Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
4601	9.8	緊急 Network	HCL Technologies Limited	DFX Analytics	HCL Technologies LimitedのDFX Analyticsにおける不特定の脆弱性	CWE-noinfo 情報不足	CVE-2025-59851	2026-05-11 11:03	2026-05-6	Show	GitHub Exploit DB Packet Storm

4602	9.1	緊急 Network	HCL Technologies Limited	DFX Analytics	HCL Technologies LimitedのDFX Analyticsにおける重要な情報の平文での送信に関する脆弱性	CWE-319 重要な情報の平文での送信	CVE-2025-59852	2026-05-11 11:03	2026-05-6	Show	GitHub Exploit DB Packet Storm

4603	5.3	警告 Network	HCL Technologies Limited	DFX Analytics	HCL Technologies LimitedのDFX Analyticsにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2025-59853	2026-05-11 11:03	2026-05-6	Show	GitHub Exploit DB Packet Storm

4604	6.1	警告 Network	HCL Technologies Limited	DFX Analytics	HCL Technologies LimitedのDFX Analyticsにおける複数の脆弱性	CWE-79 CWE-80	CVE-2025-59854	2026-05-11 11:03	2026-05-6	Show	GitHub Exploit DB Packet Storm

4605	9.4	緊急 Network	Deutsche Telekom AG	Telekom Account Management Portal	Deutsche Telekom AGのTelekom Account Management Portalにおけるパスワード管理機能に関する脆弱性	CWE-640 パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み	CVE-2025-69614	2026-05-11 11:03	2026-03-10	Show	GitHub Exploit DB Packet Storm

4606	9.1	緊急 Network	Deutsche Telekom AG	Telekom Account Management Portal	Deutsche Telekom AGのTelekom Account Management Portalにおける過度な認証試行の不適切な制限に関する脆弱性	CWE-307 過度な認証試行の不適切な制限	CVE-2025-69615	2026-05-11 11:03	2026-03-10	Show	GitHub Exploit DB Packet Storm

4607	6.1	警告 Network	generatedata	generatedata	generatedataにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-70025	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

4608	7.5	重要 Network	pdfmake project	pdfmake	pdfmakeにおけるサーバサイドのリクエストフォージェリの脆弱性	CWE-918 サーバサイドリクエストフォージェリ	CVE-2026-26801	2026-05-11 11:02	2026-03-10	Show	GitHub Exploit DB Packet Storm

4609	7.8	重要 Local	Luis Novo (lfnovo)	Open Notebook	Luis Novo (lfnovo)のOpen Notebookにおける複数の脆弱性	CWE-20 CWE-352 CWE-917 CWE-noinfo	CVE-2026-28201	2026-05-11 11:02	2026-05-7	Show	GitHub Exploit DB Packet Storm

4610	9.8	緊急 Network	Xiaomi	MIUI File Explorer	XiaomiのMIUI File Explorerにおける複数の脆弱性	CWE-303 CWE-862	CVE-2026-29515	2026-05-11 11:02	2026-03-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
348501	-	intervations	filecopa	Buffer overflow in filecpnt.exe in FileCOPA 1.01 allows remote attackers to cause a denial of service (application crash) via a username with a large number of newline characters.	NVD-CWE-Other	CVE-2006-2254	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348502	-	creative_software	community_portal	Multiple SQL injection vulnerabilities in Creative Community Portal 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) article_id parameter to (a) ArticleView.php, (…	NVD-CWE-Other	CVE-2006-2255	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348503	-	faktorystudios	easyevent	Cross-site scripting (XSS) vulnerability in index.php in easyEvent 1.2 allows remote attackers to inject arbitrary web script or HTML via the curr_year parameter.	NVD-CWE-Other	CVE-2006-2257	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348504	-	maxxcode	maxxschedule	Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter.	NVD-CWE-Other	CVE-2006-2258	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348505	-	maxxcode	maxxschedule	SQL injection vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to execute arbitrary SQL commands via the txtLogon parameter.	CWE-89 SQL Injection	CVE-2006-2259	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348506	-	drupal	drupal	Cross-site scripting (XSS) vulnerability in the project module (project.module) in Drupal 4.5 and 4.6 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.	NVD-CWE-Other	CVE-2006-2260	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348507	-	ocean12_technologies	calendar_manager_pro	Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parame…	NVD-CWE-Other	CVE-2006-2264	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348508	-	ocean12_technologies	calendar_manager_pro	Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: the provenance …	NVD-CWE-Other	CVE-2006-2265	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348509	-	chirpy	chirpy	SQL injection vulnerability in Chirpy! 0.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.	NVD-CWE-Other	CVE-2006-2266	2017-07-20 10:31	2006-05-9	Show	GitHub Exploit DB Packet Storm

348510	-	dokeos	dokeos dokeos_community_release	Multiple PHP remote file inclusion vulnerabilities in claro_init_global.inc.php in Dokeos 1.6.3 and earlier, and Dokeos community release 2.0.3, allow remote attackers to execute arbitrary PHP code v…	CWE-94 Code Injection	CVE-2006-2286	2017-07-20 10:31	2006-05-10	Show	GitHub Exploit DB Packet Storm