Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
5101 6.2 警告
Local 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における整数オーバーフローの脆弱性 CWE-190
整数オーバーフローまたはラップアラウンド 		CVE-2026-34680 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
5102 6.2 警告
Local 		アドビシステムズ C2PA (Coalition for Content Provenance and Authenticity)
(Content Authenticity Initiative) c2pa-web 		アドビの(Content Authenticity Initiative) c2pa-web等の複数製品における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-34688 2026-05-18 11:23 2026-05-12 Show GitHub Exploit DB Packet Storm
5103 7.1 重要
Adjacent 		Linux Foundation automotive grade linux Linux FoundationのAutomotive Grade Linuxにおけるバッファオーバーリードの脆弱性 CWE-126
バッファオーバーリード 		CVE-2026-37532 2026-05-18 11:23 2026-05-1 Show GitHub Exploit DB Packet Storm
5104 8.8 重要
Network 		マイクロソフト Microsoft Data Formulator Microsoft Data Formulator のリモートでコードが実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2026-41094 2026-05-18 11:22 2026-05-12 Show GitHub Exploit DB Packet Storm
5105 9.1 緊急
Network 		マイクロソフト Microsoft Confluence SAML SSO plugin
Microsoft JIRA SAML SSO plugin 		Jira と Confluence 用の Microsoft SSO プラグインの特権昇格の脆弱性 CWE-303
CWE-Other
CVE-2026-41103 2026-05-18 11:22 2026-05-12 Show GitHub Exploit DB Packet Storm
5106 5.9 警告
Network 		opentelemetry OpenTelemetry.Resources.Azure opentelemetryのOpenTelemetry.Resources.Azureにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-41483 2026-05-18 11:22 2026-05-6 Show GitHub Exploit DB Packet Storm
5107 5.9 警告
Network 		opentelemetry OpenTelemetry.Exporter.OneCollector opentelemetryのOpenTelemetry.Exporter.OneCollectorにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-41484 2026-05-18 11:22 2026-05-6 Show GitHub Exploit DB Packet Storm
5108 5.5 警告
Local 		マイクロソフト Visual Studio Code - Live Preview extension マイクロソフトのVisual Studio Code - Live Preview extensionにおける複数の脆弱性 CWE-22
CWE-22
CWE-23
CVE-2026-41612 2026-05-18 11:22 2026-05-12 Show GitHub Exploit DB Packet Storm
5109 7.8 重要
Local 		OpenImageIO (OIIO) OpenImageIO (OIIO) OpenImageIO (OIIO)における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-43903 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
5110 7.8 重要
Local 		OpenImageIO (OIIO) OpenImageIO (OIIO) OpenImageIO (OIIO)における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2026-43904 2026-05-18 11:22 2026-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1841 8.2 HIGH
Network 		- - Joomla OSDownloads 1.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers… CWE-89
SQL Injection 		CVE-2017-20259 2026-06-24 03:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1842 8.2 HIGH
Network 		- - Joomla! Component My Projects 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the VerAyari param… CWE-89
SQL Injection 		CVE-2017-20253 2026-06-24 03:17 2026-06-20 Show GitHub Exploit DB Packet Storm
1843 5.5 MEDIUM
Local 		- - NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the create_agent delivery-action handler that performs privileged central-database writes without host-side authorization check… CWE-602
 Client-Side Enforcement of Server-Side Security 		CVE-2026-56693 2026-06-24 02:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1844 5.4 MEDIUM
Network 		- - OpenHarness /issue and /pr_comments slash commands lack remote_invocable=False protection, allowing remote channel senders to write attacker-controlled Markdown into project context files. Admitted r… CWE-862
 Missing Authorization 		CVE-2026-56696 2026-06-24 02:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1845 4.8 MEDIUM
Network 		- - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request meth… CWE-93
CWE-113
CRLF Injection
HTTP Response Splitting 		CVE-2026-55766 2026-06-24 02:57 2026-06-24 Show GitHub Exploit DB Packet Storm
1846 6.1 MEDIUM
Network 		flowiseai flowise Flowise before 3.0.8 contains a cross-site scripting (XSS) vulnerability caused by insufficient input filtering in chat messages and custom agent functions. An attacker can inject malicious JavaScrip… CWE-80
Basic XSS 		CVE-2025-71331 2026-06-24 02:53 2026-06-21 Show GitHub Exploit DB Packet Storm
1847 8.2 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists in the optional LZ4 decompression path used by MessagePack compression modes Lz4Block and Lz4… CWE-20
 Improper Input Validation  		CVE-2026-48109 2026-06-24 02:25 2026-06-23 Show GitHub Exploit DB Packet Storm
1848 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.ReadDateTime() can allocate stack memory based on an attacker-controlled MessagePack extension len… CWE-125
CWE-190
CWE-407
CWE-409
CWE-470
CWE-502
CWE-674
CWE-789
CWE-1188
Out-of-bounds Read
 Integer Overflow or Wraparound
 Inefficient Algorithmic Complexity
 Improper Handling of Highly Compressed Data (Data Amplification)
Unsafe Reflection
 Deserialization of Untrusted Data
 Uncontrolled Recursion
 Memory Allocation with Excessive Size Value
 Insecure Default Initialization of Resource 		CVE-2026-48502 2026-06-24 02:25 2026-06-23 Show GitHub Exploit DB Packet Storm
1849 7.5 HIGH
Network 		messagepack messagepack MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, MessagePackReader.TrySkip() recursively descends into nested arrays and maps without incrementing the reader depth o… CWE-674
 Uncontrolled Recursion 		CVE-2026-48506 2026-06-24 02:24 2026-06-23 Show GitHub Exploit DB Packet Storm
1850 8.1 HIGH
Network 		- - piscina is a node.js worker pool implementation. Prior to 6.0.0-rc.2, 5.2.0, and 4.9.3, piscina's constructor and run() paths read the filename option via plain member access. Both reads fall through… CWE-94
CWE-1321
Code Injection
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') 		CVE-2026-55388 2026-06-24 02:17 2026-06-23 Show GitHub Exploit DB Packet Storm