Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1301 7.5 重要
Network 		Python Software Foundation Python Python Software FoundationのPythonにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-4224 2026-06-8 11:47 2026-03-16 Show GitHub Exploit DB Packet Storm
1302 7.1 重要
Network 		Auth0 Inc. auth0.js Auth0 Inc.のauth0.jsにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-42280 2026-06-8 11:47 2026-05-27 Show GitHub Exploit DB Packet Storm
1303 9.3 緊急
Network 		Authentik Security Inc authentik Authentik Security Incのauthentikにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42849 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
1304 8.3 重要
Adjacent 		MacGregor Interschalt VDR G4e Firmware MacGregorのInterschalt VDR G4e Firmwareにおけるハードコードされた認証情報の使用に関する脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2026-42929 2026-06-8 11:47 2026-05-29 Show GitHub Exploit DB Packet Storm
1305 8.3 重要
Adjacent 		MacGregor Interschalt VDR G4e Firmware MacGregorのInterschalt VDR G4e Firmwareにおけるデフォルトの認証情報の使用に関する脆弱性 CWE-1392
デフォルトの認証情報の使用 		CVE-2026-42941 2026-06-8 11:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1306 5.4 警告
Adjacent 		MacGregor Interschalt VDR G4e Firmware MacGregorのInterschalt VDR G4e Firmwareにおける認証情報の不十分な保護に関する脆弱性 CWE-522
認証情報の不十分な保護 		CVE-2026-42951 2026-06-8 11:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1307 7.8 重要
Local 		Linux Linux Kernel LinuxのLinux Kernelにおける解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-43084 2026-06-8 11:46 2026-05-6 Show GitHub Exploit DB Packet Storm
1308 5.5 警告
Local 		Zeit, Inc. Vercel CLI Vercel, Inc. (旧 Zeit, Inc.)のVercel CLIにおける複数の脆弱性 CWE-200
CWE-532
CVE-2026-44479 2026-06-8 11:46 2026-05-13 Show GitHub Exploit DB Packet Storm
1309 5.3 警告
Network 		Open Quantum Safe liboqs Open Quantum Safeのliboqsにおける複数の脆弱性 CWE-125
CWE-20
CVE-2026-44518 2026-06-8 11:46 2026-05-29 Show GitHub Exploit DB Packet Storm
1310 5.4 警告
Adjacent 		MacGregor Interschalt VDR G4e Firmware MacGregorのInterschalt VDR G4e Firmwareにおける強度が不十分なパスワードハッシュの使用に関する脆弱性 CWE-916
強度が不十分なパスワードハッシュの使用 		CVE-2026-44611 2026-06-8 11:46 2026-05-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310911 - seagullproject.org seagull Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to (1) Config/Container.php and (2) HTM… CWE-94
Code Injection 		CVE-2010-3209 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310912 - wiccle wiccle_web_builder Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web Builder (WWB) 1.00 and 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the post_text parameter in a site cu… CWE-79
Cross-site Scripting 		CVE-2010-3208 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310913 - galeriashqip galeriashqip SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of t… CWE-89
SQL Injection 		CVE-2010-3207 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310914 - diy-cms diy-cms Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) lang parameter to modules/guestbook/blocks/control.block.ph… CWE-94
Code Injection 		CVE-2010-3206 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310915 - textpattern textpattern PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter. CWE-94
Code Injection 		CVE-2010-3205 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310916 - pecio-cms pecio_cms Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to execute arbitrary PHP code via a URL in the template parameter to (1) post.php, (2) article.php, (3) bl… CWE-94
Code Injection 		CVE-2010-3204 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310917 - xmlswf com_picsell Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfr… CWE-22
Path Traversal 		CVE-2010-3203 2024-11-21 10:18 2010-09-4 Show GitHub Exploit DB Packet Storm
310918 - ibm db2 IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM schema, which allows remote attackers to obtain sensitive information via unsp… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3197 2024-11-21 10:18 2010-09-1 Show GitHub Exploit DB Packet Storm
310919 - ibm db2 IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (loss of privileges) to a view owner by defining a dependent view. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3196 2024-11-21 10:18 2010-09-1 Show GitHub Exploit DB Packet Storm
310920 - ibm db2 Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special grou… NVD-CWE-noinfo
CVE-2010-3195 2024-11-21 10:18 2010-09-1 Show GitHub Exploit DB Packet Storm