Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242761	5.1	警告	John Lim	-	Intechnic In-link の John Lim ADOdb における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4618	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242762	5	警告	MailEnable	-	MailEnable の SMTP サービスにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-4616	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242763	7.5	危険	john andersson	-	ZIXForum の ReplyNew.asp における SQL インジェクションの脆弱性	-	CVE-2006-4612	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242764	6.8	警告	longino	-	Longino Jacome php-Revista におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-4608	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242765	7.5	危険	longino	-	Longino Jacome php-Revista の admin/index.php における認証コントロールを回避される脆弱性	-	CVE-2006-4607	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242766	7.5	危険	longino	-	Longino Jacome php-Revista における SQL インジェクションの脆弱性	-	CVE-2006-4606	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242767	7.5	危険	longino	-	Longino Jacome php-Revista の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4605	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242768	7.5	危険	lanifex	-	Lanifex DMO の LFXlib/access_manager.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-4604	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242769	7.5	危険	NCH Software	-	NCH Swift Sound Web Dictate における認証を回避される脆弱性	-	CVE-2006-4603	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

242770	7.5	危険	icblogger	-	ICBlogger の devam.asp における SQL インジェクションの脆弱性	-	CVE-2006-4597	2012-09-25 15:35	2006-09-6	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
121	6.5	MEDIUM Network	-	-	OpenClaw before 2026.4.24 contains a token revocation vulnerability allowing callers with revoked slash tokens to continue executing commands during monitor refresh windows. Attackers can exploit sta… New	CWE-613 Insufficient Session Expiration	CVE-2026-53824	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

122	8.1	HIGH Network	-	-	OpenClaw before 2026.5.3 contains a privilege escalation vulnerability in the allowFrom feature that binds to mutable Slack display names. Attackers with Slack account access can change display name … New	CWE-290 Authentication Bypass by Spoofing	CVE-2026-53823	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

123	8.8	HIGH Network	-	-	OpenClaw before 2026.5.18 contains a command injection vulnerability where shell wrapper argv could change between approval and execution. Attackers can rebuild command arguments after allowlist appr… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-53822	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

124	8.8	HIGH Network	-	-	OpenClaw before 2026.5.18 accepts WebSocket client-declared operator scopes before binding to server-approved pairing or trusted-proxy authorization baseline. Unpaired or restricted trusted-proxy Con… New	CWE-862 Missing Authorization	CVE-2026-53821	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

125	6.6	MEDIUM Local	-	-	OpenClaw before 2026.5.12 contains an exec denylist bypass vulnerability in the bundle MCP loopback session-spawn path that allows authenticated callers to bypass intended command restrictions. Attac… New	CWE-862 Missing Authorization	CVE-2026-53820	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

126	9.1	CRITICAL Network	-	-	ApostropheCMS is an open-source Node.js content management system. In versions up to and including 4.30.0, `apos.util.set()` traverses dot-notation paths without sanitizing `__proto__`, allowing an a… New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-53609	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

127	8.7	HIGH Network	-	-	ApostropheCMS is an open-source Node.js content management system. Versions up to and including 1.4.2 of the `@apostrophecms/seo` package injects the Google Analytics Tracking ID (`seoGoogleTrackingI… New	CWE-79 Cross-site Scripting	CVE-2026-53608	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

128	6.8	MEDIUM Network	-	-	Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before version 2.2.0, the getRedirectURL function in oauth2.go:22-29 constructs t… New	CWE-601 Open Redirect	CVE-2026-53523	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

129	6.5	MEDIUM Network	-	-	Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.0.0 to before version 2.2.0, the Nezha dashboard exposes two endpoints that create long-… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2026-53522	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

130	6.4	MEDIUM Network	-	-	Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_p… New	CWE-863 Incorrect Authorization	CVE-2026-53521	2026-06-13 07:16	2026-06-13	Show	GitHub Exploit DB Packet Storm