Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3051 5.5 警告
Local 		M2-Team NanaZip M2-TeamのNanaZipにおけるNULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2026-42442 2026-05-20 13:30 2026-05-12 Show GitHub Exploit DB Packet Storm
3052 5.5 警告
Local 		M2-Team NanaZip M2-TeamのNanaZipにおけるゼロ除算に関する脆弱性 CWE-369
ゼロ除算 		CVE-2026-42443 2026-05-20 13:30 2026-05-12 Show GitHub Exploit DB Packet Storm
3053 5.5 警告
Local 		M2-Team NanaZip M2-TeamのNanaZipにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-42444 2026-05-20 13:30 2026-05-12 Show GitHub Exploit DB Packet Storm
3054 4.3 警告
Network 		mintplexlabs anythingllm mintplexlabsのanythingllmにおける複数の脆弱性 CWE-200
CWE-639
CWE-639
CVE-2026-42456 2026-05-20 13:30 2026-05-8 Show GitHub Exploit DB Packet Storm
3055 6.1 警告
Network 		Gofiber Fiber GofiberのFiberにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42554 2026-05-20 13:29 2026-05-11 Show GitHub Exploit DB Packet Storm
3056 9 緊急
Network 		Gitroom Postiz GitroomのPostizにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-42556 2026-05-20 13:29 2026-05-8 Show GitHub Exploit DB Packet Storm
3057 7.5 重要
Network 		Netty Netty Nettyにおける有効なライフタイム後のリソースの解放の欠如に関する脆弱性 CWE-772
有効なライフタイム後のリソースの解放の欠如 		CVE-2026-42577 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
3058 7.5 重要
Network 		Netty Netty NettyにおけるHTTP レスポンス分割に関する脆弱性 CWE-113
HTTP レスポンスの分割 		CVE-2026-42578 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
3059 9.1 緊急
Network 		Netty Netty Nettyにおける複数の脆弱性 CWE-20
CWE-400
CWE-626
CVE-2026-42579 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
3060 6.5 警告
Network 		Netty Netty Nettyにおける複数の脆弱性 CWE-190
CWE-444
CVE-2026-42580 2026-05-20 13:29 2026-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311951 - jamroom jamroom Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action. CWE-79
Cross-site Scripting 		CVE-2010-2463 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311952 - tomacero orohyip SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to execute arbitrary SQL commands via the id parameter in a cancel action. CWE-89
SQL Injection 		CVE-2010-2462 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311953 - jce-tech overstock_script SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execute arbitrary SQL commands via the store parameter. CWE-89
SQL Injection 		CVE-2010-2461 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311954 - jce-tech shareasale_script SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allows remote attackers to execute arbitrary SQL commands via the mechant_id parameter. CWE-89
SQL Injection 		CVE-2010-2460 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311955 - 2daybiz video_community_portal_script SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter. CWE-89
SQL Injection 		CVE-2010-2459 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311956 - 2daybiz video_community_portal_script Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter. CWE-79
Cross-site Scripting 		CVE-2010-2458 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311957 - qsoft-inc k-search Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject arbitrary web script or HTML via the term parameter. CWE-79
Cross-site Scripting 		CVE-2010-2457 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311958 - codelib linker_img Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter… CWE-22
Path Traversal 		CVE-2010-2456 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311959 - opera opera_browser Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2455 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm
311960 - apple safari Apple Safari does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2454 2024-11-21 10:16 2010-06-26 Show GitHub Exploit DB Packet Storm