Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 29, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
3901	7.5	重要 Network	Joomla!	Joomla!	Joomla!における認証に関する脆弱性	CWE-287 CWE-noinfo	CVE-2026-48896	2026-06-3 15:34	2026-05-26	Show	GitHub Exploit DB Packet Storm

3902	7.5	重要 Network	Joomla!	Joomla!	Joomla!における認証に関する脆弱性	CWE-287 不適切な認証	CVE-2026-48897	2026-06-3 15:34	2026-05-26	Show	GitHub Exploit DB Packet Storm

3903	7.5	重要 Network	Joomla!	Joomla!	Joomla!における重要な情報を含むキャッシュの使用に関する脆弱性	CWE-524 重要な情報を含むキャッシュの使用	CVE-2026-48901	2026-06-3 15:34	2026-05-26	Show	GitHub Exploit DB Packet Storm

3904	9.8	緊急 Network	Joomla!	Joomla!	Joomla!における不特定の脆弱性	CWE-noinfo 情報不足	CVE-2026-48902	2026-06-3 15:34	2026-05-26	Show	GitHub Exploit DB Packet Storm

3905	6.6	警告 Network	Jenkins プロジェクト	Active Directory	JenkinsのActive Directoryにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-48918	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

3906	6.6	警告 Network	Jenkins プロジェクト	Active Directory	JenkinsのActive Directoryにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-48919	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

3907	8.8	重要 Network	Jenkins プロジェクト	Email Extension Plugin	JenkinsのEmail Extension Pluginにおけるファイル名やパス名の外部制御に関する脆弱性	CWE-73 ファイル名やパス名の外部制御	CVE-2026-48920	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

3908	7.5	重要 Network	Jenkins プロジェクト	Credentials Binding	JenkinsのCredentials Bindingにおける入力確認に関する脆弱性	CWE-20 不適切な入力確認	CVE-2026-48922	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

3909	4.3	警告 Network	Jenkins プロジェクト	AppSpider	JenkinsのAppSpiderにおける権限管理に関する脆弱性	CWE-269 不適切な権限管理	CVE-2026-48923	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

3910	4.3	警告 Network	Jenkins プロジェクト	Bitbucket OAuth	JenkinsのBitbucket OAuthにおけるオープンリダイレクトの脆弱性	CWE-601 オープンリダイレクト	CVE-2026-48924	2026-06-3 15:34	2026-05-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 29, 2026, 4:19 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
345561	-	siteframe	siteframe_beaumont	Cross-site scripting (XSS) vulnerability in page.php in in Siteframe Beaumont, possibly 5.0.2 or 5.0.1a, allows remote attackers to inject arbitrary web script or HTML via the comment_text parameter …	NVD-CWE-Other	CVE-2006-0783	2018-10-19 01:29	2006-02-19	Show	GitHub Exploit DB Packet Storm

345562	-	d-link	dwl-g700ap	D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, pos…	NVD-CWE-Other	CVE-2006-0784	2018-10-19 01:29	2006-02-19	Show	GitHub Exploit DB Packet Storm

345563	-	phpkit	phpkit	Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier allows remote attackers to include and execute arbitrary local files via a direct request with a path parame…	NVD-CWE-Other	CVE-2006-0785	2018-10-19 01:29	2006-02-19	Show	GitHub Exploit DB Packet Storm

345564	-	phpkit	phpkit	Incomplete blacklist vulnerability in include.php in PHPKIT 1.6.1 Release 2 and earlier, with allow_url_fopen enabled, allows remote attackers to conduct PHP remote file include attacks via a path pa…	NVD-CWE-Other	CVE-2006-0786	2018-10-19 01:29	2006-02-19	Show	GitHub Exploit DB Packet Storm

345565	-	dreamcost	hostadmin	PHP remote file inclusion vulnerability in index.php in DreamCost HostAdmin allows remote attackers to include arbitrary files via the $path variable, which is not initialized before use.	NVD-CWE-Other	CVE-2006-0791	2018-10-19 01:29	2006-02-20	Show	GitHub Exploit DB Packet Storm

345566	-	thomastsoi	quirex	Absolute path traversal vulnerability in convert.cgi in Quirex 2.0.2 and earlier allows remote attackers to read arbitrary files, and possibly execute arbitrary code, via the (1) quiz_head, (2) quiz_…	CWE-22 Path Traversal	CVE-2006-0795	2018-10-19 01:29	2006-02-20	Show	GitHub Exploit DB Packet Storm

345567	-	francisco_burzi	php-nuke	The CAPTCHA functionality in php-Nuke 6.0 through 7.9 uses fixed challenge/response pairs that only vary once per day based on the User Agent (HTTP_USER_AGENT), which allows remote attackers to bypas…	NVD-CWE-Other	CVE-2006-0805	2018-10-19 01:29	2006-02-21	Show	GitHub Exploit DB Packet Storm

345568	-	john_lim	adodb	Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page par…	CWE-79 Cross-site Scripting	CVE-2006-0806	2018-10-19 01:29	2006-02-21	Show	GitHub Exploit DB Packet Storm

345569	-	njstar	chinese_word_processor japanese_word_processor	Stack-based buffer overflow in NJStar Chinese and Japanese Word Processor 4.x and 5.x before 5.10 allows user-assisted attackers to execute arbitrary code via font names in NJStar (.njx) documents.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2006-0807	2018-10-19 01:29	2006-02-21	Show	GitHub Exploit DB Packet Storm

345570	-	visnetic	visnetic_antivirus_plug-in_for_mail_server	The VisNetic AntiVirus Plug-in (DKAVUpSch.exe) for Mail Server 4.6.0.4, 4.6.1.1, and possibly other versions before 4.6.1.2, does not drop privileges before executing other programs, which allows loc…	NVD-CWE-Other	CVE-2006-0812	2018-10-19 01:29	2006-02-24	Show	GitHub Exploit DB Packet Storm