Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2191 5.9 警告
Network 		Jeffrey Stedfast (jstedfast) MailKit Jeffrey Stedfast (jstedfast)のMailKitにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2026-41319 2026-05-25 10:25 2026-04-24 Show GitHub Exploit DB Packet Storm
2192 9.8 緊急
Network 		pgx project pgx JackcのpgxにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-41889 2026-05-25 10:25 2026-05-8 Show GitHub Exploit DB Packet Storm
2193 5.4 警告
Network 		reconurge Flowsint Flowsintにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42159 2026-05-25 10:25 2026-05-14 Show GitHub Exploit DB Packet Storm
2194 8.6 重要
Network 		MagicMirror MagicMirror MagicMirrorにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42281 2026-05-25 10:25 2026-05-14 Show GitHub Exploit DB Packet Storm
2195 6.1 警告
Network 		Absinthe-graphql Absinthe.Plug (absinthe plug) Absinthe-graphqlのAbsinthe.Plug (absinthe plug)におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42794 2026-05-25 10:25 2026-05-8 Show GitHub Exploit DB Packet Storm
2196 4.3 警告
Network 		Getinboxzero Inbox Zero GetinboxzeroのInbox Zeroにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-42865 2026-05-25 10:25 2026-05-11 Show GitHub Exploit DB Packet Storm
2197 4 警告
Network 		Nine Nines Cowlib Nine NinesのCowlibにおけるCRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2026-43968 2026-05-25 10:25 2026-05-11 Show GitHub Exploit DB Packet Storm
2198 3.2
Local 		Nine Nines Cowlib Nine NinesのCowlibにおけるCRLF インジェクションの脆弱性 CWE-93
CRLF インジェクション 		CVE-2026-43969 2026-05-25 10:24 2026-05-11 Show GitHub Exploit DB Packet Storm
2199 6.1 警告
Network 		Boscop Orejime GayaのOrejimeにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-6095 2026-05-25 10:24 2026-05-19 Show GitHub Exploit DB Packet Storm
2200 6.1 警告
Network 		Drupal Obfuscate Obfuscateにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-6871 2026-05-25 10:24 2026-05-19 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311261 - apple iphone_os Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2973 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311262 - adobe acrobat_reader
acrobat 		Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a M… CWE-189
Numeric Errors 		CVE-2010-2862 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311263 - joachim_fritschi phpcas Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL. CWE-79
Cross-site Scripting 		CVE-2010-2796 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311264 - joachim_fritschi phpcas phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value. CWE-20
 Improper Input Validation  		CVE-2010-2795 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311265 - apache http_server mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remo… CWE-200
Information Exposure 		CVE-2010-2791 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311266 - nalin_dahyabhai vte The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows… NVD-CWE-Other
CVE-2010-2713 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311267 - hp openview_network_node_manager Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2709 2024-11-21 10:17 2010-08-6 Show GitHub Exploit DB Packet Storm
311268 - avscripts av_arcade SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary SQL commands via the ava_code cookie to the "main page," related to index.php and the login task. CWE-89
SQL Injection 		CVE-2010-2933 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311269 - barcodewiz barcode_activex_control Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers to execute arbitrary code via a long argument to the LoadProperties method. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2932 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm
311270 - topazsystems sigplus_pro_activex_control Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute arbitrary code via a long eighth argument (HexString) to the LCDWriteString method. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2931 2024-11-21 10:17 2010-08-5 Show GitHub Exploit DB Packet Storm