Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 27, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
741	9.1	緊急 Network	オラクル	Oracle iSupport	オラクルのOracle iSupportにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46946	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

742	8.8	重要 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46947	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

743	9.1	緊急 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46949	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

744	8.8	重要 Network	オラクル	Oracle Advanced Outbound Telephony	オラクルのOracle Advanced Outbound Telephonyにおけるアクセス制御に関する脆弱性	CWE-284 CWE-noinfo	CVE-2026-46950	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

745	7.5	重要 Network	オラクル	Oracle Human Resources	オラクルのOracle Human Resourcesにおける複数の脆弱性	CWE-352 CWE-601 CWE-79	CVE-2026-46955	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

746	7.5	重要 Network	オラクル	Oracle iSupplier Portal	オラクルのOracle iSupplier Portalにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46957	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

747	7.5	重要 Network	オラクル	Oracle Subledger Accounting	オラクルのOracle Subledger Accountingにおける複数の脆弱性	CWE-269 CWE-284 CWE-306	CVE-2026-46958	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

748	7.5	重要 Network	オラクル	Oracle Subledger Accounting	オラクルのOracle Subledger Accountingにおける複数の脆弱性	CWE-269 CWE-284 CWE-306	CVE-2026-46959	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

749	9.9	緊急 Network	オラクル	Oracle Universal Work Queue	オラクルのOracle Universal Work Queueにおけるアクセス制御に関する脆弱性	CWE-284 不適切なアクセス制御	CVE-2026-46963	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

750	9.9	緊急 Network	オラクル	Oracle Universal Work Queue	オラクルのOracle Universal Work Queueにおける複数の脆弱性	CWE-269 CWE-284 CWE-306	CVE-2026-46964	2026-06-22 11:50	2026-06-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 27, 2026, 4:35 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
191031	6.1	MEDIUM Network	carrcommunications	rsvpmaker_excel	The RSVPMaker Excel WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/phpexcel/PHPExcel/Shared/JAMA/docs/download.php file which …	CWE-79 Cross-site Scripting	CVE-2021-38337	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191032	6.1	MEDIUM Network	sw-guide	edit_comments_xt	The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/edit-comments-xt.php file which allows attackers to inject…	CWE-79 Cross-site Scripting	CVE-2021-38336	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191033	6.1	MEDIUM Network	wiseagent	wise_agent_capture_forms	The Wise Agent Capture Forms WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/WiseAgentCaptureForm.php file which allows attacke…	CWE-79 Cross-site Scripting	CVE-2021-38335	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191034	6.1	MEDIUM Network	amazingweb	wp-design-maps-places	The WP Design Maps & Places WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the filename parameter found in the ~/wpdmp-admin.php file which allows attackers to inject arbitrary …	CWE-79 Cross-site Scripting	CVE-2021-38334	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191035	6.1	MEDIUM Network	wp_scrippets_project	wp_scrippets	The WP Scrippets WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/wp-scrippets.php file which allows attackers to inject arbitra…	CWE-79 Cross-site Scripting	CVE-2021-38333	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191036	6.1	MEDIUM Network	ops-robots-txt_project	ops-robots-txt	The On Page SEO + Whatsapp Chat Button Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/settings.php file which allows at…	CWE-79 Cross-site Scripting	CVE-2021-38332	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191037	6.1	MEDIUM Network	wp-t-wap_project	wp-t-wap	The WP-T-Wap WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the posted parameter found in the ~/wap/writer.php file which allows attackers to inject arbitrary web scripts, in ve…	CWE-79 Cross-site Scripting	CVE-2021-38331	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191038	6.1	MEDIUM Network	tromit	yabp	The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/yabp.php file which allows attackers to inject a…	CWE-79 Cross-site Scripting	CVE-2021-38330	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191039	6.1	MEDIUM Network	dj_emailpublish_project	dj_emailpublish	The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/dj-email-publish.php file which allows attackers to inject …	CWE-79 Cross-site Scripting	CVE-2021-38329	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm

191040	6.1	MEDIUM Network	notices_project	notices	The Notices WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER["PHP_SELF"] value in the ~/notices.php file which allows attackers to inject arbitrary web scr…	CWE-79 Cross-site Scripting	CVE-2021-38328	2024-11-21 15:16	2021-09-10	Show	GitHub Exploit DB Packet Storm