Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
228401 10 危険 Mozilla Foundation - Mozilla Firefox および Thunderbird のブラウザエンジンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2013-1682 2013-08-14 16:47 2013-06-25 Show GitHub Exploit DB Packet Storm
228402 9.3 危険 Mozilla Foundation - Mozilla Firefox および Thunderbird におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-1690 2013-08-14 16:37 2013-06-25 Show GitHub Exploit DB Packet Storm
228403 3.3 注意 株式会社NTTドコモ - ドコモ海外利用アプリにおける接続処理に関する脆弱性 CWE-287
不適切な認証 		CVE-2013-3659 2013-08-14 13:56 2013-08-7 Show GitHub Exploit DB Packet Storm
228404 4.6 警告 シスコシステムズ - Cisco IOS XR におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2013-3464 2013-08-14 13:48 2013-08-13 Show GitHub Exploit DB Packet Storm
228405 7.8 危険 IOServer - IOServer の master-station DNP3 ドライバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2790 2013-08-14 11:20 2013-08-1 Show GitHub Exploit DB Packet Storm
228406 4.7 警告 Schweitzer Engineering Laboratories - 複数の Schweitzer Engineering Laboratories の製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2798 2013-08-13 19:39 2013-08-7 Show GitHub Exploit DB Packet Storm
228407 6.9 警告 Schneider Electric - 複数の Schneider Electric 製品における任意のファイルを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2013-2796 2013-08-13 19:27 2013-08-5 Show GitHub Exploit DB Packet Storm
228408 7.1 危険 Schweitzer Engineering Laboratories - 複数の Schweitzer Engineering Laboratories 製品におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-2792 2013-08-13 19:15 2013-08-7 Show GitHub Exploit DB Packet Storm
228409 5 警告 IBM - IBM Sterling B2B Integrator におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-0494 2013-08-13 18:57 2013-03-11 Show GitHub Exploit DB Packet Storm
228410 3.5 注意 IBM - IBM Informix Open Admin Tool におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0492 2013-08-13 18:42 2013-08-8 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4661 4.4 MEDIUM
Network 		- - The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'drag_n_drop_text' and 'drag_n_drop_browse_text' Settings in all versio… CWE-79
Cross-site Scripting 		CVE-2026-8991 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4662 4.9 MEDIUM
Network 		- - The Smart Slider 3 plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.5.1.36 via the replaceHTMLImage function. This makes it possible for authenticated… CWE-22
Path Traversal 		CVE-2026-9197 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4663 4.3 MEDIUM
Network 		- - The Page-list plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 6.2. This is due to the pagelist_unqprfx_ext_shortcode() function (the [pagelist_ext] /… CWE-862
 Missing Authorization 		CVE-2026-9008 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4664 6.4 MEDIUM
Network 		- - The Master Addons For Elementor – Widgets, Extensions, Theme Builder, Popup Builder & Template Kits plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'jtlma_custom_js' Page Settin… CWE-79
Cross-site Scripting 		CVE-2026-9281 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4665 4.4 MEDIUM
Network 		- - The Quick Playground plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.3.4. This is due to the `qckply_data()` function passing the user-supplied `filename`… CWE-22
Path Traversal 		CVE-2026-2500 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4666 6.6 MEDIUM
Network 		- - The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.4 via deserialization of untrusted input . This makes it … CWE-502
 Deserialization of Untrusted Data 		CVE-2026-7566 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4667 5.3 MEDIUM
Network 		- - The WPForms – Easy Form Builder for WordPress – Contact Forms, Payment Forms, Surveys, & More plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to an… CWE-345
 Insufficient Verification of Data Authenticity 		CVE-2026-7792 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4668 4.3 MEDIUM
Network 		- - The Klamra Paycal for Aspaclaria plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.4 via the 'invoice_id' parameter due to missing valid… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-8611 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4669 6.3 MEDIUM
Network 		- - A vulnerability was identified in vertex-app vertex up to 2026.02.12. This issue affects some unknown processing of the file app/model/LogMod.js of the component Log Viewer Endpoint. Such manipulatio… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-11408 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm
4670 4.4 MEDIUM
Local 		- - A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf.pro. Performing a manipulation of the argument _disp… CWE-22
Path Traversal 		CVE-2026-11411 2026-06-8 23:57 2026-06-6 Show GitHub Exploit DB Packet Storm