Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
531 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-54007 2026-06-26 11:56 2026-06-23 Show GitHub Exploit DB Packet Storm
532 8.5 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-54008 2026-06-26 11:56 2026-06-23 Show GitHub Exploit DB Packet Storm
533 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-54009 2026-06-26 11:56 2026-06-23 Show GitHub Exploit DB Packet Storm
534 8.3 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-284
CWE-639
CWE-862
CVE-2026-54010 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
535 5.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-54011 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
536 7.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-284
CWE-285
CWE-862
CVE-2026-54012 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
537 7.6 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-116
CWE-693
CWE-79
CVE-2026-54013 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
538 4.3 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-54014 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
539 6.4 警告
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-284
CWE-639
CVE-2026-54015 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
540 4.3 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-54016 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
343571 - estara softphone eStara SIP softphone allows remote attackers to cause a denial of service (crash) via an INVITE request with a Content-Length field that has more than 9 digits. NVD-CWE-Other
CVE-2006-0739 2018-10-20 00:46 2006-02-17 Show GitHub Exploit DB Packet Storm
343572 - x.org
mandrakesoft
redhat
sun
suse 		x11r6
x11r7
mandrake_linux
fedora_core
solaris
suse_linux 		X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users… NVD-CWE-Other
CVE-2006-0745 2018-10-20 00:46 2006-03-21 Show GitHub Exploit DB Packet Storm
343573 - xpdf xpdf Certain patches for kpdf do not include all relevant patches from xpdf that were associated with CVE-2005-3627, which allows context-dependent attackers to exploit vulnerabilities that were present i… NVD-CWE-Other
CVE-2006-0746 2018-10-20 00:46 2006-03-9 Show GitHub Exploit DB Packet Storm
343574 - freetype freetype Integer underflow in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a font file with an odd number of blue values, which causes the underflow when decrementing b… CWE-189
Numeric Errors 		CVE-2006-0747 2018-10-20 00:46 2006-05-23 Show GitHub Exploit DB Packet Storm
343575 - mozilla firefox
seamonkey
thunderbird 		Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid an… CWE-399
 Resource Management Errors 		CVE-2006-0748 2018-10-20 00:46 2006-04-14 Show GitHub Exploit DB Packet Storm
343576 - mozilla firefox
seamonkey
thunderbird 		This vulnerability also affects Mozilla Suite before 1.7.13 CWE-399
 Resource Management Errors 		CVE-2006-0748 2018-10-20 00:46 2006-04-14 Show GitHub Exploit DB Packet Storm
343577 - mozilla firefox
mozilla_suite
seamonkey
thunderbird 		nsHTMLContentSink.cpp in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to cause a denial of serv… CWE-399
 Resource Management Errors 		CVE-2006-0749 2018-10-20 00:46 2006-04-14 Show GitHub Exploit DB Packet Storm
343578 - supersmashbrothers army_system SQL injection vulnerability in army.php in supersmashbrothers (SSB) Army System 2.1.0 for Invision Power Board (IPB) allows remote attackers to execute arbitrary SQL commands via the userstat paramet… CWE-89
SQL Injection 		CVE-2006-0750 2018-10-20 00:46 2006-02-18 Show GitHub Exploit DB Packet Storm
343579 - niels_provos honeyd Niels Provos Honeyd before 1.5 replies to certain illegal IP packet fragments that other IP stack implementations would drop, which allows remote attackers to identify IP addresses that are being sim… NVD-CWE-Other
CVE-2006-0752 2018-10-20 00:46 2006-02-18 Show GitHub Exploit DB Packet Storm
343580 - microsoft ie Memory leak in Microsoft Internet Explorer 6 for Windows XP Service Pack 2 allows remote attackers to cause a denial of service (memory consumption) via JavaScript that uses setInterval to repeatedly… NVD-CWE-Other
CVE-2006-0753 2018-10-20 00:46 2006-02-18 Show GitHub Exploit DB Packet Storm