Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
201871 5.3 警告
Network 		WordPress.org - WordPress の REST API の実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2017-5487 2017-01-26 10:13 2017-01-11 Show GitHub Exploit DB Packet Storm
201872 9.8 緊急
Network 		MetalGenix - GeniXCMS の Posts.class.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-5519 2017-01-26 09:57 2017-01-14 Show GitHub Exploit DB Packet Storm
201873 9.8 緊急
Network 		MetalGenix - GeniXCMS の author.control.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2017-5517 2017-01-26 09:57 2017-01-14 Show GitHub Exploit DB Packet Storm
201874 6.1 警告
Network 		MetalGenix - GeniXCMS におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5516 2017-01-26 09:57 2017-01-13 Show GitHub Exploit DB Packet Storm
201875 5.4 警告
Network 		MetalGenix - GeniXCMS の user prompt 関数におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5515 2017-01-26 09:57 2017-01-13 Show GitHub Exploit DB Packet Storm
201876 5.4 警告
Network 		b2evolution - b2evolution のファイルタイプテーブルにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2017-5494 2017-01-25 17:08 2017-01-17 Show GitHub Exploit DB Packet Storm
201877 8 重要
Network 		CMS Made Simple - CMS Made Simple におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2016-7904 2017-01-25 17:07 2016-09-9 Show GitHub Exploit DB Packet Storm
201878 7 重要
Local 		Linux - NVIDIA GPU ドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-8449 2017-01-25 16:07 2016-09-28 Show GitHub Exploit DB Packet Storm
201879 7 重要
Local 		Linux - NVIDIA GPU ドライバにおける権限を昇格される脆弱性 CWE-284
不適切なアクセス制御 		CVE-2016-8435 2017-01-25 16:07 2016-11-7 Show GitHub Exploit DB Packet Storm
201880 7.8 重要
Local 		Linux - NVIDIA GPU ドライバにおける権限を昇格される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-8432 2017-01-25 16:07 2016-10-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2521 7.3 HIGH
Network 		redhat build_of_keycloak A flaw was found in Keycloak's Fine-Grained Admin Permissions (FGAPv2) feature. An administrator with limited client management permissions can exploit this vulnerability to assign any realm role, in… CWE-266
 Incorrect Privilege Assignment 		CVE-2026-9795 2026-06-4 04:38 2026-05-28 Show GitHub Exploit DB Packet Storm
2522 5.3 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. A remote, unauthenticated attacker can exploit this vulnerability by sending specially crafted SOAP requests to the SAML ECP (Security Assertion Markup Language Enhanced… CWE-209
Information Exposure Through an Error Message 		CVE-2026-9794 2026-06-4 04:37 2026-05-28 Show GitHub Exploit DB Packet Storm
2523 6.5 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak's Client Policies, specifically within the `org.keycloak.protocol.oidc` component. When certain condition providers (client-type, client-roles, client-attributes, client-… CWE-280
Improper Handling of Insufficient Permissions or Privileges  		CVE-2026-9792 2026-06-4 04:37 2026-05-28 Show GitHub Exploit DB Packet Storm
2524 6.8 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak. When revokeRefreshToken=true is enabled and persistent session storage is in use, a server restart can reset internal timing mechanisms. This allows a remote attacker, w… CWE-613
 Insufficient Session Expiration 		CVE-2026-9802 2026-06-4 04:36 2026-05-28 Show GitHub Exploit DB Packet Storm
2525 7.5 HIGH
Network 		winmtr winmtr WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers c… CWE-120
Classic Buffer Overflow 		CVE-2018-25426 2026-06-4 04:31 2026-05-31 Show GitHub Exploit DB Packet Storm
2526 5.3 MEDIUM
Network 		redhat build_of_keycloak A flaw was found in Keycloak's ClientRegistrationAuth component. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted POST request with a malformed 'Authori… CWE-125
Out-of-bounds Read 		CVE-2026-9803 2026-06-4 04:28 2026-05-28 Show GitHub Exploit DB Packet Storm
2527 9.8 CRITICAL
Network 		deltasql_project deltasql Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form… CWE-306
Missing Authentication for Critical Function 		CVE-2018-25412 2026-06-4 04:26 2026-05-31 Show GitHub Exploit DB Packet Storm
2528 9.8 CRITICAL
Network 		trendnet tew-432brp_firmware A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name r… CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error') 
Stack-based Buffer Overflow 		CVE-2026-10064 2026-06-4 04:19 2026-05-30 Show GitHub Exploit DB Packet Storm
2529 3.3 LOW
Local 		- - A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MD… CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error') 
Out-of-bounds Read 		CVE-2026-10233 2026-06-4 04:16 2026-06-1 Show GitHub Exploit DB Packet Storm
2530 4.3 MEDIUM
Network 		- - A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component … CWE-266
CWE-285
 Incorrect Privilege Assignment
Improper Authorization 		CVE-2026-10215 2026-06-4 04:16 2026-06-1 Show GitHub Exploit DB Packet Storm