Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190381 9.8 緊急
Network 		Helpdesk Pro project - Joomla! 用 Helpdesk Pro プラグインにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-4073 2017-10-11 15:38 2015-07-16 Show GitHub Exploit DB Packet Storm
190382 5.4 警告
Network 		Helpdesk Pro project - Joomla! 用 Helpdesk Pro プラグインにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-4072 2017-10-11 15:38 2015-07-16 Show GitHub Exploit DB Packet Storm
190383 4.9 警告
Network 		Pragyan CMS Project - Pragyan CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-14601 2017-10-11 15:35 2017-09-14 Show GitHub Exploit DB Packet Storm
190384 4.9 警告
Network 		Pragyan CMS Project - Pragyan CMS における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-14600 2017-10-11 15:35 2017-09-14 Show GitHub Exploit DB Packet Storm
190385 6.1 警告
Network 		Pydio - Pydio におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-3432 2017-10-11 15:29 2015-05-6 Show GitHub Exploit DB Packet Storm
190386 7.5 重要
Network 		シスコシステムズ - Cisco Cloud Web Security おけるバッファエラーの脆弱性 CWE-119
CWE-19
CVE-2015-0689 2017-10-11 15:29 2015-04-6 Show GitHub Exploit DB Packet Storm
190387 7 重要
Local 		Polycom - Polycom RealPresence Resource Manager における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4685 2017-10-11 14:28 2015-06-29 Show GitHub Exploit DB Packet Storm
190388 6.5 警告
Network 		Polycom - Polycom RealPresence Resource Manager における証明書・パスワードの管理に関する脆弱性 CWE-255
証明書・パスワード管理 		CVE-2015-4684 2017-10-11 14:28 2015-06-29 Show GitHub Exploit DB Packet Storm
190389 9.8 緊急
Network 		Polycom - Polycom RealPresence Resource Manager における認可・権限・アクセス制御に関する脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4683 2017-10-11 14:28 2015-06-29 Show GitHub Exploit DB Packet Storm
190390 6.5 警告
Network 		Polycom - Polycom RealPresence Resource Manager における情報漏えいに関する脆弱性 CWE-200
情報漏えい 		CVE-2015-4682 2017-10-11 14:28 2015-06-29 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 5, 2026, 4:11 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1211 6.1 MEDIUM
Network 		ibm financial_transaction_manager_for_multiplatform IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.15 IBM Financial Transaction Manager SWIFT is vulnerable to cross-site scripting. This vulnerability allo… Update CWE-79
Cross-site Scripting 		CVE-2025-36148 2026-06-2 02:22 2026-05-27 Show GitHub Exploit DB Packet Storm
1212 8.8 HIGH
Network 		google chrome Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Update CWE-416
 Use After Free 		CVE-2026-10013 2026-06-2 02:22 2026-05-29 Show GitHub Exploit DB Packet Storm
1213 9.6 CRITICAL
Network 		google chrome Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Update CWE-787
 Out-of-bounds Write 		CVE-2026-9967 2026-06-2 02:22 2026-05-29 Show GitHub Exploit DB Packet Storm
1214 8.3 HIGH
Network 		google chrome Out of bounds read and write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted… Update CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2026-9975 2026-06-2 02:21 2026-05-29 Show GitHub Exploit DB Packet Storm
1215 5.0 MEDIUM
Network 		google chrome Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted … Update CWE-20
 Improper Input Validation  		CVE-2026-9979 2026-06-2 02:21 2026-05-29 Show GitHub Exploit DB Packet Storm
1216 6.2 MEDIUM
Local 		- - Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters (such… Update CWE-405
CWE-407
 Asymmetric Resource Consumption (Amplification)
 Inefficient Algorithmic Complexity 		CVE-2026-8594 2026-06-2 02:17 2026-05-31 Show GitHub Exploit DB Packet Storm
1217 - - - StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a… Update CWE-312
CWE-522
 Cleartext Storage of Sensitive Information
 Insufficiently Protected Credentials 		CVE-2026-4387 2026-06-2 02:17 2026-05-30 Show GitHub Exploit DB Packet Storm
1218 4.3 MEDIUM
Network 		- - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a non-admin user to permanently delete an internal note (private thread) from any… Update CWE-862
 Missing Authorization 		CVE-2026-48811 2026-06-2 02:17 2026-05-30 Show GitHub Exploit DB Packet Storm
1219 - - - iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-controlled block-count value without checking the underlying reader's error state ins… Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-46385 2026-06-2 02:17 2026-05-30 Show GitHub Exploit DB Packet Storm
1220 8.8 HIGH
Adjacent 		- - In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neigh_node, but… Update - CVE-2026-46238 2026-06-2 02:17 2026-05-28 Show GitHub Exploit DB Packet Storm