Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 15, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4411	9.6	緊急 Network	Electerm project	Electerm	Electerm projectのElectermにおける複数の脆弱性	CWE-20 CWE-829 CWE-94	CVE-2026-43944	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4412	4.9	警告 Network	Kimai project	kimai	Kimai projectのKimaiにおけるパストラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2026-44298	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4413	7.8	重要 Local	LibreOffice プロジェクト	LibreOffice	LibreOffice プロジェクトのLibreOfficeにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2026-4430	2026-05-11 11:04	2026-05-7	Show	GitHub Exploit DB Packet Storm

4414	8.4	重要 Local	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-44334	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4415	9.8	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-44335	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4416	9.6	緊急 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-22 CWE-829 CWE-913 CWE-94	CVE-2026-44336	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4417	6.3	警告 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-20 CWE-89	CVE-2026-44337	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4418	7.3	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-1188 CWE-306 CWE-668	CVE-2026-44338	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4419	8.6	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAI等の複数製品におけるクラスまたはコードを選択する外部から制御された入力の使用に関する脆弱性	CWE-470 クラスまたはコードを選択する外部から制御された入力の使用	CVE-2026-44339	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

4420	7.5	重要 Network	Mervin Praison (MervinPraison)	PraisonAI	Mervin Praison (MervinPraison)のPraisonAIにおける複数の脆弱性	CWE-22 CWE-59	CVE-2026-44340	2026-05-11 11:04	2026-05-8	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 15, 2026, 4:10 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
347081	-	wikyblog	wikyblog	Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions by setting the jsessionid parameter to (1) index.php/Comment/Main, (2) index.php/Comment/Main/Home_…	CWE-287 Improper Authentication	CVE-2010-0756	2017-08-17 10:32	2010-02-27	Show	GitHub Exploit DB Packet Storm

347082	-	wikyblog	wikyblog	Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension using the …	NVD-CWE-Other	CVE-2010-0757	2017-08-17 10:32	2010-02-27	Show	GitHub Exploit DB Packet Storm

347083	-	wikyblog	wikyblog	Per: http://cwe.mitre.org/data/definitions/434.html CWE-434: Unrestricted Upload of File with Dangerous Type	NVD-CWE-Other	CVE-2010-0757	2017-08-17 10:32	2010-02-27	Show	GitHub Exploit DB Packet Storm

347084	-	softbizscripts	softbiz_jobs_and_recruitment_script	SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbitrary SQL commands via the id parameter.	CWE-89 SQL Injection	CVE-2010-0758	2017-08-17 10:32	2010-02-27	Show	GitHub Exploit DB Packet Storm

347085	-	greatjoomla	scriptegrator_plugin	Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and …	CWE-22 Path Traversal	CVE-2010-0759	2017-08-17 10:32	2010-02-27	Show	GitHub Exploit DB Packet Storm

347086	-	kuwaitphp	esmile	SQL injection vulnerability in index.php in KuwaitPHP eSmile allows remote attackers to execute arbitrary SQL commands via the cid parameter in a show action.	CWE-89 SQL Injection	CVE-2010-0764	2017-08-17 10:32	2010-03-3	Show	GitHub Exploit DB Packet Storm

347087	-	fipsasp	fipsforum	fipsForum 2.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for _database/forumFips.mdb.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-0765	2017-08-17 10:32	2010-03-3	Show	GitHub Exploit DB Packet Storm

347088	-	ibm	websphere_application_server	Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote attacke…	CWE-79 Cross-site Scripting	CVE-2010-0768	2017-08-17 10:32	2010-04-2	Show	GitHub Exploit DB Packet Storm

347089	-	ibm	websphere_application_server	IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 does not properly define wsadmin scripting J2CConnectionFactory objects, which allows local use…	CWE-255 Credentials Management	CVE-2010-0769	2017-08-17 10:32	2010-04-2	Show	GitHub Exploit DB Packet Storm

347090	-	ibm	websphere_application_server	IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by abo…	CWE-399 Resource Management Errors	CVE-2010-0770	2017-08-17 10:32	2010-04-2	Show	GitHub Exploit DB Packet Storm