Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 6, 2026, noon

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
227931 10 危険 マイクロソフト
アドビシステムズ		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-4165 2012-12-26 13:56 2012-08-21 Show GitHub Exploit DB Packet Storm
227932 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5251 2012-12-26 13:55 2012-10-8 Show GitHub Exploit DB Packet Storm
227933 10 危険 マイクロソフト
アドビシステムズ		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-4164 2012-12-26 13:55 2012-08-21 Show GitHub Exploit DB Packet Storm
227934 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5250 2012-12-26 13:54 2012-10-8 Show GitHub Exploit DB Packet Storm
227935 10 危険 マイクロソフト
アドビシステムズ		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-4163 2012-12-26 13:54 2012-08-21 Show GitHub Exploit DB Packet Storm
227936 10 危険 マイクロソフト
アドビシステムズ
Google		 - Adobe Flash Player および Adobe AIR におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-5249 2012-12-26 13:53 2012-10-8 Show GitHub Exploit DB Packet Storm
227937 9.3 危険 マイクロソフト
アドビシステムズ		 - Adobe Flash Player における任意のコードを実行される脆弱性 CWE-noinfo
情報不足 		CVE-2012-1535 2012-12-26 13:52 2012-08-14 Show GitHub Exploit DB Packet Storm
227938 5.8 警告 マイクロソフト - Microsoft Windows Server 2008 R2 および Windows Server 2012 におけるアクセス制限を回避される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-2549 2012-12-26 13:48 2012-12-11 Show GitHub Exploit DB Packet Storm
227939 4.3 警告 Haxx
サイバートラスト株式会社
VMware
レッドハット		 - libcurl の Curl_input_negotiate 関数におけるクライアントになりすまされる脆弱性 CWE-255
証明書・パスワード管理 		CVE-2011-2192 2012-12-26 12:14 2011-06-23 Show GitHub Exploit DB Packet Storm
227940 4.9 警告 サイバートラスト株式会社
VMware
Linux
レッドハット		 - Linux kernel の include/asm-x86/futex.h におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2010-3086 2012-12-26 12:04 2010-11-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 6, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2661 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.39.0, the OAuth2 token fetch function in packages/server/src/sdk/workspace/oauth2/utils.ts uses raw fetch(config.url) with no SSRF protection.… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-48146 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2662 5.3 MEDIUM
Network 		- - Mojolicious::Plugin::Statsd versions through 0.04 for Perl allowed metric injections. The metric names and set values were not checked for newlines, colons or pipes. Metrics generated from untrusted… CWE-93
CRLF Injection 		CVE-2026-46740 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2663 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.3, removeSecrets at packages/server/src/sdk/workspace/datasources/datasources.ts masks only datasource config fields whose schema type is D… CWE-200
Information Exposure 		CVE-2026-46427 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2664 4.2 MEDIUM
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.2, the public API role unassignment endpoint (POST /api/public/v1/roles/unassign) updates user documents in CouchDB but does not invalidate… CWE-269
 Improper Privilege Management 		CVE-2026-46424 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2665 5.4 MEDIUM
Network 		- - Budibase is an open-source low-code platform. Prior to 3.38.1, the row action trigger endpoint (POST /api/tables/:sourceId/actions/:actionId/trigger) fails to validate that the user-supplied rowId is… CWE-863
 Incorrect Authorization 		CVE-2026-45718 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2666 5.4 MEDIUM
Network 		- - WeGIA is a web manager for charitable institutions. Prior to 3.7.3, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically th… CWE-601
Open Redirect 		CVE-2026-45335 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2667 7.5 HIGH
Network 		- - Dalfox is a powerful open-source XSS scanner and utility focused on automation. Prior to 2.13.0, ParameterAnalysis in pkg/scanning/parameterAnalysis.go runs two sequential worker stages that both wri… CWE-362
CWE-404
Race Condition
 Improper Resource Shutdown or Release 		CVE-2026-45090 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2668 7.7 HIGH
Network 		- - Budibase is an open-source low-code platform. Prior to 3.35.10, the Plugin URL upload endpoint (POST /api/plugin) validates the submitted URL with a single substring check: url.includes(".tar.gz"). A… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2026-45061 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm
2669 4.8 MEDIUM
Network 		- - Lumiverse is a full-featured AI chat application. Prior to 0.9.7, consumeNonce() only checks that the module-level variable is set and unexpired. It does not validate any value from the incoming HTTP… CWE-362
Race Condition 		CVE-2026-44443 2026-05-29 01:16 2026-05-27 Show GitHub Exploit DB Packet Storm
2670 5.3 MEDIUM
Network 		- - FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to t… CWE-200
Information Exposure 		CVE-2026-42878 2026-05-29 01:16 2026-05-28 Show GitHub Exploit DB Packet Storm