Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1661 7.3 重要
Local 		AIOHTTP AIOHTTP AIOHTTPにおける信頼できないデータのデシリアライゼーションに関する脆弱性 CWE-502
信頼性のないデータのデシリアライゼーション 		CVE-2026-34993 2026-06-8 12:31 2026-06-2 Show GitHub Exploit DB Packet Storm
1662 3.1
Network 		Django Software Foundation Django Django Software FoundationのDjangoにおける重要な情報を含むキャッシュの使用に関する脆弱性 CWE-524
重要な情報を含むキャッシュの使用 		CVE-2026-35193 2026-06-8 12:31 2026-06-3 Show GitHub Exploit DB Packet Storm
1663 6.1 警告
Network 		citeum opencti citeumのopenctiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-35212 2026-06-8 12:31 2026-06-2 Show GitHub Exploit DB Packet Storm
1664 8.2 重要
Network 		Mosaic5G Flexric Mosaic5GのFlexricにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-37234 2026-06-8 12:31 2026-06-1 Show GitHub Exploit DB Packet Storm
1665 7.8 重要
Local 		radare radare2 radareのradare2におけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-40527 2026-06-8 12:31 2026-04-17 Show GitHub Exploit DB Packet Storm
1666 7.5 重要
Network 		quic-go project quic-go quic-go projectのquic-goにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40898 2026-06-8 12:31 2026-06-4 Show GitHub Exploit DB Packet Storm
1667 6.5 警告
Network 		VMware Spring Cloud Function VMwareのSpring Cloud Functionにおける再帰制御に関する脆弱性 CWE-674
不適切な再帰制御 		CVE-2026-40989 2026-06-8 12:31 2026-06-1 Show GitHub Exploit DB Packet Storm
1668 6.5 警告
Network 		VMware Spring Cloud Function VMwareのSpring Cloud Functionにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-40990 2026-06-8 12:31 2026-06-1 Show GitHub Exploit DB Packet Storm
1669 7.5 重要
Network 		librechat librechat LibreChatにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-4276 2026-06-8 12:31 2026-03-16 Show GitHub Exploit DB Packet Storm
1670 4.8 警告
Network 		ERLANG Erlang/OTP ERLANGのErlang/OTPにおける複数の脆弱性 CWE-295
CWE-296
CVE-2026-42789 2026-06-8 12:31 2026-05-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
310071 - pilotcart pilot_cart SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to execute arbitrary SQL commands via the specific parameter. CWE-89
SQL Injection 		CVE-2010-4872 2024-11-21 10:21 2011-10-7 Show GitHub Exploit DB Packet Storm
310072 - smartftp smartftp Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impact via a long filename. NVD-CWE-noinfo
CVE-2010-4871 2024-11-21 10:21 2011-10-7 Show GitHub Exploit DB Packet Storm
310073 - bloofox bloofoxcms SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbitrary SQL commands via the gender parameter. CWE-89
SQL Injection 		CVE-2010-4870 2024-11-21 10:21 2011-10-7 Show GitHub Exploit DB Packet Storm
310074 - drbenhur dbhcms SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrary SQL commands via the editmenu parameter. CWE-89
SQL Injection 		CVE-2010-4869 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310075 - w-agora w-agora Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the bn parameter. CWE-79
Cross-site Scripting 		CVE-2010-4868 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310076 - w-agora w-agora Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the bn parame… CWE-22
Path Traversal 		CVE-2010-4867 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310077 - chipmunk-scripts chipmunk_board SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute arbitrary SQL commands via the forumID parameter. CWE-89
SQL Injection 		CVE-2010-4866 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310078 - harmistechnology com_jeguestbook SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the d_itemid parameter in an item_detail acti… CWE-89
SQL Injection 		CVE-2010-4865 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310079 - danieljamesscott com_clubmanager SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cm_id parameter in an equip presenta action t… CWE-89
SQL Injection 		CVE-2010-4864 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm
310080 - get-simple getsimple_cms Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter. CWE-79
Cross-site Scripting 		CVE-2010-4863 2024-11-21 10:21 2011-10-5 Show GitHub Exploit DB Packet Storm