Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
5211	9.8	緊急 Network	Martin (Fosowl)	AgenticSeek	Martin (Fosowl)のAgenticSeekにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-5584	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

5212	7.5	重要 Network	Tencent	AI-Infra-Guard	TencentのAI-Infra-Guardにおける複数の脆弱性	CWE-200 CWE-284 CWE-noinfo	CVE-2026-5585	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

5213	3.7	低 Network	Simon Tatham	PuTTY	PuTTYにおける複数の脆弱性	CWE-345 CWE-347	CVE-2026-4115	2026-05-7 12:27	2026-03-22	Show	GitHub Exploit DB Packet Storm

5214	9.8	緊急 Network	cPanel	cPanel WP Squared cPanel WHM	cPanelのcPanel等の複数製品における重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2026-41940	2026-05-7 12:27	2026-04-29	Show	GitHub Exploit DB Packet Storm

5215	9.8	緊急 Network	Provectus	UI for Apache Kafka	ProvectusのUI for Apache Kafkaにおける複数の脆弱性	CWE-74 CWE-94	CVE-2026-5562	2026-05-7 12:27	2026-04-5	Show	GitHub Exploit DB Packet Storm

5216	6.1	警告 Network	WSO2	WSO2 Identity Server	WSO2のWSO2 Identity Serverにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2025-10503	2026-05-7 12:07	2026-04-29	Show	GitHub Exploit DB Packet Storm

5217	5.3	警告 Network	MCPHub	MCPHub	MCPHubにおけるユーザ制御の鍵による認証回避に関する脆弱性	CWE-639 ユーザ制御の鍵による認証回避	CVE-2025-13822	2026-05-7 12:07	2026-04-14	Show	GitHub Exploit DB Packet Storm

5218	5.3	警告 Network	IBM	IBM DB2	IBMのIBM DB2における入力で指定された数量の不適切な検証に関する脆弱性	CWE-1284 入力で指定された数量の不適切な検証	CVE-2025-14688	2026-05-7 12:07	2026-04-30	Show	GitHub Exploit DB Packet Storm

5219	6.5	警告 Network	IBM	IBM DB2	IBMのIBM DB2における制限またはスロットリング無しのリソースの割り当てに関する脆弱性	CWE-770 制限またはスロットリング無しのリソースの割り当て	CVE-2025-36122	2026-05-7 12:07	2026-04-30	Show	GitHub Exploit DB Packet Storm

5220	5.3	警告 Network	HCL Technologies Limited	HCL AION	HCL Technologies LimitedのHCL AIONにおけるエラーメッセージによる情報漏えいに関する脆弱性	CWE-209 エラーメッセージによる情報漏えい	CVE-2025-52641	2026-05-7 12:07	2026-04-15	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 16, 2026, 4:13 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
358831	-	desiderata_software	blazix	Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.	NVD-CWE-Other	CVE-2002-1451	2008-09-6 05:30	2002-08-24	Show	GitHub Exploit DB Packet Storm

358832	-	omnicron	omnihttpd	Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.	NVD-CWE-Other	CVE-2002-1455	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358833	-	leszek_krupinski	l-forum	SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter.	NVD-CWE-Other	CVE-2002-1457	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358834	-	leszek_krupinski	l-forum	Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields includin…	NVD-CWE-Other	CVE-2002-1458	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358835	-	leszek_krupinski	l-forum	Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields includi…	NVD-CWE-Other	CVE-2002-1459	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358836	-	leszek_krupinski	l-forum	L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which…	NVD-CWE-Other	CVE-2002-1460	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358837	-	webscriptworld	web_shop_manager	Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search box.	NVD-CWE-Other	CVE-2002-1461	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358838	-	organicphp	php-affiliate	details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers to modify information of other users by modifying certain hidden form fields.	NVD-CWE-Other	CVE-2002-1462	2008-09-6 05:30	2003-06-9	Show	GitHub Exploit DB Packet Storm

358839	-	cafelog	b2	Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable.	NVD-CWE-Other	CVE-2002-1464	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm

358840	-	cafelog	b2	SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable.	NVD-CWE-Other	CVE-2002-1465	2008-09-6 05:30	2003-04-22	Show	GitHub Exploit DB Packet Storm