Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
243761 7.2 危険 deslock - DESlock+ の dlpcrypt.sys カーネルドライバにおける権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4832 2012-06-26 16:19 2010-04-29 Show GitHub Exploit DB Packet Storm
243762 5 警告 8pixel - 8pixel.net Blog におけるデータベースがダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4825 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243763 4.3 警告 cPanel - cPanel の frontend/x3/files/fileop.html におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2009-4823 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243764 5 警告 D-Link Systems, Inc. - D-Link DIR-615 におけるDNS 設定を変更される脆弱性 CWE-287
不適切な認証 		CVE-2009-4821 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243765 5 警告 ASP indir - Angelo-Emlak におけるデータベースをダウンロードされる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-4820 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243766 6.8 警告 element-it - Element-IT Ultimate Uploader における任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2009-4817 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243767 5 警告 MegaLab.it - MegaLab The Uploader の api/download_checker.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2009-4816 2012-06-26 16:19 2010-04-27 Show GitHub Exploit DB Packet Storm
243768 7.5 危険 graugon - Graugon PHP Article Publisher の admin.php における管理者用アクセス権を取得される脆弱性 CWE-287
不適切な認証 		CVE-2009-4808 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
243769 7.5 危険 graugon - Graugon PHP Article Publisher における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2009-4807 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
243770 7.5 危険 digitalinterchange - Digital Interchange Document Library の admin/save_user.asp における管理者の資格情報を変更される脆弱性 CWE-287
不適切な認証 		CVE-2009-4806 2012-06-26 16:19 2010-04-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
951 6.4 MEDIUM
Network 		- - WordPress Soliloquy Lite 2.5.6 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by inserting script tags in the post title fiel… New CWE-79
Cross-site Scripting 		CVE-2019-25743 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
952 6.4 MEDIUM
Network 		- - WordPress Popup Builder 3.49 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by breaking out of option tags in the post_title … New CWE-79
Cross-site Scripting 		CVE-2019-25744 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
953 8.2 HIGH
Network 		- - WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through th… New CWE-89
SQL Injection 		CVE-2019-25745 2026-06-5 00:00 2026-06-4 Show GitHub Exploit DB Packet Storm
954 7.3 HIGH
Network 		- - A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/admin_class_novo.php of the component Administrat… New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-10704 2026-06-4 23:58 2026-06-3 Show GitHub Exploit DB Packet Storm
955 7.3 HIGH
Network 		- - A vulnerability was identified in DedeCMS 5.7.88. The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php. The manipulation of the argument msg leads to sql injection. … New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-10607 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm
956 7.3 HIGH
Network 		- - A security flaw has been discovered in DedeCMS 5.7.88. This affects the function RemoveXSS of the file /plus/carbuyaction.php. The manipulation of the argument postname/des results in sql injection. … New CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-10608 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm
957 4.3 MEDIUM
Network 		- - A weakness has been identified in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function TeamTasksTool.executeComplete of the file internal/tools/team_tasks_lifecycle.go of the co… New CWE-862
CWE-863
 Missing Authorization
 Incorrect Authorization 		CVE-2026-10616 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm
958 7.3 HIGH
Network 		- - A security vulnerability has been detected in nextlevelbuilder GoClaw up to 3.11.3. This affects the function resolveAuth of the file internal/http/auth.go of the component Webhook Verification Handl… New CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function 		CVE-2026-10617 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm
959 4.3 MEDIUM
Network 		- - A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blender_mcp/server.py. The manipulation of the arg… New CWE-74
CWE-707
Injection
 Improper Enforcement of Message or Data Structure 		CVE-2026-10661 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm
960 6.3 MEDIUM
Network 		- - A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. The affected element is the function requests.get of the file src/blender_mcp/server.py of the compon… New CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-10662 2026-06-4 23:56 2026-06-3 Show GitHub Exploit DB Packet Storm