Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3201	7.8	重要 Local	サムスン	android	サムスンのAndroidにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-21031	2026-06-8 12:32	2026-06-5	Show	GitHub Exploit DB Packet Storm

3202	9.9	緊急 Network	Veeam	Veeam Backup & Replication	VeeamのVeeam Backup & ReplicationにおけるSQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2026-21708	2026-06-8 12:32	2026-03-12	Show	GitHub Exploit DB Packet Storm

3203	7.5	重要 Network	VMware	Spring Cloud Gateway	VMwareのSpring Cloud Gatewayにおけるシステム構成または設定の外部制御に関する脆弱性	CWE-15 システム構成または設定の外部制御	CVE-2026-22750	2026-06-8 12:32	2026-04-10	Show	GitHub Exploit DB Packet Storm

3204	8.1	重要 Network	Zabbix	Zabbix	Zabbixにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-23925	2026-06-8 12:32	2026-03-6	Show	GitHub Exploit DB Packet Storm

3205	5.3	警告 Network	OpenStack	Openstack Keystone	OpenStackのOpenstack Keystoneにおける不正な認証に関する脆弱性	CWE-863 不正な認証	CVE-2026-33551	2026-06-8 12:32	2026-04-10	Show	GitHub Exploit DB Packet Storm

3206	6.5	警告 Network	Mattermost, Inc.	Mattermost Desktop	Mattermost, Inc.のMattermost Desktopにおけるカスタム URL スキームのハンドラの不適切な認可に関する脆弱性	CWE-939 カスタム URL スキームのハンドラの不適切な認可	CVE-2026-3471	2026-06-8 12:32	2026-05-18	Show	GitHub Exploit DB Packet Storm

3207	7.3	重要 Local	AIOHTTP	AIOHTTP	AIOHTTPにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-34993	2026-06-8 12:31	2026-06-2	Show	GitHub Exploit DB Packet Storm

3208	3.1	低 Network	Django Software Foundation	Django	Django Software FoundationのDjangoにおける重要な情報を含むキャッシュの使用に関する脆弱性	CWE-524 重要な情報を含むキャッシュの使用	CVE-2026-35193	2026-06-8 12:31	2026-06-3	Show	GitHub Exploit DB Packet Storm

3209	6.1	警告 Network	citeum	opencti	citeumのopenctiにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2026-35212	2026-06-8 12:31	2026-06-2	Show	GitHub Exploit DB Packet Storm

3210	8.2	重要 Network	Mosaic5G	Flexric	Mosaic5GのFlexricにおけるリソースの枯渇に関する脆弱性	CWE-400 リソースの枯渇	CVE-2026-37234	2026-06-8 12:31	2026-06-1	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 30, 2026, 4:22 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
344711	-	id_software	quake_3_engine	Stack-based buffer overflow in the CL_ParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svc_download co…	NVD-CWE-Other	CVE-2006-2875	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344712	-	sangwan_kim	bookmark4u	PHP remote file inclusion vulnerability in Bookmark4U 2.0.0 and earlier allows remote attackers to include arbitrary PHP files via the include_prefix parameter in (1) inc/dbase.php, (2) inc/config.ph…	NVD-CWE-Other	CVE-2006-2877	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344713	-	andreas_gohr	dokuwiki	The spellchecker (spellcheck.php) in DokuWiki 2006/06/04 and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" that is inserted into a regular expres…	NVD-CWE-Other	CVE-2006-2878	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344714	-	dreamcost	dreamaccount	Multiple PHP remote file inclusion vulnerabilities in DreamAccount 3.1 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the da_path par…	NVD-CWE-Other	CVE-2006-2881	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344715	-	aspscriptz	aspscriptz_guest_book	Multiple cross-site scripting (XSS) vulnerabilities submit.asp in ASPScriptz Guest Book 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) GBOOK_UNAME, (2) GBOO…	NVD-CWE-Other	CVE-2006-2882	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344716	-	kke_info_media	kmita_faq	Cross-site scripting (XSS) vulnerability in search.php in Kmita FAQ 1.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter.	NVD-CWE-Other	CVE-2006-2883	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344717	-	kke_info_media	kmita_faq	SQL injection vulnerability in index.php in Kmita FAQ 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter.	NVD-CWE-Other	CVE-2006-2884	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344718	-	aspburst	mynewsletter	Multiple SQL injection vulnerabilities in myNewsletter 1.1.2 and earlier allow remote attackers to execute arbitrary SQL commands via the UserName parameter in (1) validatelogin.asp or (2) adminlogin…	NVD-CWE-Other	CVE-2006-2887	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344719	-	pixelpost	pixelpost	Multiple SQL injection vulnerabilities in index.php in Pixelpost 1-5rc1-2 and earlier allow remote attackers to execute arbitrary SQL commands, and leverage them to gain administrator privileges, via…	NVD-CWE-Other	CVE-2006-2889	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm

344720	-	pixelpost	pixelpost	Pixelpost 1-5rc1-2 and earlier, when register_globals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the _SESSION["pixelpost_admin"] paramet…	NVD-CWE-Other	CVE-2006-2890	2018-10-19 01:43	2006-06-7	Show	GitHub Exploit DB Packet Storm