Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 14, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
250621	4.3	警告	My First HDML	-	SmallPICT におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2638	2012-06-19 12:02	2012-06-19	Show	GitHub Exploit DB Packet Storm

250622	2.6	注意	KENT-WEB	-	WEB PATIO におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2637	2012-06-19 12:01	2012-06-19	Show	GitHub Exploit DB Packet Storm

250623	4.3	警告	KENT-WEB	-	WEB PATIO におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2636	2012-06-19 12:01	2012-06-19	Show	GitHub Exploit DB Packet Storm

250624	8.3	危険	マイクロソフト VMware	-	VMware ESXi および ESX におけるゲスト OS の権限を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-1515	2012-06-18 18:05	2012-03-29	Show	GitHub Exploit DB Packet Storm

250625	7.8	危険	VMware	-	複数の VMware 製品におけるサービス運用妨害 (ゲスト OS クラッシュ) の脆弱性	CWE-94 コード・インジェクション	CVE-2012-3289	2012-06-18 16:22	2012-06-14	Show	GitHub Exploit DB Packet Storm

250626	9.3	危険	VMware	-	複数の VMware 製品におけるホスト OS 上で任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2012-3288	2012-06-18 16:20	2012-06-14	Show	GitHub Exploit DB Packet Storm

250627	5	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-Other その他	CVE-2012-3568	2012-06-18 16:14	2012-04-26	Show	GitHub Exploit DB Packet Storm

250628	5	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (メモリ消費またはアプリケーションハング) の脆弱性	CWE-Other その他	CVE-2012-3567	2012-06-18 16:13	2012-04-26	Show	GitHub Exploit DB Packet Storm

250629	4.3	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (アプリケーションハング) の脆弱性	CWE-noinfo 情報不足	CVE-2012-3566	2012-06-18 16:10	2012-04-26	Show	GitHub Exploit DB Packet Storm

250630	5	警告	Opera Software ASA	-	Opera におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性	CWE-Other その他	CVE-2012-3565	2012-06-18 16:09	2012-04-26	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
71	8.1	HIGH Network	-	-	ApostropheCMS is an open-source Node.js content management system. Versions up to and including 4.29.0 have a password reset flow that constructs the reset URL using `req.hostname`, which is derived … New	CWE-20 CWE-640 Improper Input Validation Weak Password Recovery Mechanism for Forgotten Password	CVE-2026-45013	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

72	6.5	MEDIUM Local	-	-	ApostropheCMS is an open-source Node.js content management system. Versions of the @apostrophecms/cli package up to and including 3.6.0 contain a command injection vulnerability in the apos create co… New	CWE-78 OS Command	CVE-2026-42853	2026-06-13 13:17	2026-06-13	Show	GitHub Exploit DB Packet Storm

73	7.5	HIGH Network	-	-	The WP Ticket plugin for WordPress is vulnerable to SQL Injection via the WordPress search query parameter (`s`) in versions up to, and including, 6.0.4 The plugin hooks WordPress's `posts_request` f… New	CWE-89 SQL Injection	CVE-2026-9848	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

74	5.5	MEDIUM Local	-	-	A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and w… New	CWE-74 Injection	CVE-2026-54231	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

75	7.0	HIGH Local	-	-	A symlink following vulnerability was found in the ABRT post-create event handler scripts in libreport. Event scripts write output files using shell redirections without the O_NOFOLLOW flag. If the t… New	CWE-59 Link Following	CVE-2026-54230	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

76	7.0	HIGH Local	-	-	A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DD_OPEN_READONLY and calls dd_chown to change ownership of all files … New	CWE-362 Race Condition	CVE-2026-54229	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

77	7.8	HIGH Local	-	-	A time-of-check time-of-use (TOCTOU) race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can c… New	CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition	CVE-2026-54228	2026-06-13 12:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

78	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban an… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47188	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

79	-		-	-	Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies w… New	CWE-116 Improper Encoding or Escaping of Output	CVE-2026-47175	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm

80	-		-	-	tmp is a temporary file and directory creator for node.js. Prior to 0.2.6, the tmp npm package contains a path traversal vulnerability that allows escaping the intended temporary directory when untru… New	CWE-22 Path Traversal	CVE-2026-44705	2026-06-13 12:16	2026-06-12	Show	GitHub Exploit DB Packet Storm