Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
201	8.1	重要 Network	VMware	spring for graphql	VMwareのspring for graphqlにおける同一生成元ポリシー違反に関する脆弱性 New	CWE-346 同一生成元ポリシー違反	CVE-2026-41700	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

202	7.5	重要 Network	VMware	spring for graphql	VMwareのspring for graphqlにおけるアクセス制御に関する脆弱性 New	CWE-284 不適切なアクセス制御	CVE-2026-41856	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

203	7.5	重要 Network	tdengine	tdengine	tdengineにおける整数アンダーフローの脆弱性 New	CWE-191 整数アンダーフロー	CVE-2026-42542	2026-06-15 11:18	2026-06-10	Show	GitHub Exploit DB Packet Storm

204	8.1	重要 Network	マイクロソフト	Microsoft Teams	Android 用の Microsoft Teams の情報漏えいの脆弱性 New	CWE-74 インジェクション	CVE-2026-42835	2026-06-15 11:18	2026-06-9	Show	GitHub Exploit DB Packet Storm

205	9.8	緊急 Network	QNAP Systems	qumagie	QNAP Systemsのqumagieにおけるユーザ制御の鍵による認証回避に関する脆弱性 New	CWE-639 ユーザ制御の鍵による認証回避	CVE-2026-44083	2026-06-15 11:18	2026-06-9	Show	GitHub Exploit DB Packet Storm

206	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける情報漏えいに関する脆弱性 New	CWE-200 情報漏えい	CVE-2026-44486	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

207	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける送信データへの重要な情報の挿入に関する脆弱性 New	CWE-201 送信データへの重要な情報の挿入	CVE-2026-44487	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

208	7.5	重要 Network	axios project	axios	axios projectのaxiosにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 New	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2026-44488	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

209	8.6	重要 Network	axios project	axios	axios projectのaxiosにおけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44492	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

210	8.7	重要 Network	axios project	axios	axios projectのaxiosにおける複数の脆弱性 New	CWE-1321 CWE-441	CVE-2026-44494	2026-06-15 11:18	2026-06-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344371	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to ga…	NVD-CWE-Other	CVE-2005-4756	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344372	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass…	NVD-CWE-Other	CVE-2005-4757	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344373	-	bea	weblogic_server	Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown atta…	NVD-CWE-Other	CVE-2005-4758	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344374	-	bea	weblogic_server	BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failur…	NVD-CWE-Other	CVE-2005-4760	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344375	-	ez	ez_publish	The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2005-4852	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344376	-	ez	ez_publish	Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, …	CWE-264 Permissions, Privileges, and Access Controls	CVE-2005-4855	2018-09-28 06:38	2005-12-31	Show	GitHub Exploit DB Packet Storm

344377	-	xerox	copycentre_c65 copycentre_c75 copycentre_c90 workcentre_65 workcentre_75 workcentre_90	Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers …	NVD-CWE-Other	CVE-2006-1136	2018-09-28 06:33	2006-03-10	Show	GitHub Exploit DB Packet Storm

344378	-	netiq	identity_manager	idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and e…	NVD-CWE-Other	CVE-2006-4506	2018-09-28 06:30	2006-09-1	Show	GitHub Exploit DB Packet Storm

344379	-	netiq	identity_manager	The vendor has released a patch to address this issue.	NVD-CWE-Other	CVE-2006-4506	2018-09-28 06:30	2006-09-1	Show	GitHub Exploit DB Packet Storm

344380	-	netiq	identity_manager	The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and…	NVD-CWE-Other	CVE-2006-4803	2018-09-28 06:30	2006-09-15	Show	GitHub Exploit DB Packet Storm