Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 4, 2026, 4 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
211541 4.9 警告 Web-Dorado - Drupal 用 Spider Video Player モジュールにおける任意のファイルを削除される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2015-4351 2015-06-18 15:37 2015-02-25 Show GitHub Exploit DB Packet Storm
211542 6.8 警告 Web-Dorado - Drupal 用 Spider Catalog モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-4350 2015-06-18 15:37 2015-02-25 Show GitHub Exploit DB Packet Storm
211543 5.8 警告 Web-Dorado - Drupal 用 Spider Contacts モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-4349 2015-06-18 15:37 2015-02-25 Show GitHub Exploit DB Packet Storm
211544 6 警告 Web-Dorado - Drupal 用 Spider Contacts モジュールにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-4348 2015-06-18 15:37 2015-02-25 Show GitHub Exploit DB Packet Storm
211545 4.3 警告 inLinks Integration project - Drupal 用 inLinks Integration モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-4347 2015-06-18 15:37 2015-02-25 Show GitHub Exploit DB Packet Storm
211546 4.3 警告 マカフィー - Intel McAfee ePolicy Orchestrator の Java Core Web サービスの 製品展開機能におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-4559 2015-06-18 12:15 2015-06-4 Show GitHub Exploit DB Packet Storm
211547 6.8 警告 ISPConfig - ISPConfig におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2015-4119 2015-06-18 11:55 2015-06-4 Show GitHub Exploit DB Packet Storm
211548 6.5 警告 ISPConfig - ISPConfig の monitor/show_sys_state.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2015-4118 2015-06-18 11:55 2015-06-4 Show GitHub Exploit DB Packet Storm
211549 6.4 警告 Elasticsearch - Elasticsearch Logstash のファイル出力プラグインにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2015-4152 2015-06-18 11:00 2015-06-9 Show GitHub Exploit DB Packet Storm
211550 4.3 警告 Elasticsearch - Elasticsearch Kibana におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2015-4093 2015-06-18 10:48 2015-06-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 4, 2026, 4:17 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3001 3.3 LOW
Local 		- - A security flaw has been discovered in GNU LibreDWG up to 0.14. The affected element is the function match_BLOCK_HEADER of the file dwggrep.c of the component Dwggrep Utility. Performing a manipulati… CWE-404
CWE-476
 Improper Resource Shutdown or Release
 NULL Pointer Dereference 		CVE-2026-9529 2026-05-26 14:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3002 7.3 HIGH
Network 		- - A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /admin/delete_judge.php. Such manipulation of the argument judge_id leads to … CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9528 2026-05-26 14:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3003 4.3 MEDIUM
Network 		- - A vulnerability was determined in itsourcecode Electronic Judging System 1.0. This issue affects some unknown processing of the file /admin/judges.php. This manipulation of the argument fname causes … CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-9527 2026-05-26 14:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3004 7.3 HIGH
Network 		- - A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/edit_team.php. The manipulation of the argument num_id results in s… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9526 2026-05-26 14:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3005 7.3 HIGH
Network 		- - A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /admin/edit_judge.php. The manipulation of the argument judge_id leads to sql in… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9525 2026-05-26 13:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3006 6.3 MEDIUM
Network 		- - A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522_Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportPa… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9524 2026-05-26 13:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3007 7.3 HIGH
Network 		- - A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /Subs… CWE-74
CWE-89
Injection
SQL Injection 		CVE-2026-9523 2026-05-26 13:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3008 7.3 HIGH
Network 		- - A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the function loadFromSharedState in the library include/bitsery/ext/std_smart_ptr.h. Such manipulation leads to … CWE-20
CWE-1287
 Improper Input Validation 
 Improper Validation of Specified Type of Input 		CVE-2026-9521 2026-05-26 11:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3009 4.3 MEDIUM
Network 		- - A weakness has been identified in blitz-js blitz up to 3.0.2 on GitHub. This impacts an unknown function of the file packages/generator/templates/app/src/app/auth/components/LoginForm.tsx of the comp… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-9520 2026-05-26 11:16 2026-05-26 Show GitHub Exploit DB Packet Storm
3010 4.3 MEDIUM
Network 		- - A security flaw has been discovered in stonith404 pingvin-share up to 1.13.0. This affects the function getServerSideProps of the file frontend/src/pages/auth/signIn.tsx of the component Sign-in Auto… CWE-79
CWE-94
Cross-site Scripting
Code Injection 		CVE-2026-9519 2026-05-26 11:16 2026-05-26 Show GitHub Exploit DB Packet Storm