Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 12, 2026, 12:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227551 6.8 警告 NetWebLogic - WordPress 用 Login With Ajax プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2013-2707 2013-05-13 17:31 2013-05-6 Show GitHub Exploit DB Packet Storm
227552 5 警告 シスコシステムズ - Cisco Unified Presence のサーバにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題 		CVE-2013-1242 2013-05-13 17:30 2013-05-7 Show GitHub Exploit DB Packet Storm
227553 9.3 危険 DELL EMC (旧 EMC Corporation) - EMC AlphaStor の Library Control Program におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2013-0946 2013-05-13 16:14 2013-05-9 Show GitHub Exploit DB Packet Storm
227554 5.8 警告 DELL EMC (旧 EMC Corporation) - 複数の EMC Documentum 製品における重要な情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0939 2013-05-13 16:12 2013-05-9 Show GitHub Exploit DB Packet Storm
227555 4.3 警告 DELL EMC (旧 EMC Corporation) - 複数の EMC Documentum 製品におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2013-0938 2013-05-13 15:54 2013-05-9 Show GitHub Exploit DB Packet Storm
227556 5.8 警告 DELL EMC (旧 EMC Corporation) - 複数の EMC Documentum 製品における Web セッションをハイジャックされる脆弱性 CWE-287
不適切な認証 		CVE-2013-0937 2013-05-13 15:53 2013-05-9 Show GitHub Exploit DB Packet Storm
227557 6.8 警告 IBM - Windows および Linux 上で稼働する IBM Notes における整数オーバーフローの脆弱性 CWE-189
数値処理の問題 		CVE-2013-2977 2013-05-13 15:50 2013-05-6 Show GitHub Exploit DB Packet Storm
227558 3.5 注意 IBM - IBM Sterling Multi-Channel Fulfillment Solution および Sterling Selling and Fulfillment Foundation における重要なデータベース情報を取得される脆弱性 CWE-287
不適切な認証 		CVE-2013-0578 2013-05-13 15:49 2013-05-2 Show GitHub Exploit DB Packet Storm
227559 4 警告 IBM - IBM Sterling Secure Proxy における重要な Java スタックトレース情報を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2013-0520 2013-05-13 15:46 2013-05-3 Show GitHub Exploit DB Packet Storm
227560 5 警告 IBM - IBM Sterling Secure Proxy における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2013-0519 2013-05-13 15:43 2013-05-3 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
3421 9.1 CRITICAL
Network 		- - There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to pr… CWE-306
Missing Authentication for Critical Function 		CVE-2026-9051 2026-06-2 02:06 2026-05-30 Show GitHub Exploit DB Packet Storm
3422 3.1 LOW
Network 		apache airflow The structure_data endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission on those linked Dags. An authenticated U… CWE-285
Improper Authorization 		CVE-2026-40963 2026-06-2 02:06 2026-06-1 Show GitHub Exploit DB Packet Storm
3423 6.1 MEDIUM
Network 		apache activemq
activemq_web 		Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies … CWE-79
Cross-site Scripting 		CVE-2026-42253 2026-06-2 02:06 2026-06-1 Show GitHub Exploit DB Packet Storm
3424 6.5 MEDIUM
Network 		apache airflow A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys inside a JSON template structure) to be by… CWE-200
Information Exposure 		CVE-2026-42360 2026-06-2 02:06 2026-06-1 Show GitHub Exploit DB Packet Storm
3425 8.1 HIGH
Network 		apache activemq
activemq_broker 		Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes th… CWE-20
CWE-94
 Improper Input Validation 
Code Injection 		CVE-2026-42588 2026-06-2 02:06 2026-06-1 Show GitHub Exploit DB Packet Storm
3426 5.8 MEDIUM
Network 		- - A flaw was found in Clair. The fetcher component makes outbound HTTP requests to attacker-supplied URIs from manifest layer descriptors without IP or scheme filtering. When PSK authentication is not … CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-10517 2026-06-2 01:57 2026-06-1 Show GitHub Exploit DB Packet Storm
3427 9.8 CRITICAL
Network 		- - SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9_B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints (mgmt.php, npcmd.php) that a… CWE-798
 Use of Hard-coded Credentials 		CVE-2026-24444 2026-06-2 01:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3428 7.5 HIGH
Network 		- - Usagi-org ai-goofish-monitor contains an unauthenticated arbitrary file read vulnerability in the GET /api/prompts/{filename} endpoint on Windows deployments that allows unauthenticated remote attack… CWE-36
 Absolute Path Traversal 		CVE-2026-10044 2026-06-2 01:55 2026-05-29 Show GitHub Exploit DB Packet Storm
3429 7.5 HIGH
Network 		- - Heatmiser Wifi Thermostat 1.7 contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve administrative credentials by accessing the networkSetup.htm page. Attac… CWE-256
Plaintext Storage of a Password  		CVE-2018-25396 2026-06-2 01:55 2026-05-30 Show GitHub Exploit DB Packet Storm
3430 6.5 MEDIUM
Network 		- - Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules… CWE-22
Path Traversal 		CVE-2018-25421 2026-06-2 01:55 2026-05-31 Show GitHub Exploit DB Packet Storm