Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 11, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225191 6.8 警告 ribafs - Mini CMS RibaFS の admin/login.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1346 2012-12-20 19:29 2010-04-9 Show GitHub Exploit DB Packet Storm
225192 7.5 危険 systemsoftware - Systemsoftware Community Black Forum の index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1341 2012-12-20 19:29 2010-04-9 Show GitHub Exploit DB Packet Storm
225193 4.3 警告 robertotto - WoltLab Burning Board 用の Teamsite Hack プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-1339 2012-12-20 19:29 2010-04-9 Show GitHub Exploit DB Packet Storm
225194 7.5 危険 robertotto - WoltLab Burning Board 用の Teamsite Hack プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1338 2012-12-20 19:29 2010-04-9 Show GitHub Exploit DB Packet Storm
225195 6 警告 PulseCMS - Pulse CMS における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2010-1334 2012-12-20 19:29 2010-04-9 Show GitHub Exploit DB Packet Storm
225196 6.8 警告 TYPO3 Association - TYPO3 の autoloader における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2010-1153 2012-12-20 19:29 2010-04-20 Show GitHub Exploit DB Packet Storm
225197 6 警告 roshan singh - Open Direct Connect Hub におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-1147 2012-12-20 19:29 2010-04-6 Show GitHub Exploit DB Packet Storm
225198 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の Standard Remember メソッドにおけるアクセスの制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-1136 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
225199 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の user_logout 関数におけるアクセス権を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2010-1135 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
225200 7.5 危険 Tiki Software Community Association - TikiWiki CMS/Groupware の searchlib.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-1134 2012-12-20 19:29 2010-03-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 11, 2026, 4:09 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
101 5.3 MEDIUM
Local 		- - A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c. Executing a manipulation can lead to heap-bas… New CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error') 
Heap-based Buffer Overflow 		CVE-2026-8212 2026-05-10 08:16 2026-05-10 Show GitHub Exploit DB Packet Storm
102 4.7 MEDIUM
Network 		- - A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JS… New CWE-74
CWE-94
Injection
Code Injection 		CVE-2026-8211 2026-05-10 08:16 2026-05-10 Show GitHub Exploit DB Packet Storm
103 2.2 LOW
Local 		- - GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let syste… New CWE-441
Confused Deputy 		CVE-2026-45182 2026-05-10 08:16 2026-05-10 Show GitHub Exploit DB Packet Storm
104 5.3 MEDIUM
Local 		- - A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of the file helper.go of the component Update H… New CWE-74
CWE-77
Injection
Command Injection 		CVE-2026-8210 2026-05-10 06:16 2026-05-10 Show GitHub Exploit DB Packet Storm
105 3.7 LOW
Network 		- - A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginControlle… New CWE-285
CWE-639
Improper Authorization
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8196 2026-05-10 06:16 2026-05-10 Show GitHub Exploit DB Packet Storm
106 4.3 MEDIUM
Network 		- - A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/C… New CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-8195 2026-05-10 05:16 2026-05-10 Show GitHub Exploit DB Packet Storm
107 4.3 MEDIUM
Network 		- - A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argu… New CWE-352
CWE-862
 Origin Validation Error
 Missing Authorization 		CVE-2026-8194 2026-05-10 05:16 2026-05-10 Show GitHub Exploit DB Packet Storm
108 8.1 HIGH
Network 		- - AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header with… New CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2026-42606 2026-05-10 05:16 2026-05-10 Show GitHub Exploit DB Packet Storm
109 8.8 HIGH
Network 		- - AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint (POST /api/station/{station_id}… New CWE-22
Path Traversal 		CVE-2026-42605 2026-05-10 05:16 2026-05-10 Show GitHub Exploit DB Packet Storm
110 - - - ArchiveBox is an open source self-hosted web archiving system. In versions 0.8.6rc0 and prior, the /add/ endpoint (AddView in core/views.py) accepts a config JSON field that gets merged into the craw… New CWE-88
Argument Injection 		CVE-2026-42601 2026-05-10 05:16 2026-05-10 Show GitHub Exploit DB Packet Storm