Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
247831	6	警告	digitizing quote and ordering system	-	Digitizing Quote And Ordering System の search.asp における SQL インジェクションの脆弱性	-	CVE-2006-6911	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247832	7.8	危険	fersch	-	Fersch Formbankserver の formbankcgi.exe におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2006-6910	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247833	10	危険	マイクロソフト Broadcom	-	Widcomm Bluetooth Stack COM Server におけるバッファオーバーフローの脆弱性	-	CVE-2006-6908	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247834	10	危険	bluesoil bluetooth	-	Bluesoil Bluetooth スタックにおける詳細不明な脆弱性	-	CVE-2006-6907	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247835	7.2	危険	アップル	-	Apple Mac OS 上で稼働する Bluetooth スタックにおける詳細不明な脆弱性	-	CVE-2006-6906	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247836	10	危険	Broadcom	-	Widcomm Bluetooth スタックにおける管理アクセス権を取得される脆弱性	-	CVE-2006-6905	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247837	7.9	危険	Broadcom	-	Broadcom Bluetooth スタックにおける管理アクセス権を取得される脆弱性	-	CVE-2006-6904	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247838	10	危険	アップル	-	Apple Mac OS の Bluetooth スタックにおける詳細不明な脆弱性	-	CVE-2006-6900	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247839	7.8	危険	Broadcom	-	BTW における会話を盗聴され記録される脆弱性	-	CVE-2006-6898	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

247840	7.5	危険	FreeStyleWiki Project	-	fswiki におけるパスワードを取得される脆弱性	-	CVE-2006-6889	2012-06-26 15:38	2006-12-31	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
171	9.6	CRITICAL Network	-	-	CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, the task_create tool spawns durable sub-agents that inherit two insecure defaults, allow_shell defaults to true (config.rs:14… New	CWE-94 Code Injection	CVE-2026-45374	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

172	7.4	HIGH Network	-	-	CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.26, although SSRF is validated against hostnames that resolve to private IPv6 addresses, when providing the IPV6 in‌‌ URL‌ as htt… New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45373	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

173	-		-	-	LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, LinkAce contains a stored cross-site scripting vulnerability that allows a low-privilege user to execute arbitrary JavaScrip… New	CWE-79 Cross-site Scripting	CVE-2026-45343	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

174	7.5	HIGH Network	-	-	Automad is a flat-file content management system and template engine. From 2.0.0-alpha.1 to 2.0.0-beta.27, a Broken Access Control vulnerability allows an unauthenticated attacker to retrieve the bcr… New	CWE-200 CWE-306 Information Exposure Missing Authentication for Critical Function	CVE-2026-45332	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

175	7.4	HIGH Network	-	-	CodeWhale is a DeepSeek + MiMo coding agent in terminal. Prior to 0.8.22, the fetch_url tool validates the initial URL's resolved IP address against a restricted-IP blocklist (is_restricted_ip()) to … New	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-45310	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

176	7.5	HIGH Network	-	-	Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack… New	CWE-36 Absolute Path Traversal	CVE-2026-10044	2026-05-30 13:17	2026-05-29	Show	GitHub Exploit DB Packet Storm

177	8.1	HIGH Network	-	-	Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing se… New	CWE-22 CWE-73 Path Traversal External Control of File Name or Path	CVE-2026-46402	2026-05-30 11:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

178	9.9	CRITICAL Network	-	-	OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be esc… New	CWE-693 Protection Mechanism Failure	CVE-2026-45102	2026-05-30 11:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

179	7.8	HIGH Local	-	-	systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active Netwo… New	CWE-78 OS Command	CVE-2026-44724	2026-05-30 11:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

180	-		-	-	UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti… New	CWE-401 Missing Release of Memory after Effective Lifetime	CVE-2026-44660	2026-05-30 11:16	2026-05-28	Show	GitHub Exploit DB Packet Storm