Vulnerability Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
951	9.8	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-35304	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

952	9.3	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35305	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

953	9.3	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35306	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

954	10	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35307	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

955	10	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35308	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

956	9.8	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35309	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

957	9.8	緊急 Network	オラクル	Oracle Coherence	オラクルのOracle Coherenceにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35310	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

958	8.8	重要 Network	オラクル	Oracle WebLogic Server	オラクルのOracle WebLogic Serverにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35311	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

959	9.8	緊急 Network	オラクル	Oracle Virtual Directory	オラクルのOracle Virtual Directoryにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35312	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

960	9.9	緊急 Network	オラクル	Oracle Access Manager	オラクルのOracle Access Managerにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-35313	2026-06-22 11:39	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
254101	10.0	CRITICAL Network	neo4j	awesome_procedures_on_cyper	neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of servic…	CWE-611 XXE	CVE-2018-1000820	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254102	5.4	MEDIUM Network	grafana	grafana	Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser…	CWE-79 Cross-site Scripting	CVE-2018-1000816	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254103	4.3	MEDIUM Network	brave	brave	Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result …	CWE-20 Improper Input Validation	CVE-2018-1000815	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254104	7.5	HIGH Network	asset_pipeline_project	asset-pipeline	Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in D…	CWE-22 Path Traversal	CVE-2018-1000817	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254105	6.5	MEDIUM Network	aiohttp-session_project	aiohttp-session	aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan.…	CWE-613 Insufficient Session Expiration	CVE-2018-1000814	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254106	4.8	MEDIUM Network	backdropcms	backdrop_cms	Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts. that can result in Execution of JavaScrip…	CWE-79 Cross-site Scripting	CVE-2018-1000813	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254107	8.1	HIGH Network	artica	integria_ims	Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 4…	CWE-640 Weak Password Recovery Mechanism for Forgotten Password	CVE-2018-1000812	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254108	8.8	HIGH Network	bludit	bludit	bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be e…	CWE-434 Unrestricted Upload of File with Dangerous Type	CVE-2018-1000811	2024-11-21 12:40	2018-12-21	Show	GitHub Exploit DB Packet Storm

254109	9.8	CRITICAL Network	paloaltonetworks	expedition	The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/applicati…	CWE-269 Improper Privilege Management	CVE-2018-10143	2024-11-21 12:40	2018-12-12	Show	GitHub Exploit DB Packet Storm

254110	8.8	HIGH Network	jenkins redhat	pipeline\ openshift_container_platform	A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/…	CWE-269 Improper Privilege Management	CVE-2018-1000866	2024-11-21 12:40	2018-12-10	Show	GitHub Exploit DB Packet Storm

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed