Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
223941 10 危険 IBM - IBM WebSphere DataPower XC10 アプライアンス上で稼働するコンソールにおける脆弱性 CWE-noinfo
情報不足 		CVE-2013-5446 2013-10-23 16:42 2013-10-18 Show GitHub Exploit DB Packet Storm
223942 7.1 危険 IBM - IBM WebSphere DataPower XC10 アプライアンスにおけるサービス運用妨害 (DoS) の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-5428 2013-10-23 16:39 2013-10-18 Show GitHub Exploit DB Packet Storm
223943 5.8 警告 シスコシステムズ - Open Shortest Path First (OSPF) プロトコルの Link State Advertisement (LSA) に関する問題 CWE-noinfo
情報不足 		CVE-2013-0149 2013-10-23 14:46 2013-08-1 Show GitHub Exploit DB Packet Storm
223944 10 危険 MySQL AB
オラクル		 - MySQL における脆弱性 CWE-noinfo
情報不足 		CVE-2012-2750 2013-10-23 14:44 2012-08-17 Show GitHub Exploit DB Packet Storm
223945 7.8 危険 シスコシステムズ - Cisco IOS の DNS-over-TCP の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5480 2013-10-23 10:46 2013-09-25 Show GitHub Exploit DB Packet Storm
223946 7.8 危険 シスコシステムズ - Cisco IOS の DNS-over-TCP の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5479 2013-10-23 10:45 2013-09-25 Show GitHub Exploit DB Packet Storm
223947 7.8 危険 シスコシステムズ - Cisco IOS および IOS XE におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5478 2013-10-23 10:44 2013-09-25 Show GitHub Exploit DB Packet Storm
223948 7.8 危険 シスコシステムズ - Cisco IOS の T1/E1 driver-queue 機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5477 2013-10-23 10:43 2013-09-25 Show GitHub Exploit DB Packet Storm
223949 7.8 危険 シスコシステムズ - Cisco IOS および IOS XE におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-5473 2013-10-23 10:41 2013-09-25 Show GitHub Exploit DB Packet Storm
223950 4.3 警告 The phpMyAdmin Project
Novell		 - phpMyAdmin におけるクリックジャッキング防止メカニズムを回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-5029 2013-10-23 10:40 2013-08-4 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 1, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 7.5 HIGH
Network 		- - Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… New CWE-200
CWE-306
Information Exposure
Missing Authentication for Critical Function 		CVE-2026-45332 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
222 7.4 HIGH
Network 		- - CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetch_url tool validates the initial URL's resolved IP address against a restricted-IP blocklist (is_restricted_ip()) to … Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45310 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
223 7.5 HIGH
Network 		- - Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack… New CWE-36
 Absolute Path Traversal 		CVE-2026-10044 2026-05-30 13:17 2026-05-29 Show GitHub Exploit DB Packet Storm
224 8.1 HIGH
Network 		- - Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing se… Update CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-46402 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
225 9.9 CRITICAL
Network 		- - OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc… Update CWE-693
 Protection Mechanism Failure 		CVE-2026-45102 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
226 7.8 HIGH
Local 		- - systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo… Update CWE-78
OS Command  		CVE-2026-44724 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
227 - - - UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti… Update CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2026-44660 2026-05-30 11:16 2026-05-28 Show GitHub Exploit DB Packet Storm
228 8.8 HIGH
Network 		- - phpMyFAQ before 4.1.3 contains an insecure direct object reference vulnerability in the admin API user password endpoint that allows authenticated administrators to change any user's password without… Update CWE-266
 Incorrect Privilege Assignment 		CVE-2026-35671 2026-05-30 11:16 2026-05-29 Show GitHub Exploit DB Packet Storm
229 6.3 MEDIUM
Network 		- - A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with… New CWE-362
CWE-488
Race Condition
 Exposure of Data Element to Wrong Session 		CVE-2026-9831 2026-05-30 07:16 2026-05-30 Show GitHub Exploit DB Packet Storm
230 4.5 MEDIUM
Local 		- - NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_quic_conn* during dialing, but read as ex_quic_conn* during dialer close. This … New CWE-843
Type Confusion 		CVE-2026-44640 2026-05-30 07:16 2026-05-30 Show GitHub Exploit DB Packet Storm