Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 9, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
205231 8.2 重要
Network 		シスコシステムズ - Cisco Configuration Assistant の CNAP におけるファイルシステムおよび管理エンドポイントの制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1441 2016-07-7 10:54 2016-06-30 Show GitHub Exploit DB Packet Storm
205232 8.6 重要
Network 		シスコシステムズ - Cisco FirePOWER システム ソフトウェアにおける CLI アクセス権を取得される脆弱性 CWE-255
CWE-264
CVE-2016-1394 2016-07-7 10:54 2016-06-29 Show GitHub Exploit DB Packet Storm
205233 5.3 警告
Network 		シスコシステムズ - Cisco Web セキュリティ アプライアンスデバイスのプロキシ処理におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2016-1440 2016-07-6 18:03 2016-06-27 Show GitHub Exploit DB Packet Storm
205234 6.5 警告
Adjacent 		シスコシステムズ - Cisco IOS におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2016-1425 2016-07-6 18:03 2016-06-17 Show GitHub Exploit DB Packet Storm
205235 9.8 緊急
Network 		シスコシステムズ - Cisco Prime Collaboration Provisioning における管理者権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-1416 2016-07-6 18:03 2016-06-29 Show GitHub Exploit DB Packet Storm
205236 8.8 重要
Network 		シスコシステムズ - Cisco Prime Infrastructure および Evolved Programmable Network Manager における任意のコマンドを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1408 2016-07-6 18:03 2016-06-29 Show GitHub Exploit DB Packet Storm
205237 6.5 警告
Network 		シスコシステムズ - 複数の Cisco Wireless-N VPN デバイスのファームウェアにおけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-1398 2016-07-6 18:03 2016-06-15 Show GitHub Exploit DB Packet Storm
205238 8.1 重要
Network 		シスコシステムズ - Cisco EPC3928 デバイスにおける重要な設定および資格情報を取得される脆弱性 CWE-200
CWE-264
CVE-2016-1337 2016-07-6 18:03 2016-06-7 Show GitHub Exploit DB Packet Storm
205239 7.5 重要
Network 		シスコシステムズ - Cisco EPC3928 デバイスの goform/Docsis_system におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1336 2016-07-6 18:03 2016-06-7 Show GitHub Exploit DB Packet Storm
205240 7.5 重要
Network 		シスコシステムズ - Cisco EPC3928 デバイスの goform/WClientMACList におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-1328 2016-07-6 18:03 2016-06-7 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 9, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
681 10.0 CRITICAL
Network 		- - UDS Identity Config builds the Keycloak configuration image (realm, plugins, theme, truststore, JARs) consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in t… CWE-287
CWE-303
Improper Authentication
 Incorrect Implementation of Authentication Algorithm 		CVE-2026-46389 2026-06-6 04:21 2026-06-6 Show GitHub Exploit DB Packet Storm
682 9.8 CRITICAL
Network 		- - The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to and including 1.9.4. This is due to a… CWE-285
Improper Authorization 		CVE-2026-10580 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
683 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenti… CWE-639
 Authorization Bypass Through User-Controlled Key 		CVE-2026-46390 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
684 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting (XSS) vulnerability exists in versions prior to 26.0.0 due to improper sanitization of `<iframe>` el… CWE-79
Cross-site Scripting 		CVE-2026-46396 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
685 - - - HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The applic… CWE-78
OS Command  		CVE-2026-46394 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
686 8.8 HIGH
Network 		- - The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and includ… CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2026-5411 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
687 8.8 HIGH
Network 		- - The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and includ… CWE-288
Authentication Bypass Using an Alternate Path or Channel 		CVE-2026-5415 2026-06-6 04:20 2026-06-6 Show GitHub Exploit DB Packet Storm
688 8.8 HIGH
Network 		- - Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename … CWE-78
OS Command  		CVE-2026-49492 2026-06-6 03:59 2026-06-6 Show GitHub Exploit DB Packet Storm
689 8.8 HIGH
Network 		- - Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.runInNewContext(), allowing arbitrary code execution. A… CWE-94
Code Injection 		CVE-2026-49493 2026-06-6 03:59 2026-06-6 Show GitHub Exploit DB Packet Storm
690 8.8 HIGH
Network 		- - Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - th… CWE-95
Eval Injection 		CVE-2026-50733 2026-06-6 03:59 2026-06-6 Show GitHub Exploit DB Packet Storm