Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
561 7.5 重要
Network 		n8n n8n n8nにおける高圧縮データの処理 (データ増幅)に関する脆弱性 CWE-409
高圧縮データの不適切な処理 (データ増幅) 		CVE-2026-54314 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
562 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54530 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
563 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54531 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
564 5.5 警告
Local 		pypdf project pypdf pypdf projectのpypdfにおける無限ループに関する脆弱性 CWE-835
無限ループ 		CVE-2026-54651 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
565 5.3 警告
Network 		Apache Software Foundation Apache NiFi Apache Software FoundationのApache NiFiにおける同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-54665 2026-06-26 11:54 2026-06-22 Show GitHub Exploit DB Packet Storm
566 9.9 緊急
Network 		langflow langflow langflowにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-55255 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
567 6.1 警告
Physics 		langflow langflow langflowにおけるセッション期限に関する脆弱性 CWE-613
不適切なセッション期限 		CVE-2026-55423 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
568 7.5 重要
Network 		langflow langflow langflowにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-55446 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
569 9.6 緊急
Network 		langflow langflow langflowにおける複数の脆弱性 CWE-200
CWE-61
CVE-2026-55447 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
570 9.3 緊急
Network 		langflow langflow langflowにおける複数の脆弱性 CWE-200
CWE-306
CWE-400
CVE-2026-55450 2026-06-26 11:54 2026-06-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4411 - - - Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes, such as event handlers, into their container element in the host DOM. Du… CWE-79
Cross-site Scripting 		CVE-2026-47901 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4412 - - - Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory ex… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-49762 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4413 9.8 CRITICAL
Network 		- - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 befor… CWE-89
SQL Injection 		CVE-2026-7486 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4414 - - - Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name (e.g. `git`, `pandoc`, `grep`), the argument string is concaten… CWE-78
OS Command  		CVE-2026-9279 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4415 8.8 HIGH
Network 		google chrome Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CWE-416
 Use After Free 		CVE-2026-11630 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4416 8.3 HIGH
Network 		google chrome Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM… CWE-416
 Use After Free 		CVE-2026-11631 2026-06-9 23:45 2026-06-9 Show GitHub Exploit DB Packet Storm
4417 3.3 LOW
Network 		- - A heap buffer overflow flaw was found in 389 Directory Server. When audit logging is enabled, the create_masked_entry_string() function in auditlog.c copies a fixed-length password mask into a precis… CWE-122
Heap-based Buffer Overflow 		CVE-2026-11792 2026-06-9 23:42 2026-06-9 Show GitHub Exploit DB Packet Storm
4418 9.6 CRITICAL
Network 		google chrome Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) CWE-416
 Use After Free 		CVE-2026-11165 2026-06-9 23:24 2026-06-5 Show GitHub Exploit DB Packet Storm
4419 9.8 CRITICAL
Network 		- - A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the head… CWE-170
CWE-787
 Improper Null Termination
 Out-of-bounds Write 		CVE-2026-5067 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm
4420 - - - In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: disallow non-power of two min_region_sz on damon_start() Commit d8f867fa0825 ("mm/damon: add damon_ctx->min_sz_reg… - CVE-2026-52905 2026-06-9 23:16 2026-06-9 Show GitHub Exploit DB Packet Storm