Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 28, 2026, 4 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189641	4.7	警告 Network	W3 Eden, Inc.	-	WordPress 用プラグイン WordPress Download Manager におけるオープンリダイレクトの脆弱性	CWE-20 不適切な入力確認	CVE-2017-2217	2018-01-24 12:20	2017-06-13	Show	GitHub Exploit DB Packet Storm

189642	8.8	重要 Adjacent	Acronis International GmbH	-	Acronis True Image に更新がセキュアに行われない脆弱性	-	CVE-2017-3219	2018-01-24 12:16	2017-06-19	Show	GitHub Exploit DB Packet Storm

189643	7.8	重要 Local	株式会社 Jiransoft Japan	-	AppCheck における実行ファイル呼び出しに関する脆弱性	CWE-Other その他	CVE-2017-2214	2018-01-24 12:14	2017-06-7	Show	GitHub Exploit DB Packet Storm

189644	7.8	重要 Local	国土地理院	-	セミ・ダイナミック補正支援ソフトウェア SemiDynaEXE のインストーラにおける任意の DLL 読み込みの脆弱性	CWE-Other その他	CVE-2017-2213	2018-01-24 12:14	2017-06-8	Show	GitHub Exploit DB Packet Storm

189645	7.8	重要 Local	国土地理院	-	座標変換ソフトウェア TKY2JGD のインストーラにおける任意の DLL 読み込みの脆弱性	CWE-Other その他	CVE-2017-2212	2018-01-24 12:14	2017-06-8	Show	GitHub Exploit DB Packet Storm

189646	7.8	重要 Local	国土地理院	-	標高補正ソフトウェア PatchJGD(標高版) のインストーラにおける任意の DLL 読み込みの脆弱性	CWE-Other その他	CVE-2017-2211	2018-01-24 12:14	2017-06-8	Show	GitHub Exploit DB Packet Storm

189647	7.8	重要 Local	国土地理院	-	座標補正ソフトウェア PatchJGD のインストーラにおける任意の DLL 読み込みの脆弱性	CWE-Other その他	CVE-2017-2210	2018-01-24 12:14	2017-06-8	Show	GitHub Exploit DB Packet Storm

189648	7.8	重要 Local	Baidu, Inc.	-	[Simeji Windows版(β)]文字入力システムのインストーラにおける DLL 読み込みに関する脆弱性	CWE-Other その他	CVE-2017-2219	2018-01-24 12:14	2017-06-8	Show	GitHub Exploit DB Packet Storm

189649	5	警告	Zoho Corporation	-	ManageEngine Firewall Analyzer におけるアクセス制限不備の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2015-7781	2018-01-24 12:11	2015-11-27	Show	GitHub Exploit DB Packet Storm

189650	4	警告	Zoho Corporation	-	ManageEngine Firewall Analyzer におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2015-7780	2018-01-24 12:04	2015-11-27	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 28, 2026, 4:01 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
2811	5.5	MEDIUM Local	mongodb	mongodb	MongoDB server may log authentication parameters, including credentials, to the server log during SASL authentication. When connection health metric logging is enabled, the full authentication parame…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2026-9735	2026-06-16 01:46	2026-06-10	Show	GitHub Exploit DB Packet Storm

2812	9.8	CRITICAL Network	apache	cxf	Apache CXF's EndpointReferenceUtils and W3CMultiSchemaFactory classes construct a SAXParserFactory without the necessary JAXP hardening configurations, enabling out-of-band (OOB) external entity res…	CWE-611 XXE	CVE-2026-49875	2026-06-16 01:32	2026-06-12	Show	GitHub Exploit DB Packet Storm

2813	6.5	MEDIUM Network	google	chrome	Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from pr…	CWE-125 Out-of-bounds Read	CVE-2026-12026	2026-06-16 01:32	2026-06-12	Show	GitHub Exploit DB Packet Storm

2814	8.2	HIGH Network	axios	axios	Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, axios exposes two read-side prototype-pollution gadgets. When Object.prototype is polluted by an upstream…	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2026-44490	2026-06-16 01:31	2026-06-12	Show	GitHub Exploit DB Packet Storm

2815	7.5	HIGH Network	-	-	Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed c…	CWE-78 OS Command	CVE-2026-9863	2026-06-16 01:16	2026-06-16	Show	GitHub Exploit DB Packet Storm

2816	9.8	CRITICAL Network	-	-	Fortra's Core Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to c…	CWE-78 OS Command	CVE-2026-9862	2026-06-16 01:16	2026-06-16	Show	GitHub Exploit DB Packet Storm

2817	5.4	MEDIUM Network	-	-	The Form Builder CP WordPress plugin before 1.2.47 does not properly sanitize a form configuration value before storing it and using it as part of a client-side script execution, allowing authenticat…	-	CVE-2026-9278	2026-06-16 01:16	2026-06-15	Show	GitHub Exploit DB Packet Storm

2818	3.4	LOW Network	-	-	The Store Locator WordPress plugin before 1.6.9 does not validate a parameter before using it in a file path, allowing high-privileged users such as administrators to read arbitrary `.php` files from…	CWE-22 Path Traversal	CVE-2026-9062	2026-06-16 01:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

2819	3.5	LOW Network	-	-	The Store Locator WordPress plugin before 1.6.9 does not sanitize and escape store logo metadata before storing it and outputting it on the Store Locator WordPress plugin before 1.6.9 admin page, all…	CWE-79 Cross-site Scripting	CVE-2026-9061	2026-06-16 01:16	2026-06-13	Show	GitHub Exploit DB Packet Storm

2820	6.4	MEDIUM Network	-	-	Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, PATCH /server/{id} accepts and persists nonexistent ddns_p…	CWE-863 Incorrect Authorization	CVE-2026-53521	2026-06-16 01:16	2026-06-13	Show	GitHub Exploit DB Packet Storm