Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2531 7.2 重要
Network 		German Cancer Research Center (DKFZ) nnU-Net German Cancer Research Center (DKFZ)のnnU-Netにおけるインジェクションに関する脆弱性 CWE-74
インジェクション 		CVE-2026-44246 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
2532 8.7 重要
Network 		protobufjs project protobufjs-cli protobufjs projectのprotobufjs-cliにおけるコードインジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2026-44295 2026-05-21 10:55 2026-05-13 Show GitHub Exploit DB Packet Storm
2533 9.8 緊急
Network 		WGDashboard WGDashboard WGDashboardにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2026-44343 2026-05-21 10:55 2026-05-12 Show GitHub Exploit DB Packet Storm
2534 8.8 重要
Network 		Tabby Tabby TabbyにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-45035 2026-05-21 10:55 2026-05-15 Show GitHub Exploit DB Packet Storm
2535 7 重要
Local 		Tabby Tabby TabbyにおけるOS コマンドインジェクションの脆弱性 CWE-78
OSコマンド・インジェクション 		CVE-2026-45036 2026-05-21 10:55 2026-05-15 Show GitHub Exploit DB Packet Storm
2536 7.1 重要
Network 		Tabby Tabby Tabbyにおける複数の脆弱性 CWE-184
CWE-601
CVE-2026-45037 2026-05-21 10:55 2026-05-15 Show GitHub Exploit DB Packet Storm
2537 7.8 重要
Local 		Tabby Tabby Tabbyにおけるエスケープ、メタ、またはコントロールシーケンスの不適切な無効化に関する脆弱性 CWE-150
エスケープ、メタ、またはコントロールシーケンスの不適切な無効化 		CVE-2026-45038 2026-05-21 10:54 2026-05-15 Show GitHub Exploit DB Packet Storm
2538 9.8 緊急
Network 		Zeit, Inc. Turborepo Vercel, Inc. (旧 Zeit, Inc.)のTurborepoにおける信頼できない検索パスに関する脆弱性 CWE-426
信頼性のない検索パス 		CVE-2026-45772 2026-05-21 10:54 2026-05-15 Show GitHub Exploit DB Packet Storm
2539 6.5 警告
Network 		Zeit, Inc. Turborepo Vercel, Inc. (旧 Zeit, Inc.)のTurborepoにおける複数の脆弱性 CWE-352
CWE-384
CVE-2026-45773 2026-05-21 10:54 2026-05-15 Show GitHub Exploit DB Packet Storm
2540 7.8 重要
Local 		Zeit, Inc. The Turborepo Language Server Protocol (LSP) Vercel, Inc. (旧 Zeit, Inc.)のThe Turborepo Language Server Protocol (LSP)におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-46508 2026-05-21 10:54 2026-05-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311721 - activewebsoftwares ewebquiz SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbitrary SQL commands via the QuizType parameter, a different vector than CVE-2007… CWE-89
SQL Injection 		CVE-2010-2359 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311722 - jeffkilroy nakid_cms PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute a… CWE-94
Code Injection 		CVE-2010-2358 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311723 - eicrasoft eicra_realestate_script SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote attackers to execute arbitrary SQL commands via the p_id parameter. NOTE: some of these details are ob… CWE-89
SQL Injection 		CVE-2010-2357 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311724 - pilotgroup elms_pro Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the course_id parameter. CWE-79
Cross-site Scripting 		CVE-2010-2356 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311725 - pilotgroup elms_pro Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arbitrary web script or HTML via the message parameter. NOTE: the provenance of t… CWE-79
Cross-site Scripting 		CVE-2010-2355 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311726 - pilotgroup elms_pro SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary SQL commands via the course_id parameter. CWE-89
SQL Injection 		CVE-2010-2354 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311727 - yves_chedemois cck The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access checks for the source field in the backend URL for the autocomplete widget, wh… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2353 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311728 - karen_stevenson
yves_chedemois 		cck The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal does not perform access checks before displaying referenced nodes, which allow… CWE-20
 Improper Input Validation  		CVE-2010-2352 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311729 - novell netware Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2351 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm
311730 - daniel_mealha_cabrita ziproxy Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2350 2024-11-21 10:16 2010-06-22 Show GitHub Exploit DB Packet Storm