Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, 2 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
222601 4.3 警告 オラクル - Oracle MySQL の MySQL Server における Thread Pooling に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0433 2014-01-17 17:14 2014-01-14 Show GitHub Exploit DB Packet Storm
222602 1.7 注意 オラクル - Oracle Sun Solaris における Audit に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5885 2014-01-17 16:27 2014-01-14 Show GitHub Exploit DB Packet Storm
222603 3.2 注意 オラクル - Oracle Sun Solaris における Kernel に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5883 2014-01-17 16:25 2014-01-14 Show GitHub Exploit DB Packet Storm
222604 4.9 警告 オラクル - Oracle Sun Solaris における Kernel に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5876 2014-01-17 16:23 2014-01-14 Show GitHub Exploit DB Packet Storm
222605 2.7 注意 オラクル - Oracle Sun Solaris における Role Based Access Control に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5875 2014-01-17 16:21 2014-01-14 Show GitHub Exploit DB Packet Storm
222606 2.1 注意 オラクル - Oracle Sun Solaris における Name Service Cache Daemon に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5872 2014-01-17 16:19 2014-01-14 Show GitHub Exploit DB Packet Storm
222607 6.2 警告 オラクル - Oracle Sun Solaris における "ps" command line utility に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5834 2014-01-17 16:17 2014-01-14 Show GitHub Exploit DB Packet Storm
222608 4.9 警告 オラクル - Oracle Sun Solaris における Filesystem に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5833 2014-01-17 16:15 2014-01-14 Show GitHub Exploit DB Packet Storm
222609 4.6 警告 オラクル - Oracle Sun Solaris における Remote Procedure Call に関する脆弱性 CWE-noinfo
情報不足 		CVE-2013-5821 2014-01-17 16:12 2014-01-14 Show GitHub Exploit DB Packet Storm
222610 4.3 警告 オラクル - Oracle PeopleSoft Products の PeopleSoft Enterprise PeopleTools における PIA Core Technology に関する脆弱性 CWE-noinfo
情報不足 		CVE-2014-0445 2014-01-17 15:59 2014-01-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1991 7.1 HIGH
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in E2Pdf.Com e2pdf allows Reflected XSS. This issue affects e2pdf: from n/a through 1.32.14. CWE-79
Cross-site Scripting 		CVE-2026-42681 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1992 9.1 CRITICAL
Network 		- - Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6. CWE-862
 Missing Authorization 		CVE-2026-42682 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1993 7.1 HIGH
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooki… CWE-79
Cross-site Scripting 		CVE-2026-42683 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1994 7.1 HIGH
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VeronaLabs WP Statistics allows DOM-Based XSS. This issue affects WP Statistics: from n/a throug… CWE-79
Cross-site Scripting 		CVE-2026-48839 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1995 7.1 HIGH
Network 		- - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress allows Reflected XSS. This issue affects LearnPress: from n/a through 4.3.6. CWE-79
Cross-site Scripting 		CVE-2026-48865 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1996 9.6 CRITICAL
Network 		- - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a thro… CWE-22
Path Traversal 		CVE-2026-48866 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1997 9.8 CRITICAL
Network 		- - Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17. CWE-266
 Incorrect Privilege Assignment 		CVE-2026-48879 2026-06-2 01:41 2026-06-2 Show GitHub Exploit DB Packet Storm
1998 - - - Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-refere… CWE-125
Out-of-bounds Read 		CVE-2026-8796 2026-06-2 01:37 2026-06-1 Show GitHub Exploit DB Packet Storm
1999 - - - SOPlanning does not enforce authorization for backup functionalities. An unauthenticated attacker can directly query backup-related endpoints and retrieve backup archives containing user databases wi… CWE-862
 Missing Authorization 		CVE-2026-40543 2026-06-2 01:37 2026-06-1 Show GitHub Exploit DB Packet Storm
2000 - - - SOPlanning is vulnerable to Stored Cross-Site Scripting (XSS) via /process/upload_backup endpoint. An authenticated attacker with access to the backup functionality can upload a crafted ZIP archive c… CWE-79
Cross-site Scripting 		CVE-2026-40544 2026-06-2 01:37 2026-06-1 Show GitHub Exploit DB Packet Storm