Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 24, 2026, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
331	5.4	警告 Network	マイクロソフト	Microsoft SharePoint Server	Microsoft Office Project Server のなりすましの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45483	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

332	7.8	重要 Local	マイクロソフト	.NET	.NET SDK の特権昇格の脆弱性 New	CWE-285 CWE-863	CVE-2026-45490	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

333	5.5	警告 Local	マイクロソフト	.NET	.NET の改ざんの脆弱性 New	CWE-59 リンク解釈の問題	CVE-2026-45491	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

334	6.1	警告 Network	マイクロソフト	Microsoft Exchange Server Subscription Edition (SE) Microsoft Exchange Server	Microsoft Exchange Server のなりすましの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-45500	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

335	8.1	重要 Network	マイクロソフト	Microsoft Exchange Server Subscription Edition (SE) Microsoft Exchange Server	Microsoft Exchange Server のリモートでコードが実行される脆弱性 New	CWE-94 コード・インジェクション	CVE-2026-45583	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

336	7.5	重要 Network	マイクロソフト	Microsoft Visual Studio 2026 .NET ASP.NET Core	ASP.NET Core のサービス拒否の脆弱性 New	CWE-400 CWE-noinfo	CVE-2026-45591	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

337	7.5	重要 Network	マイクロソフト	Microsoft Windows 11 26h1 Microsoft Windows Server 2022 Microsoft Windows 10 22h2 Microsoft Windows 10 1607 Microsoft Wind…	Windows リモートデスクトッププロトコル (RDP) の情報漏えいの脆弱性 New	CWE-125 境界外読み取り	CVE-2026-45639	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

338	7.8	重要 Local	マイクロソフト	Microsoft Office 2021 Long Term Servicing Channel Edition Microsoft Office 365 Microsoft Office 2024 Long-Term Servicing Ch…	Microsoft Office のリモートコードが実行される脆弱性 New	CWE-787 CWE-822	CVE-2026-45645	2026-06-22 11:56	2026-06-9	Show	GitHub Exploit DB Packet Storm

339	7	重要 Local	マイクロソフト	Microsoft Defender for Endpoint	Microsoft Defender for Endpoint for Mac の特権の昇格の脆弱性 New	CWE-367 Time-of-check Time-of-use (TOCTOU) 競合状態	CVE-2026-45647	2026-06-22 11:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

340	7.1	重要 Local	マイクロソフト	Microsoft Word Microsoft Excel Microsoft PowerPoint	Office for Android のなりすましの脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-45649	2026-06-22 11:55	2026-06-9	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254521	5.0	MEDIUM Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1	Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen…	CWE-200 Information Exposure	CVE-2017-8471	2024-11-21 12:34	2017-06-15	Show	GitHub Exploit DB Packet Storm

254522	5.0	MEDIUM Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1	Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authen…	CWE-200 Information Exposure	CVE-2017-8470	2024-11-21 12:34	2017-06-15	Show	GitHub Exploit DB Packet Storm

254523	5.5	MEDIUM Local	microsoft	windows_server_2008 windows_server_2012 windows_8.1 windows_7 windows_rt_8.1	The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows an…	CWE-200 Information Exposure	CVE-2017-8469	2024-11-21 12:34	2017-06-15	Show	GitHub Exploit DB Packet Storm

254524	5.0	MEDIUM Local	microsoft	windows_server_2008 windows_server_2012 windows_10 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1	The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 all…	CWE-200 Information Exposure	CVE-2017-8462	2024-11-21 12:34	2017-06-15	Show	GitHub Exploit DB Packet Storm

254525	8.8	HIGH Network	atlassian	bamboo	Atlassian Bamboo 5.x before 5.15.7 and 6.x before 6.0.1 did not correctly check if a user creating a deployment project had the edit permission and therefore the rights to do so. An attacker who can…	CWE-863 Incorrect Authorization	CVE-2017-8907	2024-11-21 12:34	2017-06-15	Show	GitHub Exploit DB Packet Storm

254526	6.5	MEDIUM Network	gnome opensuse	libcroco leap	The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2017-8871	2024-11-21 12:34	2017-06-12	Show	GitHub Exploit DB Packet Storm

254527	6.5	MEDIUM Network	gnome opensuse	libcroco leap	The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2017-8834	2024-11-21 12:34	2017-06-12	Show	GitHub Exploit DB Packet Storm

254528	6.1	MEDIUM Network	cgiirc	cgi\	irc.cgi in CGI:IRC before 0.5.12 reflects user-supplied input from the R parameter without proper output encoding, aka XSS.	CWE-79 Cross-site Scripting	CVE-2017-8920	2024-11-21 12:34	2017-06-7	Show	GitHub Exploit DB Packet Storm

254529	8.1	HIGH Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	Arbitrary file deletion exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. The attack methodology …	CWE-22 Path Traversal	CVE-2017-8841	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm

254530	5.3	MEDIUM Network	peplink	b305hw2_firmware 380hw6_firmware 580hw2_firmware 710hw3_firmware 1350hw2_firmware 2500_firmware	Debug information disclosure exists on Peplink Balance 305, 380, 580, 710, 1350, and 2500 devices with firmware before fw-b305hw2_380hw6_580hw2_710hw3_1350hw2_2500-7.0.1-build2093. A direct request t…	CWE-200 Information Exposure	CVE-2017-8840	2024-11-21 12:34	2017-06-5	Show	GitHub Exploit DB Packet Storm