Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 13, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
1281 6.5 警告
Network 		Koha Koha Kohaにおけるサーバサイドのリクエストフォージェリの脆弱性 CWE-918
サーバサイドリクエストフォージェリ 		CVE-2026-26379 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1282 9 緊急
Network 		lfprojects mlflow lfprojectsのmlflowにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-2651 2026-06-8 11:48 2026-05-25 Show GitHub Exploit DB Packet Storm
1283 6.5 警告
Network 		libxls project libxls libxls projectのlibxlsにおける初期化されていない変数の使用に関する脆弱性 CWE-457
初期化されていない変数の使用 		CVE-2026-26824 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1284 5.3 警告
Network 		libxls project libxls libxls projectのlibxlsにおける初期化されていないリソースの使用に関する脆弱性 CWE-908
初期化されていないリソースの使用 		CVE-2026-26825 2026-06-8 11:48 2026-06-3 Show GitHub Exploit DB Packet Storm
1285 7.5 重要
Network 		SolarWinds Web Help Desk SolarWindsのWeb Help Deskにおける制限またはスロットリング無しのリソースの割り当てに関する脆弱性 CWE-770
制限またはスロットリング無しのリソースの割り当て 		CVE-2026-28299 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
1286 7.5 重要
Network 		SolarWinds Serv-U SolarWindsのServ-Uにおけるリソースの枯渇に関する脆弱性 CWE-400
リソースの枯渇 		CVE-2026-28318 2026-06-8 11:47 2026-06-4 Show GitHub Exploit DB Packet Storm
1287 7.1 重要
Network 		librechat librechat LibreChatにおける認証の欠如に関する脆弱性 CWE-862
認証の欠如 		CVE-2026-31942 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
1288 9.6 緊急
Network 		librechat librechat LibreChatにおける情報漏えいに関する脆弱性 CWE-200
CWE-noinfo
CVE-2026-32625 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
1289 4.7 警告
Network 		Shopify React Router ShopifyのReact Routerにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2026-33245 2026-06-8 11:47 2026-06-2 Show GitHub Exploit DB Packet Storm
1290 7.5 重要
Network 		Python Software Foundation Python Python Software FoundationのPythonにおける複数の脆弱性 CWE-116
CWE-20
CVE-2026-3644 2026-06-8 11:47 2026-03-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
358271 - microsoft outlook_express Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link. NVD-CWE-Other
CVE-2002-2164 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358272 - imho imho_webmail The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox. NVD-CWE-Other
CVE-2002-2165 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358273 - e-zone_media_inc. fusetalk Cross-site scripting (XSS) vulnerability in FuseTalk 2.0 and 3.0 allows remote attackers to insert arbitrary HTML and web script. NVD-CWE-Other
CVE-2002-2166 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358274 - thorsten_korner 123tkshop Directory traversal vulnerability in function_foot_1.inc.php for Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences terminated by a null… NVD-CWE-Other
CVE-2002-2167 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358275 - thorsten_korner 123tkshop SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php. NVD-CWE-Other
CVE-2002-2168 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358276 - aol instant_messenger Cross-site scripting vulnerability AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows allows remote attackers to conduct unauthorized activities, such as adding buddies and groups to a use… NVD-CWE-Other
CVE-2002-2169 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358277 - working_resources_inc. badblue Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, whic… NVD-CWE-Other
CVE-2002-2170 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358278 - shana informed_designer
informed_filler 		Informed (1) Designer and (2) Filler 3.05 does not zero out newly allocated disk blocks as an encrypted file grows in size, which may allow attackers to obtain sensitive information. NVD-CWE-Other
CVE-2002-2172 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358279 - cerulean_studios trillian Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message. NVD-CWE-Other
CVE-2002-2173 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm
358280 - software602 602pro_lan_suite The Telnet proxy of 602Pro LAN SUITE 2002 does not restrict the number of outstanding connections to the local host, which allows remote attackers to create a denial of service (memory consumption) v… NVD-CWE-Other
CVE-2002-2174 2008-09-6 05:32 2002-12-31 Show GitHub Exploit DB Packet Storm