Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 22, 2026, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
121	8.8	重要 Network	オラクル	Oracle iSetup	オラクルのOracle iSetupにおける複数の脆弱性 New	CWE-269 CWE-287 CWE-306	CVE-2026-46937	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

122	9.1	緊急 Network	オラクル	Oracle iSupport	オラクルのOracle iSupportにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46944	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

123	9.1	緊急 Network	オラクル	Oracle iSupport	オラクルのOracle iSupportにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46945	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

124	9.1	緊急 Network	オラクル	Oracle iSupport	オラクルのOracle iSupportにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46946	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

125	8.8	重要 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46947	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

126	9.1	緊急 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46949	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

127	8.8	重要 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性 New	CWE-284 CWE-noinfo	CVE-2026-46950	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

128	7.5	重要 Network	オラクル	Oracle Human Resources	オラクルのOracle Human Resourcesにおける複数の脆弱性 New	CWE-352 CWE-601 CWE-79	CVE-2026-46955	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

129	7.5	重要 Network	オラクル	Oracle iSupplier Portal	オラクルのOracle iSupplier Portalにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-46957	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

130	7.5	重要 Network	オラクル	Oracle Subledger Accounting	オラクルのOracle Subledger Accountingにおける複数の脆弱性 New	CWE-269 CWE-284 CWE-306	CVE-2026-46958	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 23, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
320511	8.8	HIGH Network	dell	smartfabric_os10	Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…	CWE-77 Command Injection	CVE-2024-38486	2024-09-14 05:36	2024-09-6	Show	GitHub Exploit DB Packet Storm

320512	7.2	HIGH Network	wedevs	wp_user_frontend	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…	CWE-89 SQL Injection	CVE-2024-38693	2024-09-14 05:35	2024-08-29	Show	GitHub Exploit DB Packet Storm

320513	5.4	MEDIUM Network	qnap	notes_station_3	A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We hav…	CWE-79 Cross-site Scripting	CVE-2024-27126	2024-09-14 05:31	2024-09-7	Show	GitHub Exploit DB Packet Storm

320514	7.5	HIGH Network	accordors	accord_ors	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.	NVD-CWE-noinfo	CVE-2024-1744	2024-09-14 05:30	2024-09-6	Show	GitHub Exploit DB Packet Storm

320515	6.1	MEDIUM Network	br-automation	industrial_automation_aprol	Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…	CWE-79 Cross-site Scripting	CVE-2024-5624	2024-09-14 05:23	2024-08-29	Show	GitHub Exploit DB Packet Storm

320516	7.8	HIGH Local	br-automation	industrial_automation_aprol	An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …	CWE-426 Untrusted Search Path	CVE-2024-5622	2024-09-14 05:21	2024-08-29	Show	GitHub Exploit DB Packet Storm

320517	7.8	HIGH Local	br-automation	industrial_automation_aprol	An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.	CWE-426 Untrusted Search Path	CVE-2024-5623	2024-09-14 05:19	2024-08-29	Show	GitHub Exploit DB Packet Storm

320518	8.8	HIGH Network	portabilis	i-educar	i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 b…	CWE-89 SQL Injection	CVE-2024-45059	2024-09-14 05:09	2024-08-29	Show	GitHub Exploit DB Packet Storm

320519	8.1	HIGH Network	portabilis	i-educar	i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal vie…	CWE-862 Missing Authorization	CVE-2024-45058	2024-09-14 05:06	2024-08-29	Show	GitHub Exploit DB Packet Storm

320520	6.1	MEDIUM Network	portabilis	i-educar	i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting (XSS) vulnerability was i…	CWE-79 Cross-site Scripting	CVE-2024-45057	2024-09-14 05:03	2024-08-29	Show	GitHub Exploit DB Packet Storm