Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223701 5 警告 アップル
Google		 - Google Chrome などで使用される Webkit における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-2848 2013-11-8 18:55 2013-05-21 Show GitHub Exploit DB Packet Storm
223702 10 危険 アップル
サン・マイクロシステムズ
オラクル		 - Oracle Java SE の Java Runtime Environment における Deployment の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-1487 2013-11-8 18:37 2013-02-19 Show GitHub Exploit DB Packet Storm
223703 5 警告 アップル
サン・マイクロシステムズ
オラクル		 - Oracle Java SE の Java Runtime Environment における Deployment の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-1473 2013-11-8 18:36 2013-02-1 Show GitHub Exploit DB Packet Storm
223704 9.3 危険 Attachmate - Attachmate Verastream Host Integrator に任意のファイルを上書き可能な脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-3626 2013-11-8 17:02 2013-11-4 Show GitHub Exploit DB Packet Storm
223705 4.9 警告 オラクル - Oracle Siebel CRM の Siebel Enterprise Application Integration における Web Services の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2413 2013-11-8 16:51 2013-04-16 Show GitHub Exploit DB Packet Storm
223706 4.3 警告 オラクル - Oracle Primavera Products Suite の Primavera P6 Enterprise Project Portfolio Management における Web Access の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2411 2013-11-8 16:50 2013-04-16 Show GitHub Exploit DB Packet Storm
223707 4 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise HRMS における Absence Management の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2410 2013-11-8 16:49 2013-04-16 Show GitHub Exploit DB Packet Storm
223708 5 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2409 2013-11-8 16:48 2013-04-16 Show GitHub Exploit DB Packet Storm
223709 4.3 警告 マイクロソフト
オラクル		 - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology および Internet Explorer 6 の使用に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2408 2013-11-8 16:48 2013-04-16 Show GitHub Exploit DB Packet Storm
223710 3.5 注意 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology の処理に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-2406 2013-11-8 16:47 2013-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1041 6.5 MEDIUM
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.3, the workflow telemetry sanitizer could retain partial fragments of … Update CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-45582 2026-06-2 03:41 2026-05-29 Show GitHub Exploit DB Packet Storm
1042 6.5 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA val… Update CWE-306
CWE-352
Missing Authentication for Critical Function
 Origin Validation Error 		CVE-2026-45610 2026-06-2 03:40 2026-05-29 Show GitHub Exploit DB Packet Storm
1043 6.5 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, EpgParser.php, plugin/AI/receiveAsync.json.php, and other locations do not use the $resolvedIP out-param of isSSRFSafeURL() for DNS … Update CWE-367
CWE-918
 Time-of-check Time-of-use (TOCTOU) Race Condition
Server-Side Request Forgery (SSRF)  		CVE-2026-45619 2026-06-2 03:40 2026-05-29 Show GitHub Exploit DB Packet Storm
1044 5.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, objects/mention.json.php has no User::loginCheck() or admin gate. It only has an entry guard: preg_match('/^@/', $_REQUEST['term']) … Update CWE-204
CWE-285
 Response Discrepancy Information Exposure
Improper Authorization 		CVE-2026-45620 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
1045 8.1 HIGH
Network 		n8n-mcp n8n-mcp n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.51.2, when ENABLE_MULTI_TENANT=true, the HTTP transport documents that th… Update CWE-284
Improper Access Control 		CVE-2026-45707 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
1046 4.9 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $_POST['updateFile'] as a relative path under updatedb/ and passes it to PHP's file() for line-by-line executi… Update CWE-22
Path Traversal 		CVE-2026-45731 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
1047 5.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, an unauthenticated remote attacker can read arbitrary image files anywhere on disk that the PHP user can open — including private us… Update CWE-22
Path Traversal 		CVE-2026-46337 2026-06-2 03:39 2026-05-29 Show GitHub Exploit DB Packet Storm
1048 9.8 CRITICAL
Network 		sangoma freepbx FreePBX is an open source IP PBX. From 15.0.42 to before 16.0.45 and 17.0.7, unauthenticated users may be able to access the User Control Panel (UCP) using hard-coded initial template credentials if … Update CWE-798
 Use of Hard-coded Credentials 		CVE-2026-46376 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm
1049 5.4 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, AVideo stores category descriptions from user input and later renders category_description as raw HTML in the Gallery view. A user w… Update CWE-79
Cross-site Scripting 		CVE-2026-47694 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm
1050 4.3 MEDIUM
Network 		wwbn avideo WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST pa… Update CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-47696 2026-06-2 03:38 2026-05-29 Show GitHub Exploit DB Packet Storm