Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
4281 6.1 警告
Network 		HCL Technologies Limited DFX Analytics HCL Technologies LimitedのDFX Analyticsにおける複数の脆弱性 CWE-79
CWE-80
CVE-2025-59854 2026-05-11 11:03 2026-05-6 Show GitHub Exploit DB Packet Storm
4282 9.4 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおけるパスワード管理機能に関する脆弱性 CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み 		CVE-2025-69614 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
4283 9.1 緊急
Network 		Deutsche Telekom AG Telekom Account Management Portal Deutsche Telekom AGのTelekom Account Management Portalにおける過度な認証試行の不適切な制限に関する脆弱性 CWE-307
過度な認証試行の不適切な制限 		CVE-2025-69615 2026-05-11 11:03 2026-03-10 Show GitHub Exploit DB Packet Storm
4284 6.1 警告
Network 		generatedata generatedata generatedataにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2025-70025 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
4285 7.5 重要
Network 		pdfmake project pdfmake pdfmakeにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26801 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
4286 7.8 重要
Local 		Luis Novo (lfnovo) Open Notebook Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性 CWE-20
CWE-352
CWE-917
CWE-noinfo
CVE-2026-28201 2026-05-11 11:02 2026-05-7 Show GitHub Exploit DB Packet Storm
4287 9.8 緊急
Network 		Xiaomi MIUI File Explorer XiaomiのMIUI File Explorerにおける複数の脆弱性 CWE-303
CWE-862
CVE-2026-29515 2026-05-11 11:02 2026-03-11 Show GitHub Exploit DB Packet Storm
4288 6.1 警告
Network 		WorkflowFirst Software LLC Staff.Wiki WorkflowFirst Software LLCのStaff.Wikiにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-29969 2026-05-11 11:02 2026-03-26 Show GitHub Exploit DB Packet Storm
4289 5.4 警告
Network 		spomky-labs webauthn-lib
webauthn-symfony-bundle
webauthn framwork 		spomky-labsのwebauthn-lib等の複数製品における同一生成元ポリシー違反に関する脆弱性 CWE-346
同一生成元ポリシー違反 		CVE-2026-30964 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
4290 6.5 警告
Network 		appium Appium/support appiumのAppium/supportにおけるパストラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2026-30973 2026-05-11 11:02 2026-03-10 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
347071 - prettybook prettyformmail Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-1332 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347072 - prettybook prettyformmail Per: http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000007.html 'Solution [Do not use PrettyFormMail] As patches will not be provided, users are recommended to discontinue use of Pretty… CWE-79
Cross-site Scripting 		CVE-2010-1332 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347073 - almas compiere Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. Compiere J300_A02 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-1333 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347074 - miftahovn insky_cms Multiple PHP remote file inclusion vulnerabilities in Insky CMS 006-0111, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter to (1)… CWE-94
Code Injection 		CVE-2010-1335 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347075 - invohost invohost Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manu… CWE-89
SQL Injection 		CVE-2010-1336 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347076 - lussumo vanilla Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and possibly 0.9.2 and other versions, allow remote attackers to execute arbitrary PHP code via a URL … CWE-94
Code Injection 		CVE-2010-1337 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347077 - robertotto teamsite_hack_plugin SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in… CWE-89
SQL Injection 		CVE-2010-1338 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347078 - joomla-research com_jresearch Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet… CWE-22
Path Traversal 		CVE-2010-1340 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347079 - systemsoftware community_black_forum SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attackers to execute arbitrary SQL commands via the s_flaeche parameter. CWE-89
SQL Injection 		CVE-2010-1341 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm
347080 - bjsintay sitex SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbitrary SQL commands via the albumid parameter. CWE-89
SQL Injection 		CVE-2010-1343 2017-08-17 10:32 2010-04-10 Show GitHub Exploit DB Packet Storm