Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 14, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
2811 7.2 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-269
CWE-862
CVE-2026-45395 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2812 7.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-45399 2026-05-20 13:26 2026-05-15 Show GitHub Exploit DB Packet Storm
2813 8.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45402 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2814 8.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-45665 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2815 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45666 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2816 6.5 警告
Network 		openwebui open webui openwebuiのopen webuiにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-45667 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2817 8 重要
Network 		openwebui open webui openwebuiのopen webuiにおけるユーザ制御の鍵による認証回避に関する脆弱性 CWE-639
ユーザ制御の鍵による認証回避 		CVE-2026-45671 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2818 8.1 重要
Network 		openwebui open webui openwebuiのopen webuiにおける複数の脆弱性 CWE-269
CWE-362
CVE-2026-45675 2026-05-20 13:25 2026-05-15 Show GitHub Exploit DB Packet Storm
2819 7.5 重要
Network 		Fleet Device Management fleet Fleet Device Managementのfleetにおけるスプーフィングによる認証回避に関する脆弱性 CWE-290
スプーフィングによる認証回避 		CVE-2026-46356 2026-05-20 13:25 2026-05-14 Show GitHub Exploit DB Packet Storm
2820 6.5 警告
Network 		Mattermost, Inc. Mattermost Server Mattermost, Inc.のMattermost Serverにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-5163 2026-05-20 13:25 2026-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 14, 2026, 4:12 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311831 - s2sys
linearcorp
sonitrol 		netbox
emerge_50
emerge_5000
eaccess 		The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for con… CWE-310
Cryptographic Issues 		CVE-2010-2468 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311832 - s2sys
linearcorp
sonitrol 		netbox
emerge_50
emerge_5000
eaccess 		The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, w… CWE-255
Credentials Management 		CVE-2010-2467 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311833 - s2sys
linearcorp
sonitrol 		netbox
emerge_50
emerge_5000
eaccess 		The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attacke… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2466 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311834 - s2sys
linearcorp
sonitrol 		netbox
emerge_50
emerge_5000
eaccess 		The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which al… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2465 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311835 - rsjoomla com_rscomments Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) webs… CWE-79
Cross-site Scripting 		CVE-2010-2464 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311836 - jamroom jamroom Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action. CWE-79
Cross-site Scripting 		CVE-2010-2463 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311837 - tomacero orohyip SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action. CWE-89
SQL Injection 		CVE-2010-2462 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311838 - jce-tech overstock_script SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter. CWE-89
SQL Injection 		CVE-2010-2461 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311839 - jce-tech shareasale_script SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter. CWE-89
SQL Injection 		CVE-2010-2460 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311840 - 2daybiz video_community_portal_script SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter. CWE-89
SQL Injection 		CVE-2010-2459 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm