Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 18, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
220671 6.5 警告 Ando Saabas - Sphider の admin/admin.php における任意の PHP コードを settings/conf.php に挿入される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-5194 2014-08-11 11:57 2014-07-28 Show GitHub Exploit DB Packet Storm
220672 4.3 警告 Ando Saabas - Sphider の admin/admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-5193 2014-08-11 11:56 2014-07-28 Show GitHub Exploit DB Packet Storm
220673 7.5 危険 Ando Saabas - Sphider の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5192 2014-08-11 11:56 2014-07-28 Show GitHub Exploit DB Packet Storm
220674 7.5 危険 Ando Saabas - 複数の Sphider 製品における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5082 2014-08-11 11:56 2014-06-20 Show GitHub Exploit DB Packet Storm
220675 7.2 危険 Ayatana Project - Ubuntu で使用される Unity におけるロック画面を回避される脆弱性 CWE-362
競合状態 		CVE-2014-5195 2014-08-11 11:46 2014-07-31 Show GitHub Exploit DB Packet Storm
220676 4.3 警告 CKEditor Team - CKEditor におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-5191 2014-08-11 11:36 2014-07-15 Show GitHub Exploit DB Packet Storm
220677 4.3 警告 freelinking Project
Freelinking for Case Tracker Project		 - Freelinking for Case Tracker モジュールで使用される Drupal 用 freelinking モジュールにおける重要な情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2014-5179 2014-08-8 19:11 2014-07-23 Show GitHub Exploit DB Packet Storm
220678 6.8 警告 Debian
Canonical		 - reportbug における任意のコマンドを実行される脆弱性 CWE-94
コード・インジェクション 		CVE-2014-0479 2014-08-8 19:11 2014-08-5 Show GitHub Exploit DB Packet Storm
220679 4.3 警告 Mike Challis - WordPress 用 SI CAPTCHA Anti-Spam プラグインの captcha-secureimage/test/index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2014-5190 2014-08-8 18:59 2014-08-3 Show GitHub Exploit DB Packet Storm
220680 7.5 危険 Ariel Sanders - WordPress 用 Lead Octopus プラグインの lib/optin/optin_page.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2014-5189 2014-08-8 18:54 2014-07-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3991 9.1 CRITICAL
Network 		- - Casdoor versions 2.362.0 and earlier contain a vulnerability involving unverified email binding that may enable account takeover. The getExistUserByBindingRule function matches users by email without… - CVE-2026-9092 2026-06-2 04:16 2026-05-29 Show GitHub Exploit DB Packet Storm
3992 4.3 MEDIUM
Network 		- - FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox m… CWE-285
Improper Authorization 		CVE-2026-48810 2026-06-2 04:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3993 9.0 CRITICAL
Network 		- - Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users … CWE-78
OS Command  		CVE-2026-45630 2026-06-2 04:16 2026-05-30 Show GitHub Exploit DB Packet Storm
3994 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… CWE-78
OS Command  		CVE-2025-41265 2026-06-2 03:58 2026-05-29 Show GitHub Exploit DB Packet Storm
3995 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… CWE-78
OS Command  		CVE-2025-41266 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm
3996 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 TX Host in version… CWE-78
OS Command  		CVE-2025-41267 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm
3997 9.1 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Administration WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated att… CWE-23
 Relative Path Traversal 		CVE-2025-41268 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm
3998 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… CWE-78
OS Command  		CVE-2025-41269 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm
3999 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… CWE-78
OS Command  		CVE-2025-41270 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm
4000 7.5 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers … CWE-23
 Relative Path Traversal 		CVE-2025-41271 2026-06-2 03:57 2026-05-29 Show GitHub Exploit DB Packet Storm