	GitHub Exploit DB Packet Storm

230764	10	危険	Mozilla Foundation	-	複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0763	2013-02-25 16:02	2013-01-8	Show	GitHub Exploit DB Packet Storm

230765	10	危険	Mozilla Foundation	-	複数の Mozilla 製品の mozilla::TrackUnionStream::EndTrack の実装における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0761	2013-02-25 16:01	2013-01-8	Show	GitHub Exploit DB Packet Storm

230766	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の CharDistributionAnalysis::HandleOneChar 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2013-0760	2013-02-25 16:00	2013-01-8	Show	GitHub Exploit DB Packet Storm

230767	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品におけるクローム特権で任意の JavaScript コードを実行される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2013-0757	2013-02-25 15:59	2013-01-8	Show	GitHub Exploit DB Packet Storm

230768	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品の obj_toSource 関数における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0756	2013-02-25 15:58	2013-01-8	Show	GitHub Exploit DB Packet Storm

230769	10	危険	Mozilla Foundation	-	複数の Mozilla 製品の Vibrate ライブラリにおける任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-0755	2013-02-25 15:57	2013-01-8	Show	GitHub Exploit DB Packet Storm

230770	9.3	危険	Mozilla Foundation	-	複数の Mozilla 製品における任意のコードを実行される脆弱性	CWE-119 バッファエラー	CVE-2013-0752	2013-02-25 15:56	2013-01-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	6.4	MEDIUM Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, the HTML sanitizer grants <macro> elements unrestricted data-* attributes via :data wildcard. An attacke… New	CWE-79 Cross-site Scripting	CVE-2026-52781	2026-06-27 05:20	2026-06-27	Show	GitHub Exploit DB Packet Storm

412	9.9	CRITICAL Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, there is an IDOR through /projects/<A>/settings/project_storages/<A_ps_id> via PATCH parameter "storages… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-52782	2026-06-27 05:20	2026-06-27	Show	GitHub Exploit DB Packet Storm

413	8.2	HIGH Network	-	-	OpenProject is open-source, web-based project management software. Prior to 17.3.3 and 17.4.1, OpenProject's Storages module writes the OneDrive/SharePoint userless OAuth access_token plaintext to Ra… New	CWE-313 Cleartext Storage in a File or on Disk	CVE-2026-52783	2026-06-27 05:20	2026-06-27	Show	GitHub Exploit DB Packet Storm

414	7.7	HIGH Network	-	-	RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 until 1.0.0-beta.9, when the FTP frontend is enabled, the FTP read and probe handlers dispatch directly to the storage … New	CWE-862 CWE-863 Missing Authorization Incorrect Authorization	CVE-2026-55189	2026-06-27 05:20	2026-06-27	Show	GitHub Exploit DB Packet Storm

415	4.3	MEDIUM Network	jenkins	pipeline\	Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier does not restrict the types that can be instantiated through the Pipeline Snippet Generator, allowing attackers to instantiate types rel… New	CWE-470 Unsafe Reflection	CVE-2026-57284	2026-06-27 05:20	2026-06-24	Show	GitHub Exploit DB Packet Storm

416	4.3	MEDIUM Network	jenkins	pipeline\	A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline: Groovy Plugin 4331.v9d06ed4658ff and earlier allows attackers to instantiate types related to job or system configuration other … New	CWE-352 Origin Validation Error	CVE-2026-57283	2026-06-27 05:20	2026-06-24	Show	GitHub Exploit DB Packet Storm

417	10.0	CRITICAL Network	langflow	langflow	IBM Langflow OSS 1.0.0 through 1.9.3 has an vulnerability due to an improper isolation of Python execution combined with an authentication bypass that allows an unauthenticated attacker to execute ar… New	CWE-94 Code Injection	CVE-2026-10561	2026-06-27 05:19	2026-06-22	Show	GitHub Exploit DB Packet Storm

418	7.8	HIGH Local	gimp	gimp	GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte… New	CWE-122 Heap-based Buffer Overflow	CVE-2026-2050	2026-06-27 05:18	2026-06-25	Show	GitHub Exploit DB Packet Storm

419	7.6	HIGH Adjacent	home-assistant	home-assistant	Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.6.0, the Konnected integration registers an HTTP endpoint, KonnectedView (homeassistant… New	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-54317	2026-06-27 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm

420	6.3	MEDIUM Network	openwebui	open_webui	Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, several direct, index-addressed Ollama proxy routes accept a caller-supplied url_idx… New	CWE-863 Incorrect Authorization	CVE-2026-54021	2026-06-27 05:17	2026-06-24	Show	GitHub Exploit DB Packet Storm