Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 28, 2026, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
3391 5.4 警告
Network 		Apache Software Foundation Apache Shiro Apache Software FoundationのApache Shiroにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-48589 2026-06-3 15:39 2026-05-25 Show GitHub Exploit DB Packet Storm
3392 9.8 緊急
Network 		DAEMON Tools DAEMON Tools Disc Soft LtdのDAEMON Toolsにおける埋め込まれた悪意のあるコードに関する脆弱性 CWE-506
埋め込まれた悪意のあるコード 		CVE-2026-8398 2026-06-3 15:38 2026-05-15 Show GitHub Exploit DB Packet Storm
3393 5.4 警告
Network 		Synology Inc. Contacts Synology Inc.のContactsにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-13167 2026-06-3 15:38 2026-05-27 Show GitHub Exploit DB Packet Storm
3394 5.5 警告
Local 		Libusb Libusb Libusbにおける境界外読み取りに関する脆弱性 CWE-125
境界外読み取り 		CVE-2026-23679 2026-06-3 15:38 2026-05-27 Show GitHub Exploit DB Packet Storm
3395 7.8 重要
Local 		MediaArea.net SARL MediaInfoLib MediaArea.net SARLのMediaInfoLibにおける整数アンダーフローの脆弱性 CWE-191
整数アンダーフロー 		CVE-2026-25104 2026-06-3 15:38 2026-05-26 Show GitHub Exploit DB Packet Storm
3396 7.8 重要
Local 		MediaArea.net SARL MediaInfoLib MediaArea.net SARLのMediaInfoLibにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-122
ヒープオーバーフロー 		CVE-2026-25713 2026-06-3 15:38 2026-05-26 Show GitHub Exploit DB Packet Storm
3397 5.3 警告
Network 		Espen Hovlandsdal (rexxars) eventsource-encoder Espen Hovlandsdal (rexxars)のeventsource-encoderにおける複数の脆弱性 CWE-113
CWE-93
CVE-2026-44214 2026-06-3 15:38 2026-05-26 Show GitHub Exploit DB Packet Storm
3398 6.1 警告
Network 		Nitro Nitro Nitroにおけるオープンリダイレクトの脆弱性 CWE-601
オープンリダイレクト 		CVE-2026-44372 2026-06-3 15:38 2026-05-13 Show GitHub Exploit DB Packet Storm
3399 5.3 警告
Network 		Nitro Nitro Nitroにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-44373 2026-06-3 15:38 2026-05-13 Show GitHub Exploit DB Packet Storm
3400 7.5 重要
Network 		Lookyloo Playwright Capture LookylooのPlaywright Captureにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-44439 2026-06-3 15:38 2026-05-13 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345061 - vscripts.pl qlnews Multiple cross-site scripting (XSS) vulnerabilities in news.php in QLnews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorx and (2) newsx parameters. NVD-CWE-Other
CVE-2006-1575 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345062 - vscripts.pl qlnews Direct static code injection vulnerability in QLnews 1.2 allows remote authenticated administrators to execute arbitrary PHP code by modifying config.php. NVD-CWE-Other
CVE-2006-1576 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345063 - dbbs dbbs SQL injection vulnerability in topics.php in Dynamic Bulletin Board System (DbbS) 2.0-alpha and earlier allows remote attackers to execute arbitrary SQL commands via the limite parameter. NVD-CWE-Other
CVE-2006-1579 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345064 - juliusz_julas_gonera warcraft_iii_replay_parser_php Cross-site scripting (XSS) vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter. NOTE: post-dis… NVD-CWE-Other
CVE-2006-1583 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345065 - juliusz_julas_gonera warcraft_iii_replay_parser_php Unspecified vulnerability in index.php in Warcraft III Replay Parser for PHP 1.8c allows remote attackers to inject arbitrary web script or HTML via the page parameter, possibly related to fopen func… NVD-CWE-Other
CVE-2006-1584 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345066 - internet_solutions_professionals site_man SQL injection vulnerability in admin_login.asp in ISP of Egypt SiteMan allows remote attackers to execute arbitrary SQL commands via the pass parameter. NVD-CWE-Other
CVE-2006-1586 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345067 - x-doom
zdaemon 		x-doom
zdaemon 		Buffer overflow in the is_client_wad_ok function in w_wad.cpp for (1) Zdaemon 1.08.01 and (2) X-Doom allows remote attackers to execute arbitrary code via a long filename argument. NVD-CWE-Other
CVE-2006-1592 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345068 - x-doom
zdaemon 		x-doom
zdaemon 		The (1) ZD_MissingPlayer, (2) ZD_UseItem, and (3) ZD_LoadNewClientLevel functions in sv_main.cpp for (a) Zdaemon 1.08.01 and (b) X-Doom allows remote attackers to cause a denial of service (crash) vi… CWE-399
 Resource Management Errors 		CVE-2006-1593 2018-10-19 01:33 2006-04-3 Show GitHub Exploit DB Packet Storm
345069 - an an-httpd AN HTTPD 1.42n, and possibly other versions before 1.42p, allows remote attackers to obtain source code of scripts via crafted requests with (1) dot and (2) space characters in the file extension. NVD-CWE-Other
CVE-2006-1598 2018-10-19 01:33 2006-04-4 Show GitHub Exploit DB Packet Storm
345070 - phpwebgallery phpwebgallery SQL injection vulnerability in category.php in PhpWebGallery 1.4.1 allows remote attackers to execute arbitrary SQL commands via the search parameter. NVD-CWE-Other
CVE-2006-1600 2018-10-19 01:33 2006-04-4 Show GitHub Exploit DB Packet Storm