Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201071 7.5 重要
Network 		シトリックス・システムズ - Citrix Provisioning Services におけるカーネルメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-9680 2017-01-30 12:18 2016-11-30 Show GitHub Exploit DB Packet Storm
201072 9.8 緊急
Network 		シトリックス・システムズ - Citrix Provisioning Services における任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2016-9679 2017-01-30 12:18 2016-11-30 Show GitHub Exploit DB Packet Storm
201073 9.8 緊急
Network 		シトリックス・システムズ - Citrix Provisioning Services における任意のコードを実行される脆弱性 CWE-416
解放済みメモリの使用 		CVE-2016-9678 2017-01-30 12:18 2016-11-30 Show GitHub Exploit DB Packet Storm
201074 5.3 警告
Network 		シトリックス・システムズ - Citrix Provisioning Services における重要なカーネルのアドレス情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-9677 2017-01-30 12:18 2016-11-30 Show GitHub Exploit DB Packet Storm
201075 9.8 緊急
Network 		シトリックス・システムズ - Citrix Provisioning Services におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-9676 2017-01-30 12:18 2016-11-30 Show GitHub Exploit DB Packet Storm
201076 8.1 重要
Network 		BlackBerry - BlackBerry Enterprise Server のコアコンソールおよびマネジメントコンソールにおける情報を公開される脆弱性 CWE-200
CWE-255
CVE-2016-3130 2017-01-30 11:58 2016-03-11 Show GitHub Exploit DB Packet Storm
201077 8.2 重要
Network 		BlackBerry - BlackBerry Enterprise Server のコアにおける脆弱性 CWE-254
セキュリティ機能 		CVE-2016-3128 2017-01-30 11:58 2016-03-11 Show GitHub Exploit DB Packet Storm
201078 6.1 警告
Network 		OpenStack - Gerrit 用 Openstack Puppet モジュールの Gerrit 設定におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-5737 2017-01-30 11:50 2016-06-22 Show GitHub Exploit DB Packet Storm
201079 5.9 警告
Network 		Ignite Realtime
Fedora Project		 - Smack の XMPP ライブラリにおける TLS の保護を回避される脆弱性 CWE-362
競合状態 		CVE-2016-10027 2017-01-30 11:40 2016-11-22 Show GitHub Exploit DB Packet Storm
201080 7.5 重要
Network 		Cloud Foundry Foundation - Cloud Foundry Foundation における認証情報のログを作成される脆弱性 CWE-200
情報漏えい 		CVE-2016-9882 2017-01-30 11:38 2016-12-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2901 - - - Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the showSupportExpiredMessage parameter of hand… CWE-79
Cross-site Scripting 		CVE-2024-47096 2026-05-29 03:56 2026-05-28 Show GitHub Exploit DB Packet Storm
2902 - - - Cross Site Scripting vulnerability in Follet School Solutions Destiny before v22.0.1 AU1 allows a remote attacker to run arbitrary client-side code via the site parameter of handleloginform.do. CWE-79
Cross-site Scripting 		CVE-2024-47097 2026-05-29 03:56 2026-05-28 Show GitHub Exploit DB Packet Storm
2903 - - - The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to an authentication bypass. An unauthenticated remote attacker can change the password of the user account via a crafted POST re… CWE-287
Improper Authentication 		CVE-2026-8979 2026-05-29 03:56 2026-05-28 Show GitHub Exploit DB Packet Storm
2904 - - - The Mennekes Amtron series (firmware versions ≤ 5.22.3) is vulnerable to privilege escalation. An authenticated low-privileged user can change the passwords of the admin (operator) and manufacturer a… CWE-269
 Improper Privilege Management 		CVE-2026-8980 2026-05-29 03:56 2026-05-28 Show GitHub Exploit DB Packet Storm
2905 7.5 HIGH
Network 		- - phpMyFAQ before 4.1.3 contains an authentication bypass vulnerability in API v4.0 where the default empty api.apiClientToken allows unauthenticated users to create and modify FAQ entries. Attackers c… CWE-1188
 Insecure Default Initialization of Resource 		CVE-2026-35672 2026-05-29 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
2906 8.2 HIGH
Network 		- - phpMyFAQ before 4.1.3 contains an unauthenticated password reset vulnerability in the user password update API endpoint that allows attackers to change account passwords without token validation. Att… CWE-640
 Weak Password Recovery Mechanism for Forgotten Password 		CVE-2026-35676 2026-05-29 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
2907 6.5 MEDIUM
Network 		- - EspoCRM is an open source customer relationship management application. Prior to 9.3.5, the POST /api/v1/EmailTemplate/:id/prepare endpoint accepts an emailAddress parameter and resolves the owning e… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-41141 2026-05-29 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
2908 4.3 MEDIUM
Network 		- - EspoCRM is an open source customer relationship management application. Prior to 9.3.5, a business logic flaw (Broken Access Control) in EspoCRM 9.3.3 allows low-privileged users to pin arbitrary not… CWE-284
CWE-639
CWE-862
Improper Access Control
 Authorization Bypass Through User-Controlled Key
 Missing Authorization 		CVE-2026-41160 2026-05-29 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
2909 - - - Kuma is a modern Envoy-based service mesh that can run on every cloud across both Kubernetes and VMs. Prior to 2.7.25, 2.9.15, 2.11.13, 2.12.10, and 2.13.5, the default kuma-cp config leaks the admin… CWE-346
CWE-942
 Origin Validation Error
 Permissive Cross-domain Policy with Untrusted Domains 		CVE-2026-45021 2026-05-29 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
2910 8.7 HIGH
Network 		- - TinyMCE is an open source rich text editor. Prior to 5.11.1, 7.9.3, and 8.5.1, there is a stored XSS vulnerability via unsanitized data-mce-* attributes (data-mce-href, data-mce-src, data-mce-style).… CWE-79
Cross-site Scripting 		CVE-2026-47759 2026-05-29 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm