Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 20, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
231741	5.1	警告	powerscripts	-	PowerClan の footer.inc.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6715	2012-12-20 18:02	2006-12-22	Show	GitHub Exploit DB Packet Storm

231742	6.5	警告	日立	-	Groupmax 用の Soumu Workflow などにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2006-6706	2012-12-20 18:02	2006-12-22	Show	GitHub Exploit DB Packet Storm

231743	7.5	危険	scriptsfrenzy.com	-	E-Uploader Pro の include/config.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-6694	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231744	7.5	危険	Zabbix	-	zabbix におけるバッファオーバーフローの脆弱性	-	CVE-2006-6693	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231745	7.5	危険	Zabbix	-	zabbix におけるフォーマットストリングの脆弱性	-	CVE-2006-6692	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231746	7.5	危険	valdersoft	-	Valdersoft Shopping Cart における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6691	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231747	7.5	危険	TYPO3 Association	-	Typo3 の rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php における任意のコマンドを実行される脆弱性	-	CVE-2006-6690	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231748	7.5	危険	web-app.net	-	WebAPP におけるフィルタリングのメカニズムを回避される脆弱性	-	CVE-2006-6688	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231749	4.3	警告	web-app.net	-	WebAPP におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2006-6687	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

231750	6.8	警告	textsend	-	Carsen Klock TextSend の sender.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6686	2012-12-20 18:02	2006-12-21	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 21, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	9.8	CRITICAL Network	-	-	Camel-CXF and Camel-Knative Message Header Injection via Missing Inbound Filtering The CXF and Knative HeaderFilterStrategy implementations (CxfRsHeaderFilterStrategy in camel-cxf-rest, CxfHeaderFil… New	CWE-178 Improper Handling of Case Sensitivity	CVE-2026-47323	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

72	8.8	HIGH Network	apache	ofbiz	Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') vulnerability in Apache OFBiz. This issue affects Ap… New	CWE-94 CWE-95 Code Injection Eval Injection	CVE-2026-46586	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

73	5.5	MEDIUM Local	-	-	In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - t… Update	CWE-269 Improper Privilege Management	CVE-2026-46333	2026-05-21 02:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

74	9.8	CRITICAL Network	apache	ofbiz	Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgr… New	CWE-287 Improper Authentication	CVE-2026-45434	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

75	7.8	HIGH Local	tabby	tabby	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code … Update	CWE-150 Improper Neutralization of Escape, Meta, or Control Sequences	CVE-2026-45038	2026-05-21 02:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

76	7.0	HIGH Local	tabby	tabby	Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without us… Update	CWE-78 OS Command	CVE-2026-45036	2026-05-21 02:16	2026-05-16	Show	GitHub Exploit DB Packet Storm

77	4.3	MEDIUM Network	-	-	In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL. Update	CWE-696 Incorrect Behavior Order	CVE-2026-44919	2026-05-21 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm

78	9.8	CRITICAL Network	-	-	In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix handling of MAY_BACKLOG requests MAY_BACKLOG requests can return EBUSY. Handle them by checking for that va… New	-	CVE-2026-43493	2026-05-21 02:16	2026-05-19	Show	GitHub Exploit DB Packet Storm

79	8.8	HIGH Network	-	-	In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor x… Update	-	CVE-2026-43490	2026-05-21 02:16	2026-05-15	Show	GitHub Exploit DB Packet Storm

80	7.8	HIGH Local	-	-	In the Linux kernel, the following vulnerability has been resolved: net-shapers: don't free reply skb after genlmsg_reply() genlmsg_reply() hands the reply skb to netlink, and netlink_unicast() con… Update	-	CVE-2026-43481	2026-05-21 02:16	2026-05-14	Show	GitHub Exploit DB Packet Storm