Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 27, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
196991 8.8 重要
Network 		D-Link Systems, Inc. - D-Link DIR-600M Rev. Cx デバイスにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2017-5874 2017-04-17 17:57 2017-03-22 Show GitHub Exploit DB Packet Storm
196992 6.1 警告
Network 		MantisBT Group - MantisBT におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-7222 2017-04-17 17:52 2017-02-26 Show GitHub Exploit DB Packet Storm
196993 6.5 警告
Local 		virglrenderer project - virglrenderer の virgl_resource_attach_backing 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-10214 2017-04-17 17:31 2016-12-27 Show GitHub Exploit DB Packet Storm
196994 6.5 警告
Network 		マカフィー - Intel Security Advanced Threat Defense Linux における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-3899 2017-04-17 16:59 2017-02-23 Show GitHub Exploit DB Packet Storm
196995 6.1 警告
Network 		コンクリートファイブ - concrete5 におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-6908 2017-04-17 16:56 2017-03-14 Show GitHub Exploit DB Packet Storm
196996 8.8 重要
Network 		マカフィー - Intel Security McAfee Vulnerability Manager の Enterprise Manager コンポーネントにおけるユーザのパスワードを解読される脆弱性 CWE-310
暗号の問題 		CVE-2015-8989 2017-04-17 16:52 2017-02-27 Show GitHub Exploit DB Packet Storm
196997 5.5 警告
Local 		68k.org - Audio File Library の libaudiofile/modules/BlockCodec.cpp の reset1 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-369
ゼロ除算 		CVE-2017-6835 2017-04-17 16:46 2017-03-6 Show GitHub Exploit DB Packet Storm
196998 5.5 警告
Local 		68k.org - Audio File Library の G711.cpp の ulaw2linear_buf 関数におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-6834 2017-04-17 16:46 2017-03-6 Show GitHub Exploit DB Packet Storm
196999 5.5 警告
Local 		68k.org - Audio File Library の libaudiofile/modules/BlockCodec.cpp の runPull 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-369
ゼロ除算 		CVE-2017-6833 2017-04-17 16:46 2017-03-6 Show GitHub Exploit DB Packet Storm
197000 5.5 警告
Local 		68k.org - Audio File Library の MSADPCM.cpp の decodeBlock におけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2017-6832 2017-04-17 16:46 2017-03-6 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 28, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1861 - - - NextGEN Gallery version prior to 4.2.1 are vulnerable to authenticated SQL injection via the 'orderby' parameter on the REST API endpoints '/imagely/v1/galleries' and '/imagely/v1/albums'. The roo… CWE-89
SQL Injection 		CVE-2026-9059 2026-05-20 23:01 2026-05-20 Show GitHub Exploit DB Packet Storm
1862 - - - SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integration_id', 'provider') on the REST API endpoint '/surecart/v1/i… CWE-89
SQL Injection 		CVE-2026-9065 2026-05-20 23:01 2026-05-20 Show GitHub Exploit DB Packet Storm
1863 7.8 HIGH
Local 		- - `PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or when using `--root`. If the chroot target is `/`, … CWE-35
 Path Traversal: '.../...//' 		CVE-2026-44933 2026-05-20 23:01 2026-05-20 Show GitHub Exploit DB Packet Storm
1864 7.5 HIGH
Local 		- - NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code execut… CWE-502
 Deserialization of Untrusted Data 		CVE-2026-24163 2026-05-20 22:57 2026-05-20 Show GitHub Exploit DB Packet Storm
1865 6.6 MEDIUM
Network 		- - Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, … CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-6366 2026-05-20 22:56 2026-05-20 Show GitHub Exploit DB Packet Storm
1866 7.5 HIGH
Network 		- - The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is vulnerable to SQL Injection via the 'checkout_uuid' parameter in all versions up to, and including, 1.6.9. T… CWE-89
SQL Injection 		CVE-2026-3985 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1867 6.1 MEDIUM
Network 		- - The Sentence To SEO (keywords, description and tags) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect no… CWE-352
 Origin Validation Error 		CVE-2026-6391 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1868 4.3 MEDIUM
Network 		- - The Bigfishgames Syndicate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the bigf… CWE-352
 Origin Validation Error 		CVE-2026-6452 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1869 6.4 MEDIUM
Network 		- - The Logo Manager For Enamad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute of the `vc_enamad_namad`, `vc_enamad_shamed`, and `vc_enamad_custom` shortcodes… CWE-79
Cross-site Scripting 		CVE-2026-6549 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm
1870 9.8 CRITICAL
Network 		- - The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due to an array validation mismatch where only the first file in… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-6555 2026-05-20 22:54 2026-05-20 Show GitHub Exploit DB Packet Storm