Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 25, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1451 6.1 警告
Network 		Svelte project Svelte Svelte projectのSvelteにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42599 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
1452 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 25h2
Microsoft Windows 11 26h1
Microsoft Windows 11 24h2 		Windows 管理者保護のセキュリティ機能バイパスの脆弱性 CWE-284
不適切なアクセス制御 		CVE-2026-42829 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
1453 7 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Windows Function Discovery Service (fdwsd.dll) の特権昇格の脆弱性 CWE-362
CWE-416
CVE-2026-42836 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
1454 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2019
Microsoft Windows 11 26h1
Microsoft … 		Windows Projected File System の特権の昇格の脆弱性 CWE-125
境界外読み取り 		CVE-2026-42837 2026-06-12 14:53 2026-06-9 Show GitHub Exploit DB Packet Storm
1455 9.6 緊急
Network 		flowiseai flowise flowiseaiのflowiseにおける複数の脆弱性 CWE-284
CWE-639
CWE-915
CVE-2026-42861 2026-06-12 14:52 2026-06-8 Show GitHub Exploit DB Packet Storm
1456 5 警告
Network 		flowiseai flowise flowiseaiのflowiseにおける複数の脆弱性 CWE-284
CWE-639
CWE-915
CVE-2026-42862 2026-06-12 14:52 2026-06-8 Show GitHub Exploit DB Packet Storm
1457 8.1 重要
Network 		flowiseai flowise flowiseaiのflowiseにおける複数の脆弱性 CWE-284
CWE-639
CWE-915
CVE-2026-42863 2026-06-12 14:52 2026-06-8 Show GitHub Exploit DB Packet Storm
1458 6.5 警告
Network 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Windows Kerberos のサービス拒否の脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-42903 2026-06-12 14:52 2026-06-9 Show GitHub Exploit DB Packet Storm
1459 9.6 緊急
Adjacent 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows 11 26h1
Microsoft Windows 11 24h2
Microsoft Wind… 		Windows TCP/IP の特権昇格の脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-42904 2026-06-12 14:52 2026-06-9 Show GitHub Exploit DB Packet Storm
1460 7.8 重要
Local 		マイクロソフト Microsoft Windows 11 23h2
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft&n… 		Windows DWM Core ライブラリの特権の昇格の脆弱性 CWE-416
解放済みメモリの使用 		CVE-2026-42905 2026-06-12 14:52 2026-06-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 25, 2026, 4:04 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
320671 5.4 MEDIUM
Network 		fontsplugin fonts_plugin Cross-Site Request Forgery (CSRF) vulnerability in Fonts Plugin Fonts allows Stored XSS.This issue affects Fonts: from n/a through 3.7.7. CWE-352
 Origin Validation Error 		CVE-2024-43301 2024-09-13 06:24 2024-08-27 Show GitHub Exploit DB Packet Storm
320672 8.8 HIGH
Network 		wpdeveloper betterdocs Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper BetterDocs allows PHP Local File Inclusion.This issue affects BetterDocs: from n/a through … CWE-22
Path Traversal 		CVE-2024-43129 2024-09-13 06:21 2024-08-13 Show GitHub Exploit DB Packet Storm
320673 4.3 MEDIUM
Network 		wpdataaccess wp_data_access Cross-Site Request Forgery (CSRF) vulnerability in Passionate Programmers B.V. WP Data Access.This issue affects WP Data Access: from n/a through 5.5.7. CWE-352
 Origin Validation Error 		CVE-2024-43295 2024-09-13 06:20 2024-08-27 Show GitHub Exploit DB Packet Storm
320674 8.8 HIGH
Network 		sendinblue newsletter\
_smtp\
_email_marketing_and_subscribe 		Cross-Site Request Forgery (CSRF) vulnerability in Brevo Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue.This issue affects Newsletter, SMTP, Email marketing and Subscribe forms b… CWE-352
 Origin Validation Error 		CVE-2024-43287 2024-09-13 06:19 2024-08-27 Show GitHub Exploit DB Packet Storm
320675 4.3 MEDIUM
Network 		wpbackitup backup_and_restore_wordpress Cross-Site Request Forgery (CSRF) vulnerability in WPBackItUp Backup and Restore WordPress.This issue affects Backup and Restore WordPress: from n/a through 1.50. CWE-352
 Origin Validation Error 		CVE-2024-43269 2024-09-13 06:18 2024-08-27 Show GitHub Exploit DB Packet Storm
320676 8.8 HIGH
Network 		themewinter wpcafe Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion.This issue affects WPCafe: from n/a through 2.2.28. CWE-22
Path Traversal 		CVE-2024-43135 2024-09-13 06:18 2024-08-13 Show GitHub Exploit DB Packet Storm
320677 3.5 LOW
Network 		analytify analytify_-_google_analytics_dashboard Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1. CWE-352
 Origin Validation Error 		CVE-2024-43265 2024-09-13 06:17 2024-08-27 Show GitHub Exploit DB Packet Storm
320678 7.5 HIGH
Network 		storelocatorplus store_locator_plus Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Store Locator Plus.This issue affects Store Locator Plus: from n/a through 2311.17.01. NVD-CWE-noinfo
CVE-2024-43258 2024-09-13 06:11 2024-08-27 Show GitHub Exploit DB Packet Storm
320679 8.8 HIGH
Network 		mage-people event_manager_and_tickets_selling_for_woocommerce Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MagePeople Team Event Manager for WooCommerce allows PHP Local File Inclusion.This issue affects Event … CWE-22
Path Traversal 		CVE-2024-43138 2024-09-13 06:11 2024-08-13 Show GitHub Exploit DB Packet Storm
320680 6.5 MEDIUM
Network 		nouthemes leopard Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Nouthemes Leopard - WordPress offload media.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36. NVD-CWE-noinfo
CVE-2024-43257 2024-09-13 06:09 2024-08-27 Show GitHub Exploit DB Packet Storm