Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
541 7.7 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-22
CWE-918
CVE-2026-54017 2026-06-26 11:55 2026-06-18 Show GitHub Exploit DB Packet Storm
542 7.7 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-54018 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
543 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-862
CWE-943
CVE-2026-54019 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
544 6.3 警告
Network 		openwebui open webui openwebuiのopen webuiにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-54021 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
545 5.3 警告
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-706
CWE-863
CVE-2026-54022 2026-06-26 11:55 2026-06-23 Show GitHub Exploit DB Packet Storm
546 7.5 重要
Network 		マイクロソフト Microsoft 365 Copilot M365 Copilot の情報漏えいの脆弱性 CWE-306
重要な機能に対する認証の欠如 解説 		CVE-2026-54130 2026-06-26 11:55 2026-06-18 Show GitHub Exploit DB Packet Storm
547 8.8 重要
Network 		vLLM vLLM vLLMにおける制御されていない検索パスの要素に関する脆弱性 CWE-427
制御されていない検索パスの要素 		CVE-2026-54232 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
548 6.5 警告
Network 		vLLM vLLM vLLMにおける高圧縮データの処理 (データ増幅)に関する脆弱性 CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-54233 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
549 6.5 警告
Network 		vLLM vLLM vLLMにおける指定されたタイプの入力に対する不適切な検証に関する脆弱性 CWE-1287
指定されたタイプの入力に対する不適切な検証 		CVE-2026-54235 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
550 5.3 警告
Network 		vLLM vLLM vLLMにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-54236 2026-06-26 11:55 2026-06-22 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
254071 4.9 MEDIUM
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the produc… CWE-200
Information Exposure 		CVE-2018-10522 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254072 2.7 LOW
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard contains an arbitrary file movement vulnerability that can cause DoS, exploitable by an admin user, because … CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2018-10521 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254073 6.5 MEDIUM
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, beca… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-10520 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254074 8.8 HIGH
Network 		cmsmadesimple cms_made_simple CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because f… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-10519 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254075 6.5 MEDIUM
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "file delete" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, becaus… CWE-732
 Incorrect Permission Assignment for Critical Resource 		CVE-2018-10518 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254076 7.2 HIGH
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can… CWE-94
Code Injection 		CVE-2018-10517 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254077 6.5 MEDIUM
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by an admin user, that can cause Do… CWE-200
Information Exposure 		CVE-2018-10516 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254078 7.2 HIGH
Network 		cmsmadesimple cms_made_simple In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be pre… CWE-94
Code Injection 		CVE-2018-10515 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254079 7.8 HIGH
Local 		web-dorado form_maker The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection. CWE-1236
 Improper Neutralization of Formula Elements in a CSV File 		CVE-2018-10504 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm
254080 8.8 HIGH
Network 		baijiacms_project baijiacms An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an… CWE-352
 Origin Validation Error 		CVE-2018-10503 2024-11-21 12:41 2018-04-28 Show GitHub Exploit DB Packet Storm