Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
231781 2.1 注意 speedtech - Drupal 用の Storm モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-2158 2012-12-20 19:29 2010-05-19 Show GitHub Exploit DB Packet Storm
231782 4.3 警告 zonecheck - ZoneCheck の zc/publisher/html.rb におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-2155 2012-12-20 19:29 2010-05-26 Show GitHub Exploit DB Packet Storm
231783 6.8 警告 Tecnick.com - TCExam の admin/code/tce_functions_tcecode_editor.php における任意のコードを実行される脆弱性 CWE-Other
その他
CVE-2010-2153 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231784 7.5 危険 unisoft - Joomla! 用の My Car コンポーネントにおける SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-2148 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231785 4.3 警告 unisoft - Joomla! 用の My Car コンポーネントにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-2147 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231786 7.5 危険 richrumble - ClearSite における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2010-2145 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231787 4.3 警告 zeeways - Zeeways eBay Clone Auction Script の signinform.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-2144 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231788 7.5 危険 Symphony CMS - Symphony CMS の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2010-2143 2012-12-20 19:29 2010-06-3 Show GitHub Exploit DB Packet Storm
231789 7.5 危険 snipegallery - Snipe Gallery における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2010-2126 2012-12-20 19:29 2010-06-1 Show GitHub Exploit DB Packet Storm
231790 2.1 注意 systemseed - Drupal 用の Rotor Banner モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-2125 2012-12-20 19:29 2010-05-20 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1581 6.5 MEDIUM
Network
- - motionEye (mEye) is an online interface for motion software, which is a video surveillance program with motion detection. Versions prior to 0.44.0 are vulnerable to path traversal in the picture and … CWE-22
CWE-284
Path Traversal
Improper Access Control
CVE-2026-31978 2026-06-26 08:17 2026-06-25 Show GitHub Exploit DB Packet Storm
1582 5.4 MEDIUM
Network
- - Kanboard through 1.2.52, fixed in commit 928c68a, UserViewController::removeSession fails to validate the session id parameter before passing it to RememberMeSessionModel::remove, allowing authentica… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-56774 2026-06-26 07:17 2026-06-26 Show GitHub Exploit DB Packet Storm
1583 8.8 HIGH
Network
- - Maxun before 0.0.42 contains a cross-tenant insecure direct object reference vulnerability in storage and webhook API handlers that allows authenticated users to access other users' robots and OAuth … CWE-862
 Missing Authorization
CVE-2026-56767 2026-06-26 06:16 2026-06-26 Show GitHub Exploit DB Packet Storm
1584 - - - Gogs is an open source self-hosted Git service. Prior to 0.14.3, the Jupyter Notebook (ipynb) sanitizer endpoint at POST /-/api/sanitize_ipynb allows arbitrary data: URIs without proper restrictions,… CWE-80
Basic XSS
CVE-2026-52816 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1585 3.5 LOW
Network
- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, specially crafted issue index pattern can cause a panic when rendering, resulting in denial of service. In internal/markup/markup.go, … CWE-1336
 Improper Neutralization of Special Elements Used in a Template Engine
CVE-2026-52796 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1586 4.9 MEDIUM
Network
- - Gogs is an open source self-hosted Git service. Prior to 0.14.3, a malicious user with rights to create a new file on a repository or wiki page can trigger a denial of service condition in which the … CWE-20
 Improper Input Validation 
CVE-2025-64719 2026-06-26 06:16 2026-06-25 Show GitHub Exploit DB Packet Storm
1587 5.5 MEDIUM
Local
- - Argument Injection in TortoiseGitBlame via Malicious Git History Filenames Leads to Arbitrary File Write in TortoiseGit CWE-88
Argument Injection
CVE-2026-11968 2026-06-26 05:21 2026-06-24 Show GitHub Exploit DB Packet Storm
1588 8.0 HIGH
Network
- - py7zr is a Python-based library and utility to support 7zip archive compression, decompression, encryption and decryption. Versions 1.1.2 and below contain an an arbitrary file write vulnerability, w… CWE-59
Link Following
CVE-2026-23879 2026-06-26 05:21 2026-06-25 Show GitHub Exploit DB Packet Storm
1589 7.2 HIGH
Network
- - 3X-UI is a web control panel for managing Xray-core servers. Prior to 3.3.1, an authenticated administrator can abuse the database import functionality to achieve arbitrary file write on the host by … CWE-73
 External Control of File Name or Path
CVE-2026-55477 2026-06-26 05:21 2026-06-26 Show GitHub Exploit DB Packet Storm
1590 3.5 LOW
Network
- - HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario. CWE-284
CWE-319
Improper Access Control
Cleartext Transmission of Sensitive Information
CVE-2025-15619 2026-06-26 05:20 2026-06-24 Show GitHub Exploit DB Packet Storm