Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
260911 7.8 危険 アップル - Apple Mac OS X の Mail における重要な情報を取得される脆弱性 CWE-310
暗号の問題 		CVE-2010-0525 2010-04-15 18:36 2010-03-29 Show GitHub Exploit DB Packet Storm
260912 4 警告 アップル
サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL の mysqld におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2009-4019 2010-04-15 18:16 2009-11-30 Show GitHub Exploit DB Packet Storm
260913 6.8 警告 The PHP Group
アップル		 - PHP の posix_mkfifo 関数における open_basedir の制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2009-3558 2010-04-15 18:16 2009-11-23 Show GitHub Exploit DB Packet Storm
260914 4.4 警告 アップル
サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL における権限チェックを回避される脆弱性 CWE-59
リンク解釈の問題 		CVE-2009-4030 2010-04-15 18:16 2009-11-5 Show GitHub Exploit DB Packet Storm
260915 2.6 注意 アップル
サイバートラスト株式会社
MySQL AB
レッドハット		 - MySQL のコマンドラインクライアントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-4456 2010-04-15 18:15 2008-10-6 Show GitHub Exploit DB Packet Storm
260916 10 危険 アップル - Apple Mac OS X の Mail における脆弱性 CWE-noinfo
情報不足 		CVE-2010-0508 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
260917 6.8 警告 アップル - Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0507 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
260918 6.8 警告 アップル - Apple Mac OS X の画像 RAW におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0506 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
260919 6.8 警告 アップル - Apple Mac OS X の ImageIO における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2010-0505 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
260920 7.5 危険 アップル - Apple Mac OS X の iChat サーバにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2010-0504 2010-04-14 17:11 2010-03-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1681 8.8 HIGH
Network 		- - The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2.11.4. This is due to a chain of three logic bugs: (… CWE-862
 Missing Authorization 		CVE-2026-7761 2026-06-25 22:26 2026-06-24 Show GitHub Exploit DB Packet Storm
1682 8.8 HIGH
Network 		- - The AdRotate Banner Manager plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 5.17.7 via the 'banner' attribute of the adrotate shortcode. This is due to … CWE-94
Code Injection 		CVE-2026-12242 2026-06-25 22:26 2026-06-24 Show GitHub Exploit DB Packet Storm
1683 6.4 MEDIUM
Network 		- - The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'configurablePrefix' Block Attribute in all ver… CWE-79
Cross-site Scripting 		CVE-2026-10833 2026-06-25 22:26 2026-06-25 Show GitHub Exploit DB Packet Storm
1684 7.5 HIGH
Network 		- - The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up to, and including, 5.0.4 due to insufficient escaping… CWE-89
SQL Injection 		CVE-2026-12077 2026-06-25 22:26 2026-06-25 Show GitHub Exploit DB Packet Storm
1685 6.5 MEDIUM
Network 		- - The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staff_id’ parameter in all versions up to, and including, 2.7.1 due to insufficient escaping on the u… CWE-89
SQL Injection 		CVE-2026-2508 2026-06-25 22:26 2026-06-25 Show GitHub Exploit DB Packet Storm
1686 6.5 MEDIUM
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, a cross-tenant authorization flaw in Daytona's notification WebSocket gat… CWE-639
CWE-863
 Authorization Bypass Through User-Controlled Key
 Incorrect Authorization 		CVE-2026-54324 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1687 7.0 HIGH
Network 		- - Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. From 0.101.0 until 0.184.0, sandbox previews that were switched from public to private coul… CWE-613
CWE-863
 Insufficient Session Expiration
 Incorrect Authorization 		CVE-2026-54321 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1688 4.2 MEDIUM
Network 		- - Caddy is an extensible server platform that uses TLS by default. Prior to 2.11.4, Caddy’s stripHTML template function cannot reliably remove all HTML tags from input strings. Certain malformed HTML, … CWE-116
 Improper Encoding or Escaping of Output 		CVE-2026-52846 2026-06-25 22:16 2026-06-24 Show GitHub Exploit DB Packet Storm
1689 - - - In the Linux kernel, the following vulnerability has been resolved: net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS A logic flaw in __smc_setsockopt() allows a local unprivil… - CVE-2026-53274 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1690 - - - In the Linux kernel, the following vulnerability has been resolved: erofs: fix use-after-free on sbi->sync_decompress z_erofs_decompress_kickoff() can race with filesystem unmount, causing a use-af… - CVE-2026-53272 2026-06-25 18:16 2026-06-25 Show GitHub Exploit DB Packet Storm