Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
252531 10 危険 DMSoft Technologies - SkinCrafter の InitLicenKeys 関数におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2271 2012-05-23 18:15 2012-05-21 Show GitHub Exploit DB Packet Storm
252532 9.3 危険 Lattice Semiconductor - Lattice Semiconductor PAC-Designer におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-2915 2012-05-23 18:04 2012-05-21 Show GitHub Exploit DB Packet Storm
252533 5 警告 リアルネットワークス - RealNetworks RealPlayer および RealPlayer SP におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2012-1904 2012-05-23 18:04 2012-03-28 Show GitHub Exploit DB Packet Storm
252534 4.3 警告 unijimpe - Unijimpe Captcha の captchademo.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2914 2012-05-23 18:02 2012-05-21 Show GitHub Exploit DB Packet Storm
252535 4.3 警告 SiliSoftware - SiliSoftware backupDB() の backupDB.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2911 2012-05-23 17:54 2012-05-21 Show GitHub Exploit DB Packet Storm
252536 4.3 警告 SiliSoftware - SiliSoftware phpThumb() におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2910 2012-05-23 17:53 2012-05-21 Show GitHub Exploit DB Packet Storm
252537 4.3 警告 Artiphp - Artiphp CMS の artpublic/recommandation/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2906 2012-05-23 17:50 2012-05-21 Show GitHub Exploit DB Packet Storm
252538 5 警告 Artiphp - Artiphp CMS における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2905 2012-05-23 17:49 2012-05-21 Show GitHub Exploit DB Packet Storm
252539 4.3 警告 Viscacha - Viscacha におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-2909 2012-05-23 16:57 2012-05-21 Show GitHub Exploit DB Packet Storm
252540 7.5 危険 Viscacha - Viscacha の admin/bbcodes.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-2908 2012-05-23 16:56 2012-05-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1011 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12850 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1012 9.1 CRITICAL
Network 		- - Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted network packet can lead to command execution. An attacker… New CWE-78
OS Command  		CVE-2026-12851 2026-06-25 23:02 2026-06-24 Show GitHub Exploit DB Packet Storm
1013 5.4 MEDIUM
Network 		- - Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified crede… New CWE-862
 Missing Authorization 		CVE-2026-57291 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1014 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentia… New CWE-352
 Origin Validation Error 		CVE-2026-57292 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1015 4.3 MEDIUM
Network 		- - An incorrect permission check in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particul… New CWE-862
 Missing Authorization 		CVE-2026-57293 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1016 8.8 HIGH
Network 		- - Jenkins External Workspace Manager Plugin 1.3.2 and earlier does not reject path traversal sequences in the custom workspace path provided to the exwsAllocate Pipeline step, allowing attackers with I… New CWE-22
Path Traversal 		CVE-2026-57296 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1017 5.4 MEDIUM
Network 		- - A cross-site request forgery (CSRF) vulnerability in Jenkins Contrast Continuous Application Security Plugin 3.11 and earlier allows attackers to have Jenkins connect to an attacker-specified URL usi… New CWE-352
 Origin Validation Error 		CVE-2026-57298 2026-06-25 23:01 2026-06-24 Show GitHub Exploit DB Packet Storm
1018 4.3 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, POST /api/v1/calendars/events/{event_id}/update validates that the caller has write … New CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-54006 2026-06-25 22:41 2026-06-24 Show GitHub Exploit DB Packet Storm
1019 6.5 MEDIUM
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit mess… New CWE-346
 Origin Validation Error 		CVE-2026-54007 2026-06-25 22:40 2026-06-24 Show GitHub Exploit DB Packet Storm
1020 8.5 HIGH
Network 		openwebui open_webui Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, backend/open_webui/utils/oauth.py::_process_picture_url calls validate_url(picture_u… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-54008 2026-06-25 22:35 2026-06-24 Show GitHub Exploit DB Packet Storm