Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3091 6.8 警告
Adjacent 		エレコム株式会社 WRC-2533GST2 ファームウェア
WRC-X3000GST2-B
WRC-X1800GS-B
WRC-X6000QSA-G
WRC-2533GS2V-B
WMC-X1800GST-B
WRC-G01-W
WRC-XE5400GS-G
WRC-X1800GSA-B
WRC-X1800GSH-B
WRC-X6000XST-… 		エレコム製無線LANルーターにおける複数の脆弱性 CWE-352
CWE-78
CWE-Other
CVE-2024-34021
CVE-2024-39607
CVE-2024-40883 		2026-05-12 14:51 2024-07-30 Show GitHub Exploit DB Packet Storm
3092 - - ollama ollama Ollamaにおける境界外の読み取りおよび書き込みの脆弱性 - - 2026-05-12 12:34 2026-05-11 Show GitHub Exploit DB Packet Storm
3093 4.9 警告
Network 		キヤノン (複数の製品) キヤノン製プロダクションプリンター、オフィス/スモールオフィス向け複合機における機微な情報を取得可能な脆弱性 CWE-807
セキュリティ決定の信頼できない入力への依存 		CVE-2026-1789 2026-05-12 12:34 2026-05-11 Show GitHub Exploit DB Packet Storm
3094 - - - サーバ製品におけるインテル社公表脆弱性(INTEL-SA-01397他)による影響について - CVE-2025-22885
CVE-2025-27560
CVE-2025-27572
CVE-2025-27940
CVE-2025-30513
CVE-2025-31648
CVE-2025-31944
CVE-2025-32007
CVE-2025-32467 		2026-05-12 11:50 2026-03-27 Show GitHub Exploit DB Packet Storm
3095 - - - サーバ製品におけるBIOSの脆弱性(CVE-2026-22796)による影響について - CVE-2026-22796 2026-05-12 11:38 2026-04-24 Show GitHub Exploit DB Packet Storm
3096 5.3 警告
Local 		Prusa3D PrusaSlicer Prusa3DのPrusaSlicerにおけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2023-47268 2026-05-12 10:21 2026-05-8 Show GitHub Exploit DB Packet Storm
3097 7.2 重要
Network 		HCL Technologies Limited HCL BigFix Service Management (SM) HCL Technologies LimitedのHCL BigFix Service Management (SM)におけるリソースの安全ではないデフォルト値への初期化に関する脆弱性 CWE-1188
リソースの安全ではないデフォルト値への初期化 		CVE-2025-31974 2026-05-12 10:21 2026-05-6 Show GitHub Exploit DB Packet Storm
3098 6.1 警告
Network 		Project Jupyter Jupyter Server Project JupyterのJupyter Serverにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2025-61669 2026-05-12 10:21 2026-05-5 Show GitHub Exploit DB Packet Storm
3099 8.1 重要
Network 		Apache Software Foundation CloudStack Apache Software FoundationのCloudStackにおける不完全なクリーンアップに関する脆弱性 CWE-459
不完全なクリーンアップ 		CVE-2025-66467 2026-05-12 10:21 2026-05-8 Show GitHub Exploit DB Packet Storm
3100 7.5 重要
Network 		Google Android GoogleのAndroidにおける不特定の脆弱性 CWE-noinfo
情報不足 		CVE-2025-71253 2026-05-12 10:21 2026-05-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345931 - ecomstudio php_easy_shopping_cart Cross-site scripting (XSS) vulnerability in subitems.php in PHP Easy Shopping Cart 3.1R allows remote attackers to inject arbitrary web script or HTML via the name parameter. CWE-79
Cross-site Scripting 		CVE-2009-4856 2017-08-17 10:31 2010-05-11 Show GitHub Exploit DB Packet Storm
345932 - ecomstudio php_photo_vote1.3f Cross-site scripting (XSS) vulnerability in login.php in PHP Photo Vote 1.3F allows remote attackers to inject arbitrary web script or HTML via the page parameter. CWE-79
Cross-site Scripting 		CVE-2009-4857 2017-08-17 10:31 2010-05-11 Show GitHub Exploit DB Packet Storm
345933 - i-escorts i-escorts_agency_script
i-escorts_directory_script 		Multiple cross-site scripting (XSS) vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script allow remote attackers to inject arbitrary web script or HTML via the (1) sea… CWE-79
Cross-site Scripting 		CVE-2009-4864 2017-08-17 10:31 2010-05-11 Show GitHub Exploit DB Packet Storm
345934 - i-escorts i-escorts_agency_script
i-escorts_directory_script 		Multiple SQL injection vulnerabilities in escorts_search.php in I-Escorts Directory Script and Agency Script, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL comman… CWE-89
SQL Injection 		CVE-2009-4865 2017-08-17 10:31 2010-05-11 Show GitHub Exploit DB Packet Storm
345935 - matt_wright simple_search Cross-site scripting (XSS) vulnerability in search.cgi in Matt's Script Archive (MSA) Simple Search 1.0 allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: … CWE-79
Cross-site Scripting 		CVE-2009-4866 2017-08-17 10:31 2010-05-11 Show GitHub Exploit DB Packet Storm
345936 - frederico_caldeira_knabben fckeditor.java FCKeditor.Java 2.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed request parameter that contains "ctrl" characters. CWE-399
 Resource Management Errors 		CVE-2009-4875 2017-08-17 10:31 2010-05-27 Show GitHub Exploit DB Packet Storm
345937 - plainblack webgui Multiple cross-site request forgery (CSRF) vulnerabilities in WebGUI before 7.7.14 allow remote attackers to hijack the authentication of users for unspecified requests via unknown vectors. CWE-352
 Origin Validation Error 		CVE-2009-4877 2017-08-17 10:31 2010-05-27 Show GitHub Exploit DB Packet Storm
345938 - novell access_manager Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. NVD-CWE-noinfo
CVE-2009-4878 2017-08-17 10:31 2010-05-27 Show GitHub Exploit DB Packet Storm
345939 - nskate phortail Cross-site scripting (XSS) vulnerability in poster.php in PHortail 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) ti, and (4) txt parameters. CWE-79
Cross-site Scripting 		CVE-2009-4888 2017-08-17 10:31 2010-06-11 Show GitHub Exploit DB Packet Storm
345940 - jbmc-software directadmin CMD_DB in JBMC Software DirectAdmin before 1.334 allows remote authenticated users to gain privileges via shell metacharacters in the name parameter during a restore action. CWE-20
 Improper Input Validation  		CVE-2009-1525 2017-08-17 10:30 2009-05-6 Show GitHub Exploit DB Packet Storm