Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4181 8.8 重要
Network 		AGiXT AGiXT AGiXTにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-39981 2026-05-15 10:54 2026-04-9 Show GitHub Exploit DB Packet Storm
4182 7.5 重要
Network 		Succinct SP1 SuccinctのSP1における複数の脆弱性 CWE-345
CWE-354
CVE-2026-40323 2026-05-15 10:54 2026-04-18 Show GitHub Exploit DB Packet Storm
4183 8.8 重要
Network 		Electric Sync-service ElectricのSync-serviceにおけるSQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2026-40906 2026-05-15 10:54 2026-04-21 Show GitHub Exploit DB Packet Storm
4184 6.5 警告
Network 		Apache Software Foundation Apache-airflow-providers-elasticsearch Apache Software FoundationのApache-airflow-providers-elasticsearchにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-41018 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
4185 6.5 警告
Network 		BETTER-AUTH. Better Auth OAuth Provider BETTER-AUTH.のBetter Auth OAuth Providerにおける不正な認証に関する脆弱性 CWE-863
不正な認証 		CVE-2026-41427 2026-05-15 10:54 2026-04-24 Show GitHub Exploit DB Packet Storm
4186 8.6 重要
Network 		Inngest Inngest Inngestにおける複数の脆弱性 CWE-200
CWE-497
CVE-2026-42047 2026-05-15 10:54 2026-05-7 Show GitHub Exploit DB Packet Storm
4187 8.5 重要
Network 		Open edX Open edx Enterprise Service Open edXのOpen edx Enterprise Serviceにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-42860 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
4188 6.5 警告
Network 		Apache Software Foundation Apache-airflow-providers-opensearch Apache Software FoundationのApache-airflow-providers-opensearchにおけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2026-43826 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
4189 6.8 警告
Network 		Bpple (bx33661) Wireshark MCP Bpple (bx33661)のWireshark MCPにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-43901 2026-05-15 10:54 2026-05-11 Show GitHub Exploit DB Packet Storm
4190 7.2 重要
Network 		アルバネットワークス株式会社 SD-WAN
ArubaOS 		アルバネットワークス株式会社のArubaOS等の複数製品におけるコマンドインジェクションの脆弱性 CWE-77
コマンドインジェクション 		CVE-2026-44872 2026-05-15 10:54 2026-05-12 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
312941 - php4scripte gastebuch Directory traversal vulnerability in gastbuch.php in Gästebuch (Gastebuch) 1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the start parameter. CWE-22
Path Traversal 		CVE-2009-5093 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312942 - microsoft fast_esp Cross-site scripting (XSS) vulnerability in the management interface in Microsoft FAST ESP 5.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2009-5092 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312943 - vlinks vlinks SQL injection vulnerability in page.php in Vlinks 1.0.3 and 1.1.6 allows remote attackers to execute arbitrary SQL commands via the id parameter. CWE-89
SQL Injection 		CVE-2009-5091 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312944 - daman371 bloggeruniverse SQL injection vulnerability in editcomments.php in Bloggeruniverse Beta 2, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter and possib… CWE-89
SQL Injection 		CVE-2009-5090 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312945 - ideacart ideacart Directory traversal vulnerability in index.php in IdeaCart 0.02 and 0.02a allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. CWE-22
Path Traversal 		CVE-2009-5089 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312946 - ideacart ideacart SQL injection vulnerability in secure/index.php in IdeaCart 0.02 allows remote attackers to execute arbitrary SQL commands via the cID parameter. CWE-89
SQL Injection 		CVE-2009-5088 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312947 - geovision digital_surveillance_system Directory traversal vulnerability in geohttpserver in Geovision Digital Video Surveillance System 8.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a GET request. CWE-22
Path Traversal 		CVE-2009-5087 2024-11-21 10:11 2011-09-12 Show GitHub Exploit DB Packet Storm
312948 - juniper idp Cross-site scripting (XSS) vulnerability in Appliance Configuration Manager (ACM) in Juniper IDP 4.1 before 4.1r3 and 4.2 before 4.2r1 allows remote attackers to inject arbitrary web script or HTML v… CWE-79
Cross-site Scripting 		CVE-2009-5086 2024-11-21 10:11 2011-09-3 Show GitHub Exploit DB Packet Storm
312949 - libpng libpng Memory leak in the embedded_profile_len function in pngwutil.c in libpng before 1.2.39beta5 allows context-dependent attackers to cause a denial of service (memory leak or segmentation fault) via a J… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2009-5063 2024-11-21 10:11 2011-09-1 Show GitHub Exploit DB Packet Storm
312950 - ibm tivoli_federated_identity_manager IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID provider, does not delete the site information cookie in response to a user's deletion of a relying-par… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2009-5085 2024-11-21 10:11 2011-08-13 Show GitHub Exploit DB Packet Storm