Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201211 8.1 重要
Network 		Django Software Foundation
Canonical
Fedora Project		 - Django における DNS リバインディング攻撃を実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-9014 2016-12-15 17:22 2016-11-1 Show GitHub Exploit DB Packet Storm
201212 9.8 緊急
Network 		Django Software Foundation
Canonical
Fedora Project		 - Django におけるデータベースサーバへのアクセス権を取得される脆弱性 CWE-798
ハードコードされた認証情報の使用 		CVE-2016-9013 2016-12-15 17:22 2016-11-1 Show GitHub Exploit DB Packet Storm
201213 6.3 警告
Network 		International Digital Publishing Forum - EpubCheck に XML 外部実体参照 (XXE) に関する脆弱性 CWE-611
XML 外部エンティティ参照の不適切な制限 		CVE-2016-9487 2016-12-15 16:42 2016-12-13 Show GitHub Exploit DB Packet Storm
201214 6.1 警告
Network 		Dotclear - Dotclear のメディアマネージャにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2016-6523 2016-12-15 15:39 2016-08-5 Show GitHub Exploit DB Packet Storm
201215 6.5 警告
Network 		Pivotal Software, Inc.
オラクル		 - RabbitMQ の管理プラグインにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-8786 2016-12-15 15:13 2015-12-29 Show GitHub Exploit DB Packet Storm
201216 9.8 緊急
Network 		The phpMyAdmin Project - phpMyAdmin における CSRF トークンがリターン URL から削除されない脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-9866 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
201217 9.8 緊急
Network 		The phpMyAdmin Project - phpMyAdmin における PMA_safeUnserialize() 関数による保護を回避される脆弱性 CWE-254
CWE-502
CVE-2016-9865 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
201218 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2016-9864 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
201219 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-9863 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
201220 7.5 重要
Network 		The phpMyAdmin Project - phpMyAdmin における BBCode インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2016-9862 2016-12-15 14:58 2016-11-25 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 7, 2026, 4:13 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2741 4.3 MEDIUM
Network 		jenkins bitbucket_oauth Jenkins Bitbucket OAuth Plugin 0.17 and earlier does not restrict the redirect URL after login, allowing attackers to perform phishing attacks. CWE-601
Open Redirect 		CVE-2026-48924 2026-05-29 01:59 2026-05-28 Show GitHub Exploit DB Packet Storm
2742 4.3 MEDIUM
Network 		kostyasha github_integration A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Integration Plugin 0.7.3 and earlier allows attackers to attackers to trigger a build for a pull request. CWE-352
 Origin Validation Error 		CVE-2026-48925 2026-05-29 01:57 2026-05-28 Show GitHub Exploit DB Packet Storm
2743 6.5 MEDIUM
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's UDR nudr-dr DELETE /subscription-data/{ueId}/{servingPlmnId}/ee-subscriptions/{subsId}/amf-subscriptions han… CWE-704
CWE-754
 Incorrect Type Conversion or Cast
 Improper Check for Unusual or Exceptional Conditions 		CVE-2026-44324 2026-05-29 01:52 2026-05-28 Show GitHub Exploit DB Packet Storm
2744 5.5 MEDIUM
Network 		jenkins buildgraph-view Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the build URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure jobs or views. CWE-79
Cross-site Scripting 		CVE-2026-48927 2026-05-29 01:52 2026-05-28 Show GitHub Exploit DB Packet Storm
2745 7.5 HIGH
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NRF root SBI endpoint POST /oauth2/token contains a parser-level type-confusion bug family. The handler in N… CWE-20
CWE-755
CWE-843
 Improper Input Validation 
 Improper Handling of Exceptional Conditions
Type Confusion 		CVE-2026-44325 2026-05-29 01:51 2026-05-28 Show GitHub Exploit DB Packet Storm
2746 4.3 MEDIUM
Network 		jenkins multijob A cross-site request forgery (CSRF) vulnerability in Jenkins Multijob Plugin 662.vd2e0001f6b_b_d and earlier allows attackers to resume failed Multijob builds. CWE-352
 Origin Validation Error 		CVE-2026-9674 2026-05-29 01:51 2026-05-28 Show GitHub Exploit DB Packet Storm
2747 5.4 MEDIUM
Network 		synology contacts Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users … CWE-79
Cross-site Scripting 		CVE-2025-13167 2026-05-29 01:37 2026-05-27 Show GitHub Exploit DB Packet Storm
2748 9.4 CRITICAL
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attac… CWE-862
 Missing Authorization 		CVE-2026-44326 2026-05-29 01:25 2026-05-28 Show GitHub Exploit DB Packet Storm
2749 10.0 CRITICAL
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker wh… CWE-306
CWE-862
Missing Authentication for Critical Function
 Missing Authorization 		CVE-2026-44327 2026-05-29 01:24 2026-05-28 Show GitHub Exploit DB Packet Storm
2750 8.2 HIGH
Network 		free5gc free5gc free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. On top of that, the DELETE /upi… CWE-306
CWE-476
CWE-862
Missing Authentication for Critical Function
 NULL Pointer Dereference
 Missing Authorization 		CVE-2026-44328 2026-05-29 01:24 2026-05-28 Show GitHub Exploit DB Packet Storm