Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249271 6.4 警告 albinoloverats - encrypt の Anubis プラグインにおける暗号化されたデータと乱数のパディングを識別される脆弱性 CWE-310
暗号の問題 		CVE-2008-2780 2012-06-26 16:02 2008-06-19 Show GitHub Exploit DB Packet Storm
249272 9.3 危険 globalscape - GlobalSCAPE CuteFTP Home および CuteFTP Pro におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2779 2012-06-26 16:02 2008-06-19 Show GitHub Exploit DB Packet Storm
249273 4.3 警告 dt centrepiece - DT Centrepiece の search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2776 2012-06-26 16:02 2008-06-19 Show GitHub Exploit DB Packet Storm
249274 7.5 危険 dt centrepiece - DT Centrepiece の search.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2775 2012-06-26 16:02 2008-06-19 Show GitHub Exploit DB Packet Storm
249275 7.5 危険 cartkeeper - CartKeeper CKGold Shopping Cart の item.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2774 2012-06-26 16:02 2008-06-19 Show GitHub Exploit DB Packet Storm
249276 6.8 警告 efiction - eFiction の toplists.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2754 2012-06-26 16:02 2008-06-18 Show GitHub Exploit DB Packet Storm
249277 7.5 危険 gryphon - Gryphon gllcTS2 の login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2746 2012-06-26 16:02 2008-06-17 Show GitHub Exploit DB Packet Storm
249278 9.3 危険 black ice - Black Ice Software Annotation プラグイン の BiAnno ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-2745 2012-06-26 16:02 2008-06-17 Show GitHub Exploit DB Packet Storm
249279 7.5 危険 Achievo - Achievo の mcpuk ファイルエディタにおける任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2008-2742 2012-06-26 16:02 2008-06-11 Show GitHub Exploit DB Packet Storm
249280 6.5 警告 Apache Software Foundation
TYPO3 Association		 - TYPO3 における設定ファイルをアップロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2717 2012-06-26 16:02 2008-06-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
211 5.0 MEDIUM
Network 		- - Flowise before 3.1.3 validates Custom MCP stdio environment variables against a denylist using a case-sensitive comparison, so on Windows, where environment names are case-insensitive, supplying 'nod… New CWE-178
 Improper Handling of Case Sensitivity 		CVE-2026-58057 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
212 7.6 HIGH
Network 		- - RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a… New CWE-863
 Incorrect Authorization 		CVE-2026-58056 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
213 5.4 MEDIUM
Network 		- - nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and … New CWE-444
HTTP Request Smuggling 		CVE-2026-58055 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
214 7.2 HIGH
Network 		- - MyBB 1.8.40 does not restrict which usergroup a limited Admin Control Panel user may assign when creating or editing users; the user module offers the Administrators group (gid 4) and its datahandler… New CWE-269
 Improper Privilege Management 		CVE-2026-58054 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
215 9.9 CRITICAL
Network 		- - Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, force… New CWE-269
 Improper Privilege Management 		CVE-2026-58053 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
216 3.3 LOW
Local 		- - 7-Zip for Windows through 26.02 fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier stream matches the … New CWE-693
 Protection Mechanism Failure 		CVE-2026-58052 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
217 6.5 MEDIUM
Network 		- - libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2_p… New CWE-908
 Use of Uninitialized Resource 		CVE-2026-58051 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
218 7.0 HIGH
Network 		- - libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation num_attrs * sizeof(libssh2_publickey_attribute) without bo… New CWE-190
 Integer Overflow or Wraparound 		CVE-2026-58050 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
219 8.6 HIGH
Network 		- - FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather… New CWE-787
 Out-of-bounds Write 		CVE-2026-58049 2026-06-28 11:16 2026-06-28 Show GitHub Exploit DB Packet Storm
220 6.5 MEDIUM
Adjacent 		dhcpcd_project dhcpcd dhcpcd through 10.3.2, fixed in commit 2f00c7b, contains a one-byte stack out-of-bounds write vulnerability in dhcp6_makemessage() in src/dhcp6.c that allows unauthenticated same-link attackers to wr… New CWE-787
 Out-of-bounds Write 		CVE-2026-56114 2026-06-28 09:34 2026-06-24 Show GitHub Exploit DB Packet Storm