Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 2, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
245981	7.5	危険	feng	-	LScube Feng の RTSP_remove_msg 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2007-6627	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245982	7.5	危険	feng	-	LScube Feng の RTSP_valid_response_msg 関数におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6626	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245983	7.5	危険	Atlassian	-	Atlassian JIRA Enterprise Edition の Setup Wizard におけるデフォルト言語を変更される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2007-6619	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245984	5	警告	Atlassian	-	JIRA Enterprise Edition における別のユーザの共有フィルタを削除される脆弱性	CWE-DesignError	CVE-2007-6618	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245985	4.3	警告	Atlassian	-	JIRA Enterprise Edition の 500page.jsp におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-6617	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245986	6.8	警告	agaresmedia	-	Agares Media phpAutoVideo の includes/block.php におけるディレクトリトラバーサルの脆弱性	CWE-94 コード・インジェクション	CVE-2007-6615	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245987	6.8	警告	agaresmedia	-	Agares Media phpAutoVideo の admin/frontpage_right.php における PHP リモートファイルインクルージョンの脆弱性	CWE-94 コード・インジェクション	CVE-2007-6614	2012-06-26 15:54	2008-01-3	Show	GitHub Exploit DB Packet Storm

245988	5	警告	GNU Project	-	GNU Compact Disc Input および libcdio の src/iso-info.c におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6613	2012-06-26 15:54	2007-12-31	Show	GitHub Exploit DB Packet Storm

245989	10	危険	Debian	-	unp における任意のコマンドを実行される脆弱性	CWE-DesignError	CVE-2007-6610	2012-06-26 15:54	2007-10-29	Show	GitHub Exploit DB Packet Storm

245990	5	警告	coolplayer	-	CoolPlayer の CPI_PlaylistItem.c の CPLI_ReadTag_OGG 関数におけるスタックベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2007-6609	2012-06-26 15:54	2007-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1511	4.3	MEDIUM Network	-	-	PbootCMS v.3.2.11 contains a code injection vulnerability in its site configuration functionality	CWE-79 Cross-site Scripting	CVE-2026-36239	2026-05-28 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1512	5.2	MEDIUM Adjacent	-	-	SailingLab AppLock (aka com.alpha.applock) 4.3.8 for Android allows a local attacker to trigger arbitrary JavaScript execution via BrowserMainActivity, which accepts VIEW intents with javascript: URI…	CWE-79 Cross-site Scripting	CVE-2025-68709	2026-05-28 03:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1513	9.8	CRITICAL Network	ibm	websphere_application_server	IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code executi…	CWE-94 Code Injection	CVE-2026-8633	2026-05-28 03:12	2026-05-27	Show	GitHub Exploit DB Packet Storm

1514	7.8	HIGH Local	openvpn	connect	Privilege escalation via background service of OpenVPN Connect 3.5.1 through 3.8.1 on macOS allows attackers to execute arbitrary commands with elevated privileges via local IPC channel	CWE-78 CWE-267 CWE-270 CWE-648 OS Command Privilege Defined With Unsafe Actions Privilege Context Switching Error Incorrect Use of Privileged APIs	CVE-2026-9560	2026-05-28 03:08	2026-05-27	Show	GitHub Exploit DB Packet Storm

1515	4.3	MEDIUM Network	-	-	Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2.	CWE-862 Missing Authorization	CVE-2026-49054	2026-05-28 02:44	2026-05-28	Show	GitHub Exploit DB Packet Storm

1516	9.1	CRITICAL Network	-	-	HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '\| cm…	CWE-73 CWE-78 External Control of File Name or Path OS Command	CVE-2026-8450	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1517	7.3	HIGH Network	-	-	IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in …	CWE-95 Eval Injection	CVE-2026-48962	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1518	4.3	MEDIUM Network	-	-	Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of cred…	CWE-269 Improper Privilege Management	CVE-2026-48926	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1519	6.6	MEDIUM Network	-	-	Jenkins LDAP Plugin 807.v7d7de30930cf and earlier follows LDAP referrals.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-48916	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1520	-		-	-	Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available…	CWE-506 Embedded Malicious Code	CVE-2026-48027	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm