Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 31, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
247811 7.5 危険 Bitweaver - bitweaver の newsletters/edition.php における SQL インジェクションの脆弱性 - CVE-2006-6923 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
247812 7.5 危険 deadlock user management system - phpdeadlock における SQL インジェクションの脆弱性 - CVE-2006-6922 2012-06-26 15:38 2007-01-12 Show GitHub Exploit DB Packet Storm
247813 10 危険 geobb - GeoBB の Admin ログインにおける詳細不明な脆弱性 - CVE-2006-6918 2012-06-26 15:38 2007-01-11 Show GitHub Exploit DB Packet Storm
247814 4.3 警告 flock - Flock におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2006-6954 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
247815 2.1 注意 globetrotter - GlobeTrotter Mobility Manager におけるパスワードなど任意のキーストロークをキャプチャされる脆弱性 CWE-200
情報漏えい 		CVE-2006-6953 2012-06-26 15:38 2007-01-29 Show GitHub Exploit DB Packet Storm
247816 7.2 危険 CA Technologies - Computer Associates HIPS ドライバの Core kmxstart.sys におけるユーザ権限を取得される脆弱性 - CVE-2006-6952 2012-06-26 15:38 2007-01-24 Show GitHub Exploit DB Packet Storm
247817 5 警告 conti - Conti FTPServer におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6950 2012-06-26 15:38 2007-01-22 Show GitHub Exploit DB Packet Storm
247818 4.6 警告 conti - Conti FTPServer における重要な情報を取得される脆弱性 - CVE-2006-6949 2012-06-26 15:38 2007-01-22 Show GitHub Exploit DB Packet Storm
247819 5 警告 FreeWebshop - FreeWebshop の index.php における重要な情報を取得される脆弱性 - CVE-2006-6941 2012-06-26 15:38 2007-01-18 Show GitHub Exploit DB Packet Storm
247820 4.6 警告 GNU Project - GNU ed における任意のファイルを上書きされる脆弱性 - CVE-2006-6939 2012-06-26 15:38 2007-01-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
221 5.9 MEDIUM
Network 		- - Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's total_use counter. Un… New CWE-362
Race Condition 		CVE-2026-47741 2026-05-30 05:17 2026-05-30 Show GitHub Exploit DB Packet Storm
222 6.5 MEDIUM
Network 		- - Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor (Edit, Inventory, Seo, Shipping, Files) had no authorization on their store() met… New CWE-862
 Missing Authorization 		CVE-2026-47742 2026-05-30 05:17 2026-05-30 Show GitHub Exploit DB Packet Storm
223 6.5 MEDIUM
Network 		- - Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, the admin tables for PaymentMethods, Currencies and Carriers exposed inline toggles and per-record actions (enable, disable, edit, delete… New CWE-862
 Missing Authorization 		CVE-2026-47745 2026-05-30 05:17 2026-05-30 Show GitHub Exploit DB Packet Storm
224 9.9 CRITICAL
Network 		- - Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Team/… New CWE-269
CWE-285
 Improper Privilege Management
Improper Authorization 		CVE-2026-47744 2026-05-30 05:17 2026-05-30 Show GitHub Exploit DB Packet Storm
225 5.3 MEDIUM
Network 		- - Casdoor versions 2.362.0 and earlier contain a logic flaw in the social‑login binding flow that allows users to bypass configured MFA requirements. The binding‑rule code path in controllers/auth.go c… New - CVE-2026-9091 2026-05-30 05:16 2026-05-29 Show GitHub Exploit DB Packet Storm
226 9.1 CRITICAL
Network 		- - Casdoor versions 2.362.0 and earlier contain a vulnerability that allows an attacker to bypass authentication by supplying an arbitrary signing certificate. The buildSpCertificateStore function extra… New - CVE-2026-9090 2026-05-30 05:16 2026-05-29 Show GitHub Exploit DB Packet Storm
227 - - - StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a… New CWE-312
CWE-522
 Cleartext Storage of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2026-4387 2026-05-30 05:16 2026-05-30 Show GitHub Exploit DB Packet Storm
228 - - - The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded s… New - CVE-2026-46599 2026-05-30 05:16 2026-05-30 Show GitHub Exploit DB Packet Storm
229 6.5 MEDIUM
Network 		- - The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0.6, the max option was being applied too late. When expanding a single large num… New CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-45149 2026-05-30 05:16 2026-05-30 Show GitHub Exploit DB Packet Storm
230 5.3 MEDIUM
Network 		- - Decoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image. New - CVE-2026-42500 2026-05-30 05:16 2026-05-30 Show GitHub Exploit DB Packet Storm