Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
249761 7.5 危険 eyeOS Project - EyeOS の apps/eyeHome.eyeapp/aplic.php の eyeHome 関数における任意のコードを実行される脆弱性 - CVE-2006-6556 2012-06-26 15:38 2006-12-14 Show GitHub Exploit DB Packet Storm
249762 7.5 危険 easyfill - EasyFill における SQL インジェクションの脆弱性 - CVE-2006-6555 2012-06-26 15:38 2006-12-14 Show GitHub Exploit DB Packet Storm
249763 3.5 注意 cPanel - cPanel WHM におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6548 2012-06-26 15:38 2006-12-14 Show GitHub Exploit DB Packet Storm
249764 7.5 危険 cutenews aj-fork - CN:AJ の inc/shows.inc.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6546 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249765 6.8 警告 cm68 news - CM68 News におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6544 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249766 7.5 危険 appintellect - AppIntellect SpotLight CRM の login.asp における SQL インジェクションの脆弱性 - CVE-2006-6543 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249767 7.5 危険 fantastic news - Falt4Extreme RC4 の index.php における SQL インジェクションの脆弱性 - CVE-2006-6542 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249768 6.8 警告 bluetrait - Bluetrait の bt-trackback.php における SQL インジェクションの脆弱性 - CVE-2006-6540 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249769 10 危険 flippet.org - Wawi におけるバッファオーバーフローの脆弱性 - CVE-2006-6539 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
249770 7.8 危険 D-Link Systems, Inc. - D-LINK DWL-2000AP+ におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6538 2012-06-26 15:38 2006-12-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
196291 2.7 LOW
Network 		arangodb arangodb In ArangoDB, versions v3.7.0 through v3.9.0-alpha.1 have a feature which allows downloading a Foxx service from a publicly available URL. This feature does not enforce proper filtering of requests pe… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-25939 2024-11-21 14:55 2022-02-9 Show GitHub Exploit DB Packet Storm
196292 6.1 MEDIUM
Network 		cacti cacti As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL paramete… CWE-79
Cross-site Scripting 		CVE-2021-26247 2024-11-21 14:55 2022-01-20 Show GitHub Exploit DB Packet Storm
196293 3.0 LOW
Network 		kubernetes kubernetes kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as… NVD-CWE-Other
CVE-2021-25743 2024-11-21 14:55 2022-01-7 Show GitHub Exploit DB Packet Storm
196294 8.8 HIGH
Network 		userfrosting userfrosting In Userfrosting, versions v0.3.1 to v4.6.2 are vulnerable to Host Header Injection. By luring a victim application user to click on a link, an unauthenticated attacker can use the “forgot password” f… CWE-74
Injection 		CVE-2021-25994 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
196295 9.8 CRITICAL
Network 		talkyard talkyard In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the … CWE-613
 Insufficient Session Expiration 		CVE-2021-25981 2024-11-21 14:55 2022-01-3 Show GitHub Exploit DB Packet Storm
196296 5.4 MEDIUM
Network 		requarks wiki.js In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while u… CWE-79
Cross-site Scripting 		CVE-2021-25993 2024-11-21 14:55 2021-12-30 Show GitHub Exploit DB Packet Storm
196297 7.3 HIGH
Network 		if-me ifme In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete … NVD-CWE-Other
CVE-2021-25991 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196298 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe. CWE-79
Cross-site Scripting 		CVE-2021-25990 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196299 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for … CWE-79
Cross-site Scripting 		CVE-2021-25989 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm
196300 5.4 MEDIUM
Network 		if-me ifme In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin. CWE-79
Cross-site Scripting 		CVE-2021-25988 2024-11-21 14:55 2021-12-29 Show GitHub Exploit DB Packet Storm