Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4821	7.5	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-42245	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

4822	7.4	重要 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-392 CWE-393 CWE-636 CWE-754 CWE-841	CVE-2026-42246	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

4823	9.8	緊急 Network	ollama	ollama	Ollamaにおけるダウンロードしたコードの完全性検証不備に関する脆弱性	CWE-494 ダウンロードしたコードの完全性検証不備	CVE-2026-42248	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

4824	9.8	緊急 Network	ollama	ollama	Ollamaにおける複数の脆弱性	CWE-22 CWE-494	CVE-2026-42249	2026-05-20 13:30	2026-04-29	Show	GitHub Exploit DB Packet Storm

4825	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42257	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

4826	9.8	緊急 Network	Ruby-lang.org	Net::IMAP	Ruby-lang.orgのNet::IMAPにおける複数の脆弱性	CWE-77 CWE-93	CVE-2026-42258	2026-05-20 13:30	2026-05-9	Show	GitHub Exploit DB Packet Storm

4827	7.1	重要 Network	Quantum Nous	New API	Quantum NousのNew APIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-42339	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

4828	9.8	緊急 Network	sentry	sentry	sentryにおけるスプーフィングによる認証回避に関する脆弱性	CWE-290 スプーフィングによる認証回避	CVE-2026-42354	2026-05-20 13:30	2026-05-8	Show	GitHub Exploit DB Packet Storm

4829	5.5	警告 Local	M2-Team	NanaZip	M2-TeamのNanaZipにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-42355	2026-05-20 13:30	2026-05-12	Show	GitHub Exploit DB Packet Storm

4830	5.1	警告 Local	uriparser project	uriparser	uriparser projectのuriparserにおける数値打ち切り誤差に関する脆弱性	CWE-197 数値打ち切り誤差	CVE-2026-42371	2026-05-20 13:30	2026-04-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2341	8.2	HIGH Network	-	-	Joomla! Component Bargain Product VM3 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the produc…	CWE-89 SQL Injection	CVE-2017-20261	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2342	8.2	HIGH Network	-	-	Joomla! Component Calendar Planner 1.0.1 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the category_id parameter. Attackers can send GET…	CWE-89 SQL Injection	CVE-2017-20267	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2343	8.2	HIGH Network	-	-	Joomla Event Registration Pro Calendar 4.1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id …	CWE-89 SQL Injection	CVE-2017-20273	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2344	8.2	HIGH Network	-	-	Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET…	CWE-89 SQL Injection	CVE-2017-20279	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2345	8.2	HIGH Network	-	-	Joomla Component J-MultipleHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through th…	CWE-89 SQL Injection	CVE-2019-25750	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2346	8.2	HIGH Network	-	-	Joomla! Component vAccount 2.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the vid parameter. …	CWE-89 SQL Injection	CVE-2019-25756	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2347	7.5	HIGH Network	-	-	Joomla! Component JoomProject 1.1.3.2 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive user data by exploiting the projects endpoint. Attacke…	CWE-359 Exposure of Private Personal Information to an Unauthorized Actor	CVE-2019-25762	2026-06-23 03:37	2026-06-20	Show	GitHub Exploit DB Packet Storm

2348	5.5	MEDIUM Local	-	-	PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit thi…	CWE-863 Incorrect Authorization	CVE-2026-56074	2026-06-23 03:36	2026-06-19	Show	GitHub Exploit DB Packet Storm

2349	5.4	MEDIUM Network	-	-	Capgo before 12.128.2 contains a server-side request forgery vulnerability in webhook URL validation that allows loopback and internal addresses. Organization admins can configure webhooks pointing t…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-56227	2026-06-23 03:36	2026-06-21	Show	GitHub Exploit DB Packet Storm

2350	-		-	-	Flowise before 3.1.2 contains a mass assignment vulnerability in the PUT /api/v1/user endpoint that allows authenticated users to directly modify the credential field without validation. Attackers ca…	CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes	CVE-2026-56276	2026-06-23 03:36	2026-06-21	Show	GitHub Exploit DB Packet Storm