Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 16, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190261 6.5 警告
Network 		Matroska.org - libebml2 における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-12782 2017-11-24 18:52 2017-08-22 Show GitHub Exploit DB Packet Storm
190262 6.5 警告
Network 		Matroska.org - libebml2 における NULL ポインタデリファレンスに関する脆弱性 CWE-476
NULL ポインタデリファレンス 		CVE-2017-12781 2017-11-24 18:52 2017-08-22 Show GitHub Exploit DB Packet Storm
190263 6.5 警告
Network 		Matroska.org - libebml2 における解放済みメモリの使用に関する脆弱性 CWE-416
解放済みメモリの使用 		CVE-2017-12780 2017-11-24 18:51 2017-08-22 Show GitHub Exploit DB Packet Storm
190264 7.5 重要
Network 		Apache Software Foundation - Apache WSS4J における暗号アルゴリズムの使用に関する脆弱性 CWE-327
不完全、または危険な暗号アルゴリズムの使用 		CVE-2015-0226 2017-11-24 17:58 2015-02-10 Show GitHub Exploit DB Packet Storm
190265 7.8 重要
Local 		TG Soft S.a.s. - Vir.IT eXplorer Anti-Virus における入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-16237 2017-11-24 17:57 2017-11-3 Show GitHub Exploit DB Packet Storm
190266 8.8 重要
Network 		Tenable, Inc. - SecurityCenter における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-11508 2017-11-24 17:44 2017-11-1 Show GitHub Exploit DB Packet Storm
190267 6.1 警告
Adjacent 		シスコシステムズ - Cisco Aironet 3800 シリーズアクセスポイントにおけるバッファエラーの脆弱性 CWE-119
バッファエラー 		CVE-2017-12283 2017-11-24 17:39 2017-11-1 Show GitHub Exploit DB Packet Storm
190268 8.8 重要
Adjacent 		シスコシステムズ - Cisco Application Policy Infrastructure Controller エンタープライズ モジュールにおける認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-12262 2017-11-24 17:39 2017-11-1 Show GitHub Exploit DB Packet Storm
190269 9.8 緊急
Network 		Mahara - Mahara Mobile におけるログファイルからの情報漏えいに関する脆弱性 CWE-532
ログファイルからの情報漏えい 		CVE-2017-1000171 2017-11-24 17:31 2017-05-23 Show GitHub Exploit DB Packet Storm
190270 6.5 警告
Network 		TP-LINK Technologies - TP-LINK TL-WR741N および TL-WR741ND 150M Wireless Lite N Router のファームウェアにおける入力確認に関する脆弱性 CWE-20
不適切な入力確認 		CVE-2017-14250 2017-11-24 17:29 2017-10-31 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 17, 2026, 4:19 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2361 6.3 MEDIUM
Network 		- - A vulnerability has been found in CodeAstro Student Attendance Management System 1.0. This affects an unknown function of the file /attendance-php/Admin/createClass.php. The manipulation of the argum… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-11583 2026-06-9 10:32 2026-06-9 Show GitHub Exploit DB Packet Storm
2362 6.3 MEDIUM
Network 		- - A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of th… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-11584 2026-06-9 10:32 2026-06-9 Show GitHub Exploit DB Packet Storm
2363 6.3 MEDIUM
Network 		- - A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the a… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-11585 2026-06-9 10:32 2026-06-9 Show GitHub Exploit DB Packet Storm
2364 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Versions prior to 26.0.0 suffer from an improper session termination vulnerability where authentication tokens remain valid after … CWE-613
 Insufficient Session Expiration 		CVE-2026-46401 2026-06-9 05:17 2026-06-6 Show GitHub Exploit DB Packet Storm
2365 8.2 HIGH
Network 		- - CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dan… CWE-94
Code Injection 		CVE-2026-41249 2026-06-9 05:17 2026-06-5 Show GitHub Exploit DB Packet Storm
2366 9.8 CRITICAL
Network 		- - Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality N… CWE-287
CWE-306
CWE-1390
Improper Authentication
Missing Authentication for Critical Function
 Weak Authentication 		CVE-2026-6274 2026-06-9 04:16 2026-06-5 Show GitHub Exploit DB Packet Storm
2367 7.5 HIGH
Network 		- - Lyrion Music Server 9.2.0 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting directory traversal in the web server context. Attackers … CWE-22
Path Traversal 		CVE-2026-50234 2026-06-9 04:16 2026-06-5 Show GitHub Exploit DB Packet Storm
2368 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The applic… CWE-78
OS Command  		CVE-2026-46394 2026-06-9 04:16 2026-06-6 Show GitHub Exploit DB Packet Storm
2369 - - - OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, `go.opentelemetry.io/otel/schema/v1.0` and `go.opentelemetry.io/otel/schema/v1.1` leaks one file descriptor on eac… CWE-772
CWE-775
 Missing Release of Resource after Effective Lifetime
 Missing Release of File Descriptor or Handle after Effective Lifetime 		CVE-2026-45287 2026-06-9 04:16 2026-06-5 Show GitHub Exploit DB Packet Storm
2370 4.3 MEDIUM
Network 		- - IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vulnerable to a cross-site request forgery attack, beca… CWE-650
 Trusting HTTP Permission Methods on the Server Side 		CVE-2026-42543 2026-06-9 04:16 2026-06-5 Show GitHub Exploit DB Packet Storm