Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 30, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
225831 4.3 警告 MICROSYS - MICROSYS PROMOTIC の ActiveX コンポーネントにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4520 2013-05-27 16:02 2011-11-28 Show GitHub Exploit DB Packet Storm
225832 5 警告 Wireshark - Wireshark の SCTP 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6056 2013-05-27 16:02 2012-11-28 Show GitHub Exploit DB Packet Storm
225833 4.3 警告 MICROSYS - MICROSYS PROMOTIC の ActiveX コンポーネントにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2011-4519 2013-05-27 16:01 2011-11-28 Show GitHub Exploit DB Packet Storm
225834 5 警告 Wireshark - Wireshark の 3GPP2 A1 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6055 2013-05-27 15:59 2012-11-28 Show GitHub Exploit DB Packet Storm
225835 5 警告 MICROSYS - MICROSYS PROMOTIC の Web サーバにおけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2011-4518 2013-05-27 15:59 2011-11-28 Show GitHub Exploit DB Packet Storm
225836 4.3 警告 Elgg - Elgg の engine/lib/access.php における、個人のエンティティを読まれる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6563 2013-05-27 15:58 2012-05-19 Show GitHub Exploit DB Packet Storm
225837 5 警告 Wireshark - Wireshark の sFlow 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6054 2013-05-27 15:57 2012-11-28 Show GitHub Exploit DB Packet Storm
225838 6.8 警告 Elgg - Elgg の engine/lib/users.php における任意のアカウントを作成される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-6562 2013-05-27 15:57 2012-05-19 Show GitHub Exploit DB Packet Storm
225839 4.3 警告 Elgg - Elgg の engine/lib/views.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-6561 2013-05-27 15:55 2012-05-19 Show GitHub Exploit DB Packet Storm
225840 5 警告 Wireshark - Wireshark の USB 解析機能におけるサービス運用妨害 (無限ループ) の脆弱性 CWE-189
数値処理の問題 		CVE-2012-6053 2013-05-27 15:55 2012-11-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 30, 2026, 4:16 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2611 6.1 MEDIUM
Network 		- - Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal Drupal core allows Cross-Site Scripting (XSS). This issue affects Drupal core: from 8.0.0… CWE-79
Cross-site Scripting 		CVE-2026-6365 2026-05-20 23:17 2026-05-20 Show GitHub Exploit DB Packet Storm
2612 6.1 MEDIUM
Network 		- - Template::Plugin::HTML versions through 3.102 for Perl allows HTML and JavaScript to be injected. The html_filter function did not escape single quotes. HTML attributes inside of single quotes could… CWE-79
Cross-site Scripting 		CVE-2026-5090 2026-05-20 23:17 2026-05-20 Show GitHub Exploit DB Packet Storm
2613 6.8 MEDIUM
Network 		- - Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to Local File Inclusion, al… CWE-22
CWE-73
Path Traversal
 External Control of File Name or Path 		CVE-2026-35593 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2614 6.8 MEDIUM
Network 		- - EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below allow authenticated users to upload SVG attachments through normal attachment-capable fields and later… CWE-79
Cross-site Scripting 		CVE-2026-33741 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2615 6.5 MEDIUM
Network 		- - libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with strict_decoding=false (the default), a corrupted tile silently fails to … CWE-200
CWE-908
Information Exposure
 Use of Uninitialized Resource 		CVE-2026-32814 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2616 9.1 CRITICAL
Network 		- - API endpoints in LalanaChami Pharmacy Management System (commit 5c3d028) lack authentication middleware. Unauthenticated remote attackers can exploit this to dump all user records (including bcrypt p… CWE-306
Missing Authentication for Critical Function 		CVE-2026-31071 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2617 9.8 CRITICAL
Network 		- - The LalanaChami Pharmacy Management System (commit 5c3d028) allows unauthenticated remote attackers to escalate privileges by self-assigning an administrative role during registration. The /api/user/… CWE-269
 Improper Privilege Management 		CVE-2026-31070 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2618 8.8 HIGH
Network 		- - BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpo… CWE-89
SQL Injection 		CVE-2026-31069 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2619 9.8 CRITICAL
Network 		- - scalar/astro v0.1.13 was discovered to contain a Server-Side Request Forgery (SSRF) in the scalar_url query parameter of the Scalar Proxy endpoint. This vulnerability allows unauthenticated attackers… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-30118 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm
2620 9.8 CRITICAL
Network 		- - scalar/astro v0.1.13 was discovered to contain an arbitrary file upload vulnerability in the the scalar_url query parameter of the Scalar Proxy endpoint. This vulnerability allows attackers to execut… CWE-94
Code Injection 		CVE-2026-30117 2026-05-20 23:16 2026-05-20 Show GitHub Exploit DB Packet Storm