Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
132611 7.8 重要
Local 		アドビシステムズ Adobe Photoshop Adobe Photoshop における境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2021-21049 2021-10-19 18:01 2021-02-9 Show GitHub Exploit DB Packet Storm
132612 7.8 重要
Local 		アドビシステムズ Adobe Photoshop Adobe Photoshop におけるバッファの終端後のメモリ領域に対するアクセスに関する脆弱性 CWE-788
バッファの終端後のメモリ領域に対するアクセス 		CVE-2021-21048 2021-10-19 18:01 2021-02-9 Show GitHub Exploit DB Packet Storm
132613 7.8 重要
Local 		アドビシステムズ Adobe Photoshop Adobe Photoshop における境界外書き込みに関する脆弱性 CWE-787
境界外書き込み 		CVE-2021-21047 2021-10-19 18:01 2021-02-9 Show GitHub Exploit DB Packet Storm
132614 9.1 緊急
Network 		Magento, Inc. Magento Magento における危険なタイプのファイルの無制限アップロードに関する脆弱性 CWE-434
危険なタイプのファイルの無制限アップロード 		CVE-2021-21014 2021-10-19 18:01 2021-02-9 Show GitHub Exploit DB Packet Storm
132615 6.5 警告
Network 		OTRS プロジェクト OTRS OTRS AG OTRS における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2021-21435 2021-10-19 17:57 2021-02-8 Show GitHub Exploit DB Packet Storm
132616 4.8 警告
Network 		OTRS プロジェクト Survey OTRS AG Survey におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2021-21434 2021-10-19 17:57 2021-02-8 Show GitHub Exploit DB Packet Storm
132617 4.9 警告
Network 		OTRS プロジェクト TicketForms OTRS AG OTRSTicketForms における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2020-1779 2021-10-19 17:56 2021-02-8 Show GitHub Exploit DB Packet Storm
132618 8.8 重要
Network 		LibreNMS LibreNMS LibreNMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2020-35700 2021-10-19 17:56 2020-12-22 Show GitHub Exploit DB Packet Storm
132619 9.8 緊急
Network 		wpDataTables wpDataTables wpDataTables における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2021-26754 2021-10-19 17:56 2021-02-2 Show GitHub Exploit DB Packet Storm
132620 7.5 重要
Network 		sthttpd project sthttpd sthttpd におけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2021-26843 2021-10-19 17:56 2021-01-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, a mass assignment vulnerability exists in the assistant update endpoint of FlowiseAI. … New CWE-284
CWE-639
CWE-915
Improper Access Control
 Authorization Bypass Through User-Controlled Key
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-46441 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
62 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 11.0.6 and prior to version 25.0.0, the file upload functionality in HAXCMS PHP only validates file extensions… New CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-46400 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
63 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version 26.0.0 has an authenticated file overwrite vulnerability. An attacker can exploit this… New CWE-15
CWE-73
CWE-78
 External Control of System or Configuration Setting
 External Control of File Name or Path
OS Command  		CVE-2026-46399 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
64 6.5 MEDIUM
Network 		- - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an Authenticated Local File Inclusion (LFI) vulnerability in the HAXCMS saveOutline endpoint allows a low… New CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-46397 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
65 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery (SSRF) vulnerability in versions prior to 26.0.0 allows authenticated users to fetch … New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-46393 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
66 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 9.0.1 and prior to version 26.0.0 of @haxtheweb/open-apis, multiple functions conduct substring-only matching … New CWE-183
CWE-918
 Permissive List of Allowed Inputs
Server-Side Request Forgery (SSRF)  		CVE-2026-46391 2026-06-9 02:16 2026-06-6 Show GitHub Exploit DB Packet Storm
67 - - - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3d_get_extensions() walks a userspace-provided singly-linked … New - CVE-2026-46314 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
68 8.8 HIGH
Network 		mbs-solutions universal_gateway_firmware A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. Update CWE-121
Stack-based Buffer Overflow 		CVE-2026-35085 2026-06-9 02:16 2026-06-3 Show GitHub Exploit DB Packet Storm
69 - - - In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp->psys is confirmed to be an error pointer not NULL so this c… New - CVE-2026-46313 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm
70 - - - In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vma_flags in vb2_dma_sg_mmap vb2_dma_contig sets VMA flags VM_DONTEXPAND and VM_DONTDUMP and I do not see a… New - CVE-2026-46312 2026-06-9 02:16 2026-06-9 Show GitHub Exploit DB Packet Storm