Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 6, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
207591 5.5 警告 Zoho Corporation - Zoho ManageEngine SupportCenter Plus におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-5149 2015-07-2 10:48 2015-06-19 Show GitHub Exploit DB Packet Storm
207592 7.5 危険 LivelyCart - LivelyCart における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-5148 2015-07-2 10:27 2015-06-18 Show GitHub Exploit DB Packet Storm
207593 5.8 警告 日立
(複数のベンダ)		 - 信頼できないパラメータを使用して生成した Dual_EC_DRBG の出力結果が推測可能な問題 CWE-310
CWE-Other
CVE-2007-6755 2015-07-1 17:17 2013-11-7 Show GitHub Exploit DB Packet Storm
207594 6.4 警告 Swiftkey
サムスン		 - 複数の Samsung Galaxy 製品の SwiftKey の言語パックのアップデートの実装におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-4641 2015-07-1 13:53 2015-06-16 Show GitHub Exploit DB Packet Storm
207595 2.9 注意 Swiftkey
サムスン		 - 複数の Samsung Galaxy 製品の SwiftKey の言語パックのアップデートの実装における言語パックのファイルに書き込まれる脆弱性 CWE-Other
その他 		CVE-2015-4640 2015-07-1 13:52 2015-06-16 Show GitHub Exploit DB Packet Storm
207596 7.8 危険 シスコシステムズ - Cisco Headend System Release におけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2015-4227 2015-07-1 11:50 2015-06-29 Show GitHub Exploit DB Packet Storm
207597 5 警告 シスコシステムズ - Cisco Unified Communications Domain Manager の Web フレームワークにおける重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2015-4229 2015-07-1 11:50 2015-06-29 Show GitHub Exploit DB Packet Storm
207598 5 警告 IBM - IBM Rational Test Workbench および Rational Test Virtualization Server の Rational Test Control Panel における認証を回避される脆弱性 CWE-310
暗号の問題 		CVE-2015-1913 2015-07-1 10:34 2015-06-18 Show GitHub Exploit DB Packet Storm
207599 5 警告 IBM - IBM WebSphere Commerce における CRLF インジェクションの脆弱性 CWE-Other
その他 		CVE-2015-0196 2015-06-30 16:20 2015-01-28 Show GitHub Exploit DB Packet Storm
207600 4.3 警告 IBM - IBM WebSphere MQ Internet Pass-Thru の HTTP 接続管理機能における MQ メッセージデータ上の制限を回避される脆弱性 CWE-Other
その他 		CVE-2015-0173 2015-06-30 16:20 2015-06-11 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 6, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
171 6.4 MEDIUM
Network 		- - The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `clippy` shortcode in all versions up to, and including, 1.0.0. This is due to insufficient input sani… New CWE-79
Cross-site Scripting 		CVE-2026-5505 2026-05-5 12:16 2026-05-5 Show GitHub Exploit DB Packet Storm
172 5.5 MEDIUM
Network 		- - The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction] shortcode in all versions up to,… New CWE-79
Cross-site Scripting 		CVE-2026-5247 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
173 7.5 HIGH
Network 		- - The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplie… New CWE-89
SQL Injection 		CVE-2026-5100 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
174 6.4 MEDIUM
Network 		- - The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all v… New CWE-79
Cross-site Scripting 		CVE-2026-4730 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
175 6.5 MEDIUM
Network 		- - The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up … New CWE-200
Information Exposure 		CVE-2026-4409 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
176 6.4 MEDIUM
Network 		- - The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'separatorIconSVG' parameter in versions up to, and includi… New CWE-79
Cross-site Scripting 		CVE-2026-2868 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
177 4.9 MEDIUM
Network 		- - The Loco Translate plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.8.2 via the `fsReference` AJAX route. This is due to the `findSourceFile()` method norm… New CWE-22
Path Traversal 		CVE-2026-1921 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
178 9.8 CRITICAL
Network 		- - The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the plugin not properly restricting the roles that users can regis… New CWE-269
 Improper Privilege Management 		CVE-2025-13618 2026-05-5 12:15 2026-05-5 Show GitHub Exploit DB Packet Storm
179 9.1 CRITICAL
Network 		gnu
redhat 		gnutls
openshift_container_platform
enterprise_linux 		A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This… Update CWE-191
 Integer Underflow (Wrap or Wraparound) 		CVE-2026-33845 2026-05-5 12:03 2026-05-1 Show GitHub Exploit DB Packet Storm
180 7.5 HIGH
Network 		u-speed n300_firmware A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management in… Update CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-36958 2026-05-5 12:00 2026-05-1 Show GitHub Exploit DB Packet Storm