Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
226351 9.3 危険 マイクロソフト - Microsoft Internet Explorer 6 から 10 における任意のコードを実行される脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1338 2013-05-7 10:51 2013-04-24 Show GitHub Exploit DB Packet Storm
226352 5 警告 シスコシステムズ - Cisco Unified Communications Domain Manager におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-1230 2013-05-2 15:23 2013-04-30 Show GitHub Exploit DB Packet Storm
226353 5 警告 シスコシステムズ - 64-bit プラットフォーム上で稼働する Cisco TelePresence Management Suite におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1229 2013-05-2 15:22 2013-04-30 Show GitHub Exploit DB Packet Storm
226354 4.3 警告 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1160 2013-05-2 15:20 2013-04-30 Show GitHub Exploit DB Packet Storm
226355 4.3 警告 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1159 2013-05-2 15:18 2013-04-30 Show GitHub Exploit DB Packet Storm
226356 4.3 警告 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1158 2013-05-2 15:17 2013-04-30 Show GitHub Exploit DB Packet Storm
226357 4.3 警告 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-1157 2013-05-2 15:16 2013-04-30 Show GitHub Exploit DB Packet Storm
226358 5 警告 シスコシステムズ - Cisco Prime Central for Hosted Collaboration Solution におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2013-1156 2013-05-2 15:15 2013-04-30 Show GitHub Exploit DB Packet Storm
226359 4.3 警告 VMware - VMware vCenter Server における認証を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3107 2013-05-2 14:59 2013-04-25 Show GitHub Exploit DB Packet Storm
226360 9 危険 VMware - VMware vCenter Server Appliance における任意のファイルを作成または上書きされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-3080 2013-05-2 14:49 2013-04-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3761 4.3 MEDIUM
Network 		- - The JaviBola Custom Theme Test plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.5. This is due to missing or incorrect nonce validation on th… CWE-352
 Origin Validation Error 		CVE-2026-8423 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3762 8.8 HIGH
Network 		- - The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is due to the 'RadMoreAjax::importData' function not restricting… CWE-269
 Improper Privilege Management 		CVE-2026-7467 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3763 4.9 MEDIUM
Network 		- - The Read More & Accordion plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.5.7. This is due to the use of esc_s… CWE-89
SQL Injection 		CVE-2026-7472 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3764 4.3 MEDIUM
Network 		- - The Remove Yellow BGBOX plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'rybb_a… CWE-352
 Origin Validation Error 		CVE-2026-8424 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3765 4.3 MEDIUM
Network 		- - The TypeSquare Webfonts for ConoHa plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.0.4. This is due to the plugin not properly verifying that a user… CWE-862
 Missing Authorization 		CVE-2026-8610 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3766 6.1 MEDIUM
Network 		- - The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHP_SELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input san… CWE-79
Cross-site Scripting 		CVE-2026-8624 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3767 6.1 MEDIUM
Network 		- - The SponsorMe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHP_SELF Parameter in all versions up to, and including, 0.5.2 due to insufficient input sanitization and output… CWE-79
Cross-site Scripting 		CVE-2026-8626 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3768 5.3 MEDIUM
Network 		- - The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the get_content_editor function in all versio… CWE-862
 Missing Authorization 		CVE-2025-15369 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3769 6.1 MEDIUM
Network 		- - The Correct Prices plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $_SERVER['PHP_SELF'] variable in versions up to and including 1.0. This is due to the correct_prices_pa… CWE-79
Cross-site Scripting 		CVE-2026-8627 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
3770 6.5 MEDIUM
Network 		- - The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and 'order' parameters in all versions up to, and including, 2.15.16. This is due to insufficient escaping on… CWE-89
SQL Injection 		CVE-2026-8685 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm