Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
242831	6.8	警告	mambweather	-	Mambo 用の MambWeather コンポーネントにおける PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2006-5519	2012-09-25 15:36	2006-10-26	Show	GitHub Exploit DB Packet Storm

242832	4.3	警告	phpadsnew phppgads	-	phpAdsNew などの製品で使用される lib-history.inc.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-5515	2012-09-25 15:36	2006-10-26	Show	GitHub Exploit DB Packet Storm

242833	2.6	注意	jaxultrabb	-	JUBB の delete.php における任意の Web スクリプトなどを挿入される脆弱性	-	CVE-2006-5511	2012-09-25 15:36	2006-10-25	Show	GitHub Exploit DB Packet Storm

242834	7.5	危険	middlebury college	-	Segue CMS の themes/program/themesettings.inc.php におけるディレクトリトラバーサルの脆弱性	-	CVE-2006-5498	2012-09-25 15:36	2006-10-25	Show	GitHub Exploit DB Packet Storm

242835	7.5	危険	middlebury college	-	Segue CMS における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-5497	2012-09-25 15:36	2006-10-25	Show	GitHub Exploit DB Packet Storm

242836	4	警告	Maarch	-	Maerys Archive における重要な情報を取得される脆弱性	-	CVE-2006-5492	2012-09-25 15:36	2006-10-25	Show	GitHub Exploit DB Packet Storm

242837	7.5	危険	middlebury college	-	Segue CMS における SQL インジェクションの脆弱性	-	CVE-2006-5490	2012-09-25 15:36	2006-10-25	Show	GitHub Exploit DB Packet Storm

242838	10	危険	marshal	-	Marshal MailMarshal SMTP などにおけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2006-5487	2012-09-25 15:36	2006-11-10	Show	GitHub Exploit DB Packet Storm

242839	5	警告	Novell	-	Novell eDirectory の NCP Engine におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-5479	2012-09-25 15:36	2006-10-24	Show	GitHub Exploit DB Packet Storm

242840	7.5	危険	Novell	-	Novell eDirectory および Novell NetMail におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2006-5478	2012-09-25 15:36	2006-10-24	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
311	7.7	HIGH Network	-	-	Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 1.4.0 to before version 2.0.8, nezha's dashboard supports two user roles: RoleAdmin (Role=…	CWE-863 CWE-918 Incorrect Authorization Server-Side Request Forgery (SSRF)	CVE-2026-46717	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

312	8.1	HIGH Network	-	-	ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using `req.hostname`, which is derived …	CWE-20 CWE-640 Improper Input Validation Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-45013	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

313	6.5	MEDIUM Local	-	-	ApostropheCMS is an open-source Node.js content management system. Versions of the @apostrophecms/cli package up to and including 3.6.0 contain a command injection vulnerability in the apos create co…	CWE-78 OS Command	CVE-2026-42853	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

314	7.5	HIGH Network	-	-	The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, 6.0.4 The plugin hooks WordPress's `posts_request` f…	CWE-89 SQL Injection	CVE-2026-9848	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

315	5.5	MEDIUM Local	-	-	A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and w…	CWE-74 Injection	CVE-2026-54231	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

316	7.0	HIGH Local	-	-	A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the t…	CWE-59 Link Following	CVE-2026-54230	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

317	7.0	HIGH Local	-	-	A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files …	CWE-362 Race Condition	CVE-2026-54229	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

318	7.8	HIGH Local	-	-	A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can c…	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-54228	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

319	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban an…	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47188	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

320	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies w…	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47175	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm