Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 11, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226001 8.5 危険 Palo Alto Networks - Palo Alto Networks PAN-OS のデバイス管理のコマンドラインインターフェイスにおける任意のコマンドを実行される脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2012-6591 2013-09-4 14:01 2012-04-27 Show GitHub Exploit DB Packet Storm
226002 5 警告 Palo Alto Networks - Palo Alto Networks PAN-OS の Web ベースの管理 UI における詳細エラー情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-6590 2013-09-4 13:56 2012-04-27 Show GitHub Exploit DB Packet Storm
226003 6.9 警告 LULU Software - Soda PDF における権限を取得される脆弱性 CWE-Other
その他 		CVE-2013-3485 2013-09-4 13:54 2013-08-12 Show GitHub Exploit DB Packet Storm
226004 7.1 危険 シスコシステムズ - Cisco IOS の TCP の実装におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-5469 2013-09-4 13:54 2013-09-3 Show GitHub Exploit DB Packet Storm
226005 5 警告 Google - Google Chrome の memory/shared_memory_posix.cc における重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2905 2013-09-4 11:26 2013-08-20 Show GitHub Exploit DB Packet Storm
226006 7.5 危険 Google - Google Chrome で使用される Blink の core/dom/Document.cpp におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-2904 2013-09-4 11:25 2013-08-20 Show GitHub Exploit DB Packet Storm
226007 6.3 警告 シスコシステムズ - Cisco Wireless LAN Controller デバイスの Web 管理者インタフェースにおけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-3474 2013-09-4 11:03 2013-09-3 Show GitHub Exploit DB Packet Storm
226008 10 危険 アドビシステムズ - Adobe Reader および Acrobat における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2013-3346 2013-09-4 11:02 2013-05-14 Show GitHub Exploit DB Packet Storm
226009 7.5 危険 The Cacti Group - Cacti の snmp.php および rrd.php における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2013-1435 2013-09-4 11:01 2013-08-6 Show GitHub Exploit DB Packet Storm
226010 7.5 危険 The Cacti Group - Cacti の api_poller.php および utility.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2013-1434 2013-09-4 10:54 2013-08-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 11, 2026, 5:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3941 8.8 HIGH
Network 		- - A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipul… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-9628 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3942 6.3 MEDIUM
Network 		- - A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results … CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9607 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3943 4.3 MEDIUM
Network 		- - A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. E… CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message 		CVE-2026-9583 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3944 7.3 HIGH
Network 		- - A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such mani… CWE-266
CWE-284
 Incorrect Privilege Assignment
Improper Access Control 		CVE-2026-9562 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3945 6.3 MEDIUM
Network 		- - A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-9511 2026-05-29 01:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3946 4.8 MEDIUM
Network 		- - Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random_bytes function fell back to using the built-in rand() function when… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-8647 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
3947 7.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for… CWE-862
 Missing Authorization 		CVE-2026-48151 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
3948 8.1 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/… CWE-79
Cross-site Scripting 		CVE-2026-48149 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
3949 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48146 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
3950 5.3 MEDIUM
Network 		- - Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… CWE-93
CRLF Injection 		CVE-2026-46740 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm