Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
223911	5	警告	Wireshark	-	Wireshark の DCOM ISystemActivator 解析機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-4926	2013-10-24 17:05	2013-07-26	Show	GitHub Exploit DB Packet Storm

223912	8.5	危険	IBM	-	IBM SPSS Analytical Decision Management における任意のコードを実行される脆弱性	CWE-399 リソース管理の問題	CVE-2013-4049	2013-10-24 17:04	2013-09-12	Show	GitHub Exploit DB Packet Storm

223913	10	危険	Mozilla Foundation	-	複数の Mozilla 製品のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2012-3982	2013-10-24 17:04	2012-10-9	Show	GitHub Exploit DB Packet Storm

223914	5	警告	Wireshark	-	Wireshark の DCOM ISystemActivator 解析機能における整数符号エラーの脆弱性	CWE-189 数値処理の問題	CVE-2013-4925	2013-10-24 17:03	2013-07-26	Show	GitHub Exploit DB Packet Storm

223915	4	警告	IBM	-	IBM Maximo Asset Management におけるアクセス制限を回避される脆弱性	CWE-noinfo 情報不足	CVE-2013-4020	2013-10-24 17:03	2013-09-25	Show	GitHub Exploit DB Packet Storm

223916	5	警告	Wireshark	-	Wireshark の DCOM ISystemActivator 解析機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-20 不適切な入力確認	CVE-2013-4924	2013-10-24 17:02	2013-07-26	Show	GitHub Exploit DB Packet Storm

223917	5	警告	IBM	-	IBM Maximo Asset Management における重要な情報を取得される脆弱性	CWE-noinfo 情報不足	CVE-2013-4013	2013-10-24 17:01	2013-09-25	Show	GitHub Exploit DB Packet Storm

223918	5	警告	Wireshark	-	Wireshark の DCOM ISystemActivator 解析機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2013-4923	2013-10-24 17:00	2013-07-26	Show	GitHub Exploit DB Packet Storm

223919	7.1	危険	Choice Wireless	-	Choice Wireless Green Packet 4G WiMax modem WIXFMR-111 における重要な情報を取得される脆弱性	CWE-287 不適切な認証	CVE-2013-3581	2013-10-24 17:00	2013-06-28	Show	GitHub Exploit DB Packet Storm

223920	4.3	警告	シスコシステムズ	-	Cisco Unified Communications Manager の Unified Serviceability コンポーネントにおけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2013-3397	2013-10-24 16:59	2013-06-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
861	7.5	HIGH Network	joomla	joomla\!	Insufficient state checks lead to a vector that allows to bypass 2FA checks. Update	CWE-287 NVD-CWE-noinfo Improper Authentication	CVE-2026-48896	2026-05-29 04:46	2026-05-27	Show	GitHub Exploit DB Packet Storm

862	7.5	HIGH Network	joomla	joomla\!	Insufficient state checks lead to a vector that allows to bypass 2FA checks. Update	CWE-287 Improper Authentication	CVE-2026-48897	2026-05-29 04:40	2026-05-27	Show	GitHub Exploit DB Packet Storm

863	8.2	HIGH Network	-	-	deepobj provides get, set, delete deep objects in javascript. Prior to 1.0.3, prototype pollution is possible when property paths contain __proto__/constructor/prototype. The property path must not b… New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-46509	2026-05-29 04:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

864	7.5	HIGH Network	joomla	joomla\!	An improper validation of the search parameter of the com_media files API endpoint leads to a path traversal vulnerability. Update	CWE-22 Path Traversal	CVE-2026-40384	2026-05-29 04:07	2026-05-27	Show	GitHub Exploit DB Packet Storm

865	9.8	CRITICAL Network	joomla	joomla\!	An improper access check allows unauthorized access to com_config webservice endpoints. Update	CWE-284 NVD-CWE-noinfo Improper Access Control	CVE-2026-35223	2026-05-29 04:07	2026-05-27	Show	GitHub Exploit DB Packet Storm

866	7.8	HIGH Local	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in … New	CWE-78 OS Command	CVE-2026-45322	2026-05-29 03:56	2026-05-28	Show	GitHub Exploit DB Packet Storm

867	8.8	HIGH Network	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fie… New	CWE-290 CWE-639 CWE-862 Authentication Bypass by Spoofing Authorization Bypass Through User-Controlled Key Missing Authorization	CVE-2026-46414	2026-05-29 03:56	2026-05-28	Show	GitHub Exploit DB Packet Storm

868	6.3	MEDIUM Network	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO creates one shared UFOWebSocketHandler instance and reuses it for mult… New	CWE-284 CWE-488 Improper Access Control Exposure of Data Element to Wrong Session	CVE-2026-46416	2026-05-29 03:56	2026-05-28	Show	GitHub Exploit DB Packet Storm

869	5.9	MEDIUM Network	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's constellation client tracks pending task responses by session_id onl… New	CWE-294 CWE-345 Authentication Bypass by Capture-replay Insufficient Verification of Data Authenticity	CVE-2026-46538	2026-05-29 03:56	2026-05-28	Show	GitHub Exploit DB Packet Storm

870	5.3	MEDIUM Network	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO accepts client-supplied session_id values in WebSocket task messages a… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2026-46544	2026-05-29 03:56	2026-05-28	Show	GitHub Exploit DB Packet Storm