Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 5, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
210041 6.4 警告 Squid-cache.org - Squid の pinger における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2014-7142 2015-08-31 17:31 2014-09-15 Show GitHub Exploit DB Packet Storm
210042 6.8 警告 Squid-cache.org - Squid の snmp_core.cc の snmpHandleUdp 関数 におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2014-6270 2015-08-31 17:31 2014-09-9 Show GitHub Exploit DB Packet Storm
210043 5 警告 Squid-cache.org - Squid の HttpHdrRange.cc におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-3609 2015-08-31 17:31 2014-08-28 Show GitHub Exploit DB Packet Storm
210044 5 警告 Squid-cache.org
Novell		 - Squid におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2014-0128 2015-08-31 17:31 2014-03-9 Show GitHub Exploit DB Packet Storm
210045 4.6 警告 The PHP Group - PHP における WSDL インジェクション攻撃を実行される脆弱性 CWE-Other
その他 		CVE-2013-6501 2015-08-31 17:31 2013-09-17 Show GitHub Exploit DB Packet Storm
210046 5 警告 Ruby-lang.org - Ruby の REXML パーサ の lib/rexml/text.rb におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2013-1821 2015-08-31 17:31 2013-02-22 Show GitHub Exploit DB Packet Storm
210047 5 警告 The PHP Group
アップル		 - PHP の ext/soap/soap.c 内の do_soap_call 関数における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2015-4148 2015-08-31 17:05 2015-03-19 Show GitHub Exploit DB Packet Storm
210048 7.5 危険 The PHP Group
アップル		 - PHP の ext/soap/soap.c の SoapClient::__call メソッドにおける任意のコードを実行される脆弱性 CWE-Other
その他 		CVE-2015-4147 2015-08-31 17:05 2015-03-19 Show GitHub Exploit DB Packet Storm
210049 7.5 危険 The PHP Group
アップル		 - PHP の pcntl_exec の実装における拡張子の制限を回避される脆弱性 CWE-Other
その他 		CVE-2015-4026 2015-08-31 17:05 2015-05-14 Show GitHub Exploit DB Packet Storm
210050 7.5 危険 The PHP Group
アップル		 - PHP における拡張子の制限を回避される脆弱性 CWE-Other
その他 		CVE-2015-4025 2015-08-31 17:05 2015-05-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 6.5 MEDIUM
Network 		- - IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 return sensitive data to the user which are not required fo… New CWE-201
 Insertion of Sensitive Information Into Sent Data 		CVE-2026-42539 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
192 4.3 MEDIUM
Network 		- - IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 allow a user to alter values in the database via manipulate… New CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes 		CVE-2026-42540 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
193 4.3 MEDIUM
Network 		- - IRIS is a web collaborative platform that helps incident responders share technical details during investigations. Versions prior to 2.4.28 are vulnerable to a cross-site request forgery attack, beca… New CWE-650
 Trusting HTTP Permission Methods on the Server Side 		CVE-2026-42543 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
194 5.4 MEDIUM
Network 		- - IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assi… New CWE-863
 Incorrect Authorization 		CVE-2026-42547 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
195 7.6 HIGH
Network 		- - Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-edit… New CWE-79
Cross-site Scripting 		CVE-2026-41518 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
196 - - - Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at `/graphql… New CWE-285
Improper Authorization 		CVE-2026-41522 2026-06-6 01:00 2026-06-5 Show GitHub Exploit DB Packet Storm
197 9.8 CRITICAL
Network 		- - Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality N… New CWE-287
CWE-306
CWE-1390
Improper Authentication
Missing Authentication for Critical Function
 Weak Authentication 		CVE-2026-6274 2026-06-6 00:56 2026-06-5 Show GitHub Exploit DB Packet Storm
198 9.8 CRITICAL
Network 		- - SQLite 'sqldiff.exe' does not securely handle the way the Microsoft Windows C runtime converts Unicode characters to ANSI codepages. An attacker could use the '-L' option to load an arbitrary DLL wi… New CWE-176
 Improper Handling of Unicode Encoding 		CVE-2025-71316 2026-06-6 00:56 2026-06-5 Show GitHub Exploit DB Packet Storm
199 - - - Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially cr… New CWE-228
 Improper Handling of Syntactically Invalid Structure 		CVE-2026-25657 2026-06-6 00:56 2026-06-5 Show GitHub Exploit DB Packet Storm
200 - - - Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Missing Values (CWE-230) vulnerability where an attacker continuously sending a specially crafted message can… New CWE-230
 Improper Handling of Missing Values 		CVE-2026-25658 2026-06-6 00:56 2026-06-5 Show GitHub Exploit DB Packet Storm