Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
205661	6.1	警告 Network	株式会社ヒニアラタ	-	baserCMS 用プラグイン「メニューブックプラグイン」におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1169	2016-04-8 16:48	2016-04-6	Show	GitHub Exploit DB Packet Storm

205662	4.3	警告 Network	株式会社ヒニアラタ	-	baserCMS 用プラグイン「求人情報プラグイン」におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2016-1170	2016-04-8 16:48	2016-04-6	Show	GitHub Exploit DB Packet Storm

205663	6.1	警告 Network	株式会社ヒニアラタ	-	baserCMS 用プラグイン「求人情報プラグイン」におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2016-1169	2016-04-8 16:48	2016-04-6	Show	GitHub Exploit DB Packet Storm

205664	7.5	重要 Network	Eaton	-	Eaton Lighting EG2 Web Control における脆弱性	CWE-Other その他	CVE-2016-2272	2016-04-8 15:48	2016-04-5	Show	GitHub Exploit DB Packet Storm

205665	7.5	重要 Network	Eaton	-	Eaton Lighting EG2 Web Control における設定ファイルを読まれる脆弱性	CWE-200 情報漏えい	CVE-2016-0871	2016-04-8 15:48	2016-04-5	Show	GitHub Exploit DB Packet Storm

205666	9.8	緊急 Network	シスコシステムズ	-	Cisco UCS Invicta C3124SA アプライアンスなどの製品における root のアクセス権を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-1313	2016-04-8 15:16	2016-04-6	Show	GitHub Exploit DB Packet Storm

205667	9.8	緊急 Network	シスコシステムズ	-	Cisco Prime Infrastructure および Evolved Programmable Network Manager における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2016-1291	2016-04-8 15:16	2016-04-6	Show	GitHub Exploit DB Packet Storm

205668	8.1	重要 Network	シスコシステムズ	-	Cisco Prime Infrastructure および Evolved Programmable Network Manager の Web API における RBAC 制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2016-1290	2016-04-8 15:16	2016-04-6	Show	GitHub Exploit DB Packet Storm

205669	5.9	警告 Network	シスコシステムズ	-	Cisco Mobility Services Engine 8710 デバイス上で稼動する TelePresence Server のカーネルにおけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2016-1346	2016-04-8 15:14	2016-04-6	Show	GitHub Exploit DB Packet Storm

205670	7.5	重要 Network	シスコシステムズ	-	複数のデバイス上で稼動する Cisco TelePresence Server におけるサービス運用妨害 (DoS) の脆弱性	CWE-399 リソース管理の問題	CVE-2015-6313	2016-04-8 15:14	2015-08-17	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
341	-		-	-	Improper Certificate Validation vulnerability in ex-aws ex_aws_sns (ExAws.SNS, ExAws.SNS.PublicKeyCache modules) allows Signature Spoofing by Improper Validation. This vulnerability is associated wi… New	CWE-295 Improper Certificate Validation	CVE-2026-47074	2026-05-30 00:29	2026-05-28	Show	GitHub Exploit DB Packet Storm

342	6.1	MEDIUM Network	golang	net	Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML befo… Update	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2026-27136	2026-05-30 00:27	2026-05-23	Show	GitHub Exploit DB Packet Storm

343	9.6	CRITICAL Network	golang	net	The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com… Update	CWE-1289 Improper Validation of Unsafe Equivalence in Input	CVE-2026-39821	2026-05-30 00:26	2026-05-23	Show	GitHub Exploit DB Packet Storm

344	8.3	HIGH Network	-	-	Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… New	CWE-416 Use After Free	CVE-2026-9970	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

345	4.3	MEDIUM Network	-	-	A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to … Update	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2026-9416	2026-05-30 00:16	2026-05-25	Show	GitHub Exploit DB Packet Storm

346	4.8	MEDIUM Network	-	-	A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This v… New	CWE-444 HTTP Request Smuggling	CVE-2026-6324	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

347	4.6	MEDIUM Physics	-	-	Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-veh… New	CWE-307 CWE-400 CWE-770 mproper Restriction of Excessive Authentication Attempts Uncontrolled Resource Consumption Allocation of Resources Without Limits or Throttling	CVE-2026-49324	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

348	4.3	MEDIUM Physics	-	-	Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with… New	CWE-327 CWE-798 CWE-1390 Use of a Broken or Risky Cryptographic Algorithm Use of Hard-coded Credentials Weak Authentication	CVE-2026-49323	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

349	4.3	MEDIUM Physics	-	-	Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to… New	CWE-294 CWE-327 CWE-1390 Authentication Bypass by Capture-replay Use of a Broken or Risky Cryptographic Algorithm Weak Authentication	CVE-2026-49322	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm

350	-		-	-	WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST pa… New	CWE-345 Insufficient Verification of Data Authenticity	CVE-2026-47696	2026-05-30 00:16	2026-05-29	Show	GitHub Exploit DB Packet Storm