Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5781	7.5	重要 Network	アップル	iOS iPadOS	アップルのiPadOS等の複数製品におけるユーザインターフェースにおける重要情報の誤った表示に関する脆弱性	CWE-451 ユーザインターフェースにおける重要情報の誤った表示	CVE-2025-46311	2026-05-14 10:23	2026-05-12	Show	GitHub Exploit DB Packet Storm

5782	4.7	警告 Network	ISPConfig	ISPConfig	ISPConfigにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-52206	2026-05-14 10:23	2026-05-5	Show	GitHub Exploit DB Packet Storm

5783	7.3	重要 Network	AstrBot	AstrBot	AstrBotにおけるハードコードされた暗号鍵の使用に関する脆弱性	CWE-321 ハードコードされた暗号鍵の使用	CVE-2025-55449	2026-05-14 10:23	2026-05-8	Show	GitHub Exploit DB Packet Storm

5784	7.2	重要 Network	Check MK	Check MK	Check MKにおける認証情報の不十分な保護に関する脆弱性	CWE-522 認証情報の不十分な保護	CVE-2025-64998	2026-05-14 10:22	2026-03-24	Show	GitHub Exploit DB Packet Storm

5785	6.5	警告 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2025-66171	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

5786	8.1	重要 Network	Apache Software Foundation	CloudStack	Apache Software FoundationのCloudStackにおける認可されていない行為者への個人情報の漏えいに関する脆弱性	CWE-359 認可されていないアクターへの個人情報の漏えい	CVE-2025-66172	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

5787	7.2	重要 Network	Dolibarr ERP & CRM	dolibarr erp/crm	Dolibarr ERP & CRMのdolibarr erp/crmにおけるインジェクションに関する脆弱性	CWE-74 インジェクション	CVE-2025-67486	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

5788	9.1	緊急 Network	Electric Sheep Fencing	pfSense	Electric Sheep FencingのpfSenseにおける複数の脆弱性	CWE-502 CWE-915	CVE-2025-69690	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

5789	9.9	緊急 Network	Electric Sheep Fencing	pfSense	Electric Sheep FencingのpfSenseにおける複数の脆弱性	CWE-284 CWE-915	CVE-2025-69691	2026-05-14 10:22	2026-05-8	Show	GitHub Exploit DB Packet Storm

5790	5.5	警告 Local	Linux	Linux Kernel	LinuxのLinux Kernelにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-71271	2026-05-14 10:22	2026-05-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	6.5	MEDIUM Network	-	-	Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions.	CWE-79 Cross-site Scripting	CVE-2026-57618	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

862	6.5	MEDIUM Network	-	-	Unauthenticated Broken Access Control in GIFT4U <= 1.0.10 versions.	CWE-862 Missing Authorization	CVE-2026-57324	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

863	5.8	MEDIUM Network	-	-	Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions.	CWE-862 Missing Authorization	CVE-2026-57323	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

864	7.1	HIGH Network	-	-	Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments <= 1.6.12.2 versions.	CWE-79 Cross-site Scripting	CVE-2026-57317	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

865	6.5	MEDIUM Network	-	-	Subscriber Sensitive Data Exposure in GetGenie <= 4.4.2 versions.	CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere	CVE-2026-57316	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

866	8.1	HIGH Network	-	-	extract-zip does not validate symlink targets when extracting zip archives. When processing a malicious zip file containing a symlink with a relative path like '../../../../etc/passwd', extract-zip w…	CWE-22 CWE-61 Path Traversal UNIX Symbolic Link (Symlink) Following	CVE-2026-56876	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

867	7.3	HIGH Local	-	-	CANBoat through 6.22, fixed in commit a5a22b7, contains an off-by-one global buffer overflow in the searchForPgn() function in analyzer/pgn.c that allows remote attackers to crash the application. At…	CWE-193 Off-by-one Error	CVE-2026-56790	2026-06-27 03:17	2026-06-26	Show	GitHub Exploit DB Packet Storm

868	7.1	HIGH Network	-	-	Unauthenticated Cross Site Scripting (XSS) in WoodMart <= 8.5.3 versions.	CWE-79 Cross-site Scripting	CVE-2026-56072	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

869	9.3	CRITICAL Network	-	-	Unauthenticated SQL Injection in Advance Product Search <= 1.4.4 versions.	CWE-89 SQL Injection	CVE-2026-56070	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm

870	8.5	HIGH Network	-	-	Subscriber SQL Injection in Tourfic <= 2.22.5 versions.	CWE-89 SQL Injection	CVE-2026-56064	2026-06-27 03:17	2026-06-27	Show	GitHub Exploit DB Packet Storm