Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":July 1, 2026, 2:01 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
232151 1.9 注意 thibault godouet - fcrontab の fcron における任意のファイルを読まれる脆弱性 CWE-59
リンク解釈の問題
CVE-2010-0792 2012-12-20 19:28 2010-03-5 Show GitHub Exploit DB Packet Storm
232152 7.5 危険 SoftbizScripts - Softbiz Jobs の news_desc.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-0758 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232153 6.5 警告 wikyblog - WikyBlog の index.php/Attach における任意のコードを実行される脆弱性 CWE-Other
その他
CVE-2010-0757 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232154 5.8 警告 wikyblog - WikyBlog におけるセッションをハイジャックされる脆弱性 CWE-287
不適切な認証
CVE-2010-0756 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232155 7.5 危険 wikyblog - WikyBlog の include/WBmap.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション
CVE-2010-0755 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232156 4.3 警告 wikyblog - WikyBlog の index.php/Special/Main/Templates におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-0754 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232157 5 警告 rafal wojtczuk - dsniff などの製品で使用されている libnids におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他
CVE-2010-0751 2012-12-20 19:28 2010-04-6 Show GitHub Exploit DB Packet Storm
232158 4.3 警告 ViewVC - ViewVC の lib/viewvc.py におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2010-0736 2012-12-20 19:28 2010-02-10 Show GitHub Exploit DB Packet Storm
232159 7.5 危険 systemsoftware - Auktionshaus Gelb の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-0721 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
232160 7.5 危険 systemsoftware - Erotik Auktionshaus の news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2010-0720 2012-12-20 19:28 2010-02-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1591 2.5 LOW
Local
cacti cacti Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting in rrdtool_function_update() can corrupt RRDtool metric value… CWE-474
 Use of Function with Inconsistent Implementations
CVE-2026-39894 2026-06-26 05:19 2026-06-25 Show GitHub Exploit DB Packet Storm
1592 7.6 HIGH
Network
- - Twenty is an open-source CRM (customer relationship management) platform. Prior to 2.9.0, Twenty was vulnerable to a cross-workspace insecure direct object reference (IDOR) in the AI agent monitor's … CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-55583 2026-06-26 05:18 2026-06-25 Show GitHub Exploit DB Packet Storm
1593 9.6 CRITICAL
Network
- - immich is a high performance self-hosted photo and video management solution. From commit 4ffa26c9 until 4eb1003, a reflected cross-site scripting (XSS) vulnerability on the /auth/login page allows a… CWE-79
CWE-601
Cross-site Scripting
Open Redirect
CVE-2026-53662 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1594 9.0 CRITICAL
Network
- - LobeHub is a work-and-lifestyle space to find, build, and collaborate with agent teammates that grow with you. Prior to 2.1.57, the /webapi/proxy endpoint on app.lobehub.com accepts a URL in the POST… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-54157 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1595 - - - Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap … CWE-120
Classic Buffer Overflow
CVE-2026-54257 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1596 7.8 HIGH
Local
- - rtk filters and compresses command outputs before they reach your LLM context. Prior to 0.42.2, the permission splitter did not conservatively split or reject several shell constructs that Bash treat… CWE-863
 Incorrect Authorization
CVE-2026-54555 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1597 9.6 CRITICAL
Network
- - Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for buildin… CWE-20
CWE-601
 Improper Input Validation 
Open Redirect
CVE-2026-54588 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1598 6.9 MEDIUM
Network
- - Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula Injection) in its log export functionality. User-cont… CWE-1236
 Improper Neutralization of Formula Elements in a CSV File
CVE-2026-47693 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1599 8.8 HIGH
Local
- - Style Dictionary, a build system for creating cross-platform styles, has a prototype pollution vulnerability starting in version 4.3.0 and prior to version 5.4.4. Impact users have: direct usage of `… CWE-1321
 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVE-2026-54639 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm
1600 - - - OpenColorIO is a color management framework for visual effects and animation. Prior to version 2.5.2, `FileFormatSpi3D.cpp:163` uses `sscanf` with `%s` into 64-byte stack buffers when parsing LUT dat… CWE-120
Classic Buffer Overflow
CVE-2026-42450 2026-06-26 05:18 2026-06-24 Show GitHub Exploit DB Packet Storm