Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
501	8.1	重要 Network	Apache Software Foundation	APISIX	Apache Software FoundationのAPISIXにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-47339	2026-06-26 11:57	2026-06-19	Show	GitHub Exploit DB Packet Storm

502	6.5	警告 Network	Apache Software Foundation	APISIX	Apache Software FoundationのAPISIXにおけるCapture-replay による認証回避に関する脆弱性	CWE-294 Capture-replayによる認証回避	CVE-2026-47341	2026-06-26 11:57	2026-06-19	Show	GitHub Exploit DB Packet Storm

503	9.9	緊急 Network	マイクロソフト	Microsoft Dynamics 365	Dynamics 365 Elevation of Privilege Vulnerability	CWE-284 不適切なアクセス制御	CVE-2026-47647	2026-06-26 11:57	2026-06-18	Show	GitHub Exploit DB Packet Storm

504	8.2	重要 Network	MessagePack	MessagePack	MessagePackにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-48109	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

505	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける複数の脆弱性	CWE-1188 CWE-125 CWE-190 CWE-407 CWE-409 CWE-470 CWE-502 CWE-674 CWE-789	CVE-2026-48502	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

506	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-48506	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

507	9.1	緊急 Network	MessagePack	MessagePack	MessagePackにおけるリソースの安全ではないデフォルト値への初期化に関する脆弱性	CWE-1188 リソースの安全ではないデフォルト値への初期化	CVE-2026-48509	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

508	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける複数の脆弱性	CWE-409 CWE-770	CVE-2026-48510	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

509	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおけるアルゴリズムの複雑さに関する脆弱性	CWE-407 アルゴリズムの複雑性	CVE-2026-48511	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

510	7.5	重要 Network	MessagePack	MessagePack	MessagePackにおける再帰制御に関する脆弱性	CWE-674 不適切な再帰制御	CVE-2026-48512	2026-06-26 11:57	2026-06-22	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
4311	8.8	HIGH Network	samlify_project	samlify	samlify is a Node.js library for SAML single sign-on. Prior to version 2.13.0, samlify’s template substitution only escapes attribute contexts. Values inserted into element text (e.g., <saml:Attribut…	CWE-91 Blind XPath Injection	CVE-2026-46490	2026-06-10 01:48	2026-06-9	Show	GitHub Exploit DB Packet Storm

4312	7.1	HIGH Network	snipeitapp	snipe-it	Snipe-IT is an IT asset/license management system. A vulnerability in versions prior to 8.6.0 allows a non-admin user holding only the granular `users.edit` permission to lock every admin out of the …	CWE-863 Incorrect Authorization	CVE-2026-48507	2026-06-10 01:41	2026-06-9	Show	GitHub Exploit DB Packet Storm

4313	9.8	CRITICAL Network	apache	http_server	Use After Free vulnerability in Apache HTTP Server with mod_ldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to…	CWE-416 Use After Free	CVE-2026-29167	2026-06-10 01:29	2026-06-9	Show	GitHub Exploit DB Packet Storm

4314	6.1	MEDIUM Network	apache	http_server	A cross-site scripting vulnerability exists in mod_proxy_ftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or revers…	CWE-79 Cross-site Scripting	CVE-2026-29170	2026-06-10 01:21	2026-06-9	Show	GitHub Exploit DB Packet Storm

4315	7.5	HIGH Network	apache	http_server	A buffer overflow in mod_proxy_html in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue.	CWE-122 Heap-based Buffer Overflow	CVE-2026-34355	2026-06-10 01:20	2026-06-9	Show	GitHub Exploit DB Packet Storm

4316	8.8	HIGH Network	dlink	dwr-m920_firmware	A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in …	CWE-74 CWE-77 Injection Command Injection	CVE-2026-11339	2026-06-10 01:17	2026-06-6	Show	GitHub Exploit DB Packet Storm

4317	7.5	HIGH Network	apache	http_server	Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie* This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are…	CWE-122 Heap-based Buffer Overflow	CVE-2026-34356	2026-06-10 01:17	2026-06-9	Show	GitHub Exploit DB Packet Storm

4318	8.8	HIGH Network	dlink	dir-823g_firmware	A security flaw has been discovered in D-Link DIR-823G 1.0.2B05. The affected element is an unknown function of the file /etc/vsftpd.conf of the component vsftpd. Performing a manipulation results in…	CWE-266 CWE-272 Incorrect Privilege Assignment Least Privilege Violation	CVE-2026-11492	2026-06-10 01:17	2026-06-8	Show	GitHub Exploit DB Packet Storm

4319	7.5	HIGH Network	dlink	dgs-1100-08pd_firmware	A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least …	CWE-266 CWE-272 Incorrect Privilege Assignment Least Privilege Violation	CVE-2026-11555	2026-06-10 01:16	2026-06-9	Show	GitHub Exploit DB Packet Storm

4320	8.8	HIGH Network	dlink	dcs-5615_firmware	A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipul…	CWE-266 CWE-272 Incorrect Privilege Assignment Least Privilege Violation	CVE-2026-11497	2026-06-10 01:16	2026-06-8	Show	GitHub Exploit DB Packet Storm