Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 2, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
230131 7.8 危険 thekelleys - dnsmasq におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3214 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230132 7.5 危険 webcms - WebCMS Portal Edition の secciones/tablon/tablon.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3213 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230133 7.5 危険 scripteen - Scripteen Free Image Hosting Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-3212 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230134 7.5 危険 scripteen - Scripteen Free Image Hosting Script における認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2008-3211 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230135 5 警告 reSIProcate - repro で使用されている ReSIProcate におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3210 2012-12-20 18:52 2008-07-3 Show GitHub Exploit DB Packet Storm
230136 5 警告 simpledns - Simple DNS Plus におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3208 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230137 9.3 危険 pragyan - Pragyan CMS の cms/modules/form.lib.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-3207 2012-12-20 18:52 2008-07-18 Show GitHub Exploit DB Packet Storm
230138 4.3 警告 xomol - Xomol CMS の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-3202 2012-12-20 18:52 2008-07-17 Show GitHub Exploit DB Packet Storm
230139 7.8 危険 reSIProcate - ReSIProcate におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2008-3199 2012-12-20 18:52 2008-07-14 Show GitHub Exploit DB Packet Storm
230140 3.5 注意 The phpMyAdmin Project - phpMyAdmin におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-3197 2012-12-20 18:52 2008-07-15 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 2, 2026, 4:18 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… Update CWE-78
OS Command  		CVE-2025-41275 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
12 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… Update CWE-78
OS Command  		CVE-2025-41276 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
13 9.8 CRITICAL
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Console WebUI in Waterfall WF-500 TX and RX Hosts in versio… Update CWE-78
OS Command  		CVE-2025-41277 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
14 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-125: Out-of-bounds Read in Waterfall WF-500 RX Host in version 7.10.0.0 R2601141040 that allows attackers with access to the TX Host to execute code on the RX Ho… Update CWE-125
Out-of-bounds Read 		CVE-2025-41278 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
15 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-23: Relative Path Traversal (Zip Slip) in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows attackers with access to the TX Host to execute cod… Update CWE-23
 Relative Path Traversal 		CVE-2025-41280 2026-06-2 03:56 2026-05-29 Show GitHub Exploit DB Packet Storm
16 7.2 HIGH
Network 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in the Administration WebUI in Waterfall WF-500 RX Host in version… Update CWE-78
OS Command  		CVE-2025-41279 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
17 7.8 HIGH
Local 		waterfall-security wf-500_firmware Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that al… Update CWE-78
OS Command  		CVE-2025-41281 2026-06-2 03:55 2026-05-29 Show GitHub Exploit DB Packet Storm
18 8.6 HIGH
Network 		- - Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.… New CWE-22
Path Traversal 		CVE-2024-40646 2026-06-2 03:53 2026-06-2 Show GitHub Exploit DB Packet Storm
19 9.6 CRITICAL
Network 		- - Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At time o… New CWE-306
CWE-1385
Missing Authentication for Critical Function
 Missing Origin Validation in WebSockets 		CVE-2026-44211 2026-06-2 03:53 2026-06-2 Show GitHub Exploit DB Packet Storm
20 6.5 MEDIUM
Network 		- - Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loo… New CWE-674
CWE-835
 Uncontrolled Recursion
 Loop with Unreachable Exit Condition ('Infinite Loop') 		CVE-2026-44740 2026-06-2 03:53 2026-06-2 Show GitHub Exploit DB Packet Storm