Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223031 6.5 警告 Thomas Abeel - Simple PHP Agenda の edit_event.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-3961 2014-03-13 16:32 2013-06-11 Show GitHub Exploit DB Packet Storm
223032 9.3 危険 John Paul Chacha's Lab - Chasys Draw IES の flt_BMP.dll の ReadFile 機能におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-3928 2014-03-13 16:03 2013-07-21 Show GitHub Exploit DB Packet Storm
223033 6.8 警告 Umisoft - Umisoft UMI.CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2754 2014-03-13 15:48 2013-05-8 Show GitHub Exploit DB Packet Storm
223034 6.5 警告 VICIDIAL Group - VICIDIAL ダイヤラーのエージェントインターフェースにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-4467 2014-03-13 15:32 2013-10-23 Show GitHub Exploit DB Packet Storm
223035 4.3 警告 The PHP Group - XHProf におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-4433 2014-03-13 15:31 2013-09-30 Show GitHub Exploit DB Packet Storm
223036 5 警告 Schneems - Ruby 用 Wicked gem の controller/concerns/render_redirect.rb におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-4413 2014-03-13 15:31 2013-10-8 Show GitHub Exploit DB Packet Storm
223037 4.3 警告 Batavi - Batavi の admin/templates/default.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-2289 2014-03-13 15:00 2013-03-1 Show GitHub Exploit DB Packet Storm
223038 3.5 注意 Plone Foundation - Plone の cb_decode.py および linkintegrity.py におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4199 2014-03-13 14:45 2013-06-18 Show GitHub Exploit DB Packet Storm
223039 4 警告 Plone Foundation - Plone の mail_password.py におけるパスワード変更の禁止を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-4198 2014-03-13 14:45 2013-06-18 Show GitHub Exploit DB Packet Storm
223040 5.5 警告 Plone Foundation - Plone の member_portrait.py における他のユーザのポートレートを変更される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-4197 2014-03-13 14:44 2013-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1121 6.5 MEDIUM
Network 		- - An uncaught exception in the /application/job/update/{id} endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the module_task:job:update permission to cause a Denial of Service (DoS) … CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-36724 2026-06-11 05:15 2026-06-10 Show GitHub Exploit DB Packet Storm
1122 6.1 MEDIUM
Network 		- - A markdown based cross-site scripting (XSS) vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte… CWE-79
Cross-site Scripting 		CVE-2026-36725 2026-06-11 05:15 2026-06-10 Show GitHub Exploit DB Packet Storm
1123 5.4 MEDIUM
Network 		- - A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa… CWE-79
Cross-site Scripting 		CVE-2026-36728 2026-06-11 05:15 2026-06-10 Show GitHub Exploit DB Packet Storm
1124 - - - A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges. CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-6444 2026-06-11 05:13 2026-06-10 Show GitHub Exploit DB Packet Storm
1125 - - - A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges. CWE-939
 Improper Authorization in Handler for Custom URL Scheme 		CVE-2026-6445 2026-06-11 05:13 2026-06-10 Show GitHub Exploit DB Packet Storm
1126 - - - CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an… CWE-250
 Execution with Unnecessary Privileges 		CVE-2026-11626 2026-06-11 05:13 2026-06-11 Show GitHub Exploit DB Packet Storm
1127 7.8 HIGH
Local 		microsoft windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025 		Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally. CWE-843
Type Confusion 		CVE-2026-45600 2026-06-11 05:03 2026-06-10 Show GitHub Exploit DB Packet Storm
1128 7.8 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2016
windows_server_2019
w… 		Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally. CWE-501
 Trust Boundary Violation 		CVE-2026-33828 2026-06-11 05:00 2026-06-10 Show GitHub Exploit DB Packet Storm
1129 7.0 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. CWE-416
 Use After Free 		CVE-2026-34335 2026-06-11 04:59 2026-06-10 Show GitHub Exploit DB Packet Storm
1130 7.8 HIGH
Local 		microsoft windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w… 		Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability CWE-122
CWE-197
Heap-based Buffer Overflow
 Numeric Truncation Error 		CVE-2026-40404 2026-06-11 04:58 2026-06-10 Show GitHub Exploit DB Packet Storm