Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 21, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
1911	9	緊急 Network	IBM	IBM WebSphere Application Server	IBMのIBM WebSphere Application Serverにおけるコードインジェクションの脆弱性	CWE-94 コード・インジェクション	CVE-2026-9311	2026-06-8 11:44	2026-06-1	Show	GitHub Exploit DB Packet Storm

1912	9	緊急 Network	IBM	IBM WebSphere Application Server	IBMのIBM WebSphere Application Serverにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-9319	2026-06-8 11:44	2026-06-1	Show	GitHub Exploit DB Packet Storm

1913	8.5	重要 Network	IBM	IBM WebSphere Application Server	IBMのIBM WebSphere Application Serverにおける信頼できないデータのデシリアライゼーションに関する脆弱性	CWE-502 信頼性のないデータのデシリアライゼーション	CVE-2026-9330	2026-06-8 11:44	2026-06-1	Show	GitHub Exploit DB Packet Storm

1914	-	-	（複数のベンダ）	（複数の製品）	Securly Chrome Extensionにおける複数の脆弱性	-	-	2026-06-5 13:34	2026-06-4	Show	GitHub Exploit DB Packet Storm

1915	6.7	警告 Adjacent	TP-Link Systems Inc.	Tapo P300 Tapo L535E Tapo D100C	複数のTP-LINK製品における重要情報の平文送信の脆弱性	CWE-Other その他	CVE-2026-34126	2026-06-5 12:08	2026-06-5	Show	GitHub Exploit DB Packet Storm

1916	9.8	緊急 Network	deltasql Project	deltasql	deltasql Projectのdeltasqlにおける重要な機能に対する認証の欠如に関する脆弱性	CWE-306 重要な機能に対する認証の欠如解説	CVE-2018-25412	2026-06-5 10:52	2026-05-30	Show	GitHub Exploit DB Packet Storm

1917	7.5	重要 Network	WinMTR	WinMTR	WinMTRにおける古典的バッファオーバーフローの脆弱性	CWE-120 古典的バッファオーバーフロー	CVE-2018-25426	2026-06-5 10:52	2026-05-30	Show	GitHub Exploit DB Packet Storm

1918	7.8	重要 Local	4mhz	Base64 Decoder	4mhzのBase64 Decoderにおける境界外書き込みに関する脆弱性	CWE-787 境界外書き込み	CVE-2019-25634	2026-06-5 10:52	2026-03-24	Show	GitHub Exploit DB Packet Storm

1919	7.8	重要 Local	Google	Android XR	GoogleのAndroid XRにおける認可に関する脆弱性	CWE-285 不適切な認可	CVE-2026-0072	2026-06-5 10:52	2026-06-1	Show	GitHub Exploit DB Packet Storm

1920	9.8	緊急 Network	TRENDnet	TEW-432BRP Firmware	TRENDnetのTEW-432BRP Firmwareにおける複数の脆弱性	CWE-74 CWE-77	CVE-2026-10060	2026-06-5 10:52	2026-05-29	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 21, 2026, 4:01 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
343971	-	phpfaber	topsites	Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) i_cat or (2) method parameters.	NVD-CWE-Other	CVE-2006-3770	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343972	-	imaginex-resource	imanage_cms	Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to …	NVD-CWE-Other	CVE-2006-3771	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343973	-	php-post	php-post	PHP-Post 0.21 and 1.0, and possibly earlier versions, when auto-login is enabled, allows remote attackers to bypass security restrictions and obtain administrative privileges by modifying the loginco…	NVD-CWE-Other	CVE-2006-3772	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343974	-	joomla	performs_component	PHP remote file inclusion vulnerability in performs.php in the perForms component (com_performs) 1.0 and earlier for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mos…	CWE-94 Code Injection	CVE-2006-3774	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343975	-	mybulletinboard	mybulletinboard	SQL injection vulnerability in the init function in class_session.php in MyBB (aka MyBulletinBoard) 1.1.5 allows remote attackers to execute arbitrary SQL commands via the CLIENT-IP HTTP header ($_SE…	CWE-89 SQL Injection	CVE-2006-3775	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343976	-	keyifweb	keyif_portal	Keyifweb Keyif Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for (1) ANKET/ank…	NVD-CWE-Other	CVE-2006-3780	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343977	-	symantec	pcanywhere	Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) f…	NVD-CWE-Other	CVE-2006-3784	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343978	-	symantec	pcanywhere	Symantec pcAnywhere 12.5 obfuscates the passwords in a GUI textbox with asterisks but does not encrypt them in the associated .cif (aka caller or CallerID) file, which allows local users to obtain th…	NVD-CWE-Other	CVE-2006-3785	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343979	-	symantec	pcanywhere	Symantec pcAnywhere 12.5 uses weak integrity protection for .cif (aka caller or CallerID) files, which allows local users to generate a custom .cif file and modify the superuser flag.	NVD-CWE-Other	CVE-2006-3786	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm

343980	-	kerio	personal_firewall	kpf4ss.exe in Sunbelt Kerio Personal Firewall 4.3.x before 4.3.268 does not properly hook the CreateRemoteThread API function, which allows local users to cause a denial of service (crash) and bypass…	NVD-CWE-Other	CVE-2006-3787	2018-10-18 06:30	2006-07-24	Show	GitHub Exploit DB Packet Storm