Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196551 5.4 警告
Network 		サイボウズ - サイボウズ Office のデザイン設定画面におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-2114 2017-06-1 11:31 2017-04-11 Show GitHub Exploit DB Packet Storm
196552 5 警告
Network 		独立行政法人情報処理推進機構 (IPA) - 脆弱性体験学習ツール AppGoat におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-2102 2017-06-1 11:31 2017-02-9 Show GitHub Exploit DB Packet Storm
196553 7.3 重要
Network 		独立行政法人情報処理推進機構 (IPA) - 脆弱性体験学習ツール AppGoat における認証不備の脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2017-2101 2017-06-1 11:31 2017-02-9 Show GitHub Exploit DB Packet Storm
196554 6.3 警告
Network 		独立行政法人情報処理推進機構 (IPA) - 脆弱性体験学習ツール AppGoat における DNS リバインディングの脆弱性 CWE-Other
その他 		CVE-2017-2100 2017-06-1 11:31 2017-02-9 Show GitHub Exploit DB Packet Storm
196555 6.3 警告
Network 		独立行政法人情報処理推進機構 (IPA) - 脆弱性体験学習ツール AppGoat において任意のコードが実行可能な脆弱性 CWE-94
コード・インジェクション 		CVE-2017-2099 2017-06-1 11:31 2017-02-9 Show GitHub Exploit DB Packet Storm
196556 5 警告
Network 		CubeCart Limited - CubeCart におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2017-2098 2017-06-1 11:31 2017-01-27 Show GitHub Exploit DB Packet Storm
196557 6.1 警告
Network 		アドビシステムズ
日立		 - Adobe RoboHelp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-7891 2017-05-31 19:46 2016-12-13 Show GitHub Exploit DB Packet Storm
196558 7.2 重要
Network 		ブルーコートシステムズ - SSL Visibility Appliance における RST パケットの生成に関する問題 CWE-Other
その他 		CVE-2016-10259 2017-05-31 19:15 2017-05-24 Show GitHub Exploit DB Packet Storm
196559 5.4 警告
Network 		Todd Austin - Canvas におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-8298 2017-05-31 18:41 2017-04-23 Show GitHub Exploit DB Packet Storm
196560 7.5 重要
Network 		VirusTotal - YARA の regex コンポーネントの libyara/re.c におけるサービス運用妨害 (DoS) の脆弱性 CWE-125
境界外読み取り 		CVE-2017-8294 2017-05-31 18:35 2017-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2971 8.8 HIGH
Network 		- - A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipul… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-9628 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2972 6.3 MEDIUM
Network 		- - A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results … CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9607 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2973 4.3 MEDIUM
Network 		- - A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. E… CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message 		CVE-2026-9583 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2974 7.3 HIGH
Network 		- - A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such mani… CWE-266
CWE-284
 Incorrect Privilege Assignment
Improper Access Control 		CVE-2026-9562 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2975 6.3 MEDIUM
Network 		- - A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu… CWE-77
CWE-78
Command Injection
OS Command  		CVE-2026-9511 2026-05-29 01:16 2026-05-26 Show GitHub Exploit DB Packet Storm
2976 4.8 MEDIUM
Network 		- - Crypt::ScryptKDF versions through 0.010 for Perl uses insecure random number source when no CSPRNG module is available. The random_bytes function fell back to using the built-in rand() function when… CWE-338
 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 		CVE-2026-8647 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2977 7.5 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for… CWE-862
 Missing Authorization 		CVE-2026-48151 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2978 8.1 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/… CWE-79
Cross-site Scripting 		CVE-2026-48149 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2979 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48146 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2980 5.3 MEDIUM
Network 		- - Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… CWE-93
CRLF Injection 		CVE-2026-46740 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm