Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 26, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232251 7.5 危険 webtext - WebText CMS における wt/users/ 配下のスクリプトへ任意の PHP コードを挿入される脆弱性 - CVE-2006-6856 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232252 7.5 危険 shadowed works - Shadowed Portal の include.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6850 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232253 5 警告 リアルネットワークス - RealNetworks RealPlayer の ierpplug.dll におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6847 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232254 10 危険 phpBB - phpBB の特定のフォームにおける脆弱性 - CVE-2006-6841 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232255 10 危険 phpBB - phpBB における脆弱性 - CVE-2006-6840 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232256 10 危険 phpBB - phpBB における脆弱性 - CVE-2006-6839 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232257 7.5 危険 rediff - Rediff Bol Downloader OCX コントロールにおける重要な情報 (ユーザ名およびパス名) を取得される脆弱性 - CVE-2006-6838 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232258 6.8 警告 sergey oblomov - Total Commander 用の ISO プラグインの LoadTree などの関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2006-6837 2012-12-20 18:02 2006-12-31 Show GitHub Exploit DB Packet Storm
232259 7.5 危険 yrch - Yrch! の plugins/metasearch/plug.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6823 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
232260 7.5 危険 vladimir menshakov - Vladimir Menshakov buratinable templator の process.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6809 2012-12-20 18:02 2006-12-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 27, 2026, 4:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 8.5 HIGH
Network 		- - A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution charac… New CWE-78
OS Command  		CVE-2026-4480 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
222 5.6 MEDIUM
Network 		- - When the DLP is active, the UserCheck Web Portal contains an input-handling issue in the UserChoice flow. Under specific conditions, an attacker who can access the UserCheck Ask page could attempt to… New CWE-89
SQL Injection 		CVE-2026-48134 2026-05-27 00:16 2026-05-26 Show GitHub Exploit DB Packet Storm
223 8.1 HIGH
Network 		- - The Security Gateway does not correctly validate a length value in certain IKE packets when NAT-T is used (4500/UDP). As a result, a specially crafted or malformed packet can cause the VPN processing… New CWE-125
Out-of-bounds Read 		CVE-2026-48132 2026-05-27 00:16 2026-05-26 Show GitHub Exploit DB Packet Storm
224 8.8 HIGH
Network 		- - luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — … New CWE-77
Command Injection 		CVE-2026-46368 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
225 9.8 CRITICAL
Network 		- - Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying … New CWE-502
 Deserialization of Untrusted Data 		CVE-2026-45247 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
226 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-43918. Reason: This candidate is a duplicate of CVE-2026-43918. Notes: All CVE users should reference CVE-2026-439… New - CVE-2026-43919 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
227 7.2 HIGH
Network 		- - OpenKM 6.3.12 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary Java/BeanShell code through the /admin/Scripting endpoint. Attackers can sub… New CWE-94
Code Injection 		CVE-2026-42785 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
228 7.2 HIGH
Network 		- - OpenKM 6.3.12 contains an unrestricted SQL execution vulnerability that allows authenticated administrative users to execute arbitrary SQL statements against the application database via the Database… New CWE-89
SQL Injection 		CVE-2026-42425 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
229 - - - Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-28496. Reason: This candidate is a duplicate of CVE-2026-28496. Notes: All CVE users should reference CVE-2026-284… New - CVE-2026-42347 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm
230 4.9 MEDIUM
Network 		- - OpenKM 6.3.12 contains a local file inclusion vulnerability in the administrative scripting interface at /admin/Scripting that allows authenticated administrators to read arbitrary files by supplying… New CWE-22
Path Traversal 		CVE-2026-41917 2026-05-27 00:16 2026-05-27 Show GitHub Exploit DB Packet Storm