Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 17, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
232621 10 危険 Xerox - Xerox WorkCentre 7655 などの Web Services における変更を設定される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2824 2012-12-20 18:52 2008-06-12 Show GitHub Exploit DB Packet Storm
232622 7.5 危険 phpeasynews - PHPeasyblog の newsarchive.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2823 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
232623 4.3 警告 shoutcastadmin - WallCity-Server Shoutcast Admin Panel におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2814 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
232624 6.8 警告 shoutcastadmin - WallCity-Server Shoutcast Admin Panel の index.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル 		CVE-2008-2813 2012-12-20 18:52 2008-06-23 Show GitHub Exploit DB Packet Storm
232625 6.8 警告 シマンテック - Symantec Altiris Notification Server Agent の GUI における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2794 2012-12-20 18:52 2008-06-17 Show GitHub Exploit DB Packet Storm
232626 6.4 警告 Spamdyke - spamdyke の smtp_filter 関数におけるオープンメールリレーとしてサーバを使用される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-2784 2012-12-20 18:52 2008-06-19 Show GitHub Exploit DB Packet Storm
232627 7.5 危険 revokesoft - RevokeBB の Search System における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2778 2012-12-20 18:52 2008-06-19 Show GitHub Exploit DB Packet Storm
232628 7.5 危険 phpraider - Simple Machines phpRaider の authentication/smf/smf.functions.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2008-2769 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232629 3.5 注意 xigla - Xigla Poll Manager XE の admin/search.asp におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-2768 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
232630 6.5 警告 xigla - Xigla Poll Manager XE の search.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-2767 2012-12-20 18:52 2008-06-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:June 18, 2026, 4 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2211 7.5 HIGH
Network 		- - Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the albid parameter. Attackers can send requests to mac… CWE-22
Path Traversal 		CVE-2017-20250 2026-06-9 22:51 2026-06-9 Show GitHub Exploit DB Packet Storm
2212 9.8 CRITICAL
Network 		- - WordPress Insert PHP plugin versions before 3.3.1 contain a PHP code injection vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by injecting malicious shortcodes thro… CWE-94
Code Injection 		CVE-2017-20251 2026-06-9 22:51 2026-06-9 Show GitHub Exploit DB Packet Storm
2213 7.8 HIGH
Local 		- - A YAML injection vulnerability exists in the Windows.Collectors.Remapping artifact of Rapid7 Velociraptor before version 0.76.6. The hostname field in client_info.json inside a collection ZIP is inse… CWE-74
CWE-94
CWE-116
Injection
Code Injection
 Improper Encoding or Escaping of Output 		CVE-2026-8795 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2214 7.5 HIGH
Network 		- - In Micrometer, it is possible for a user to provide specially crafted gRPC requests that may cause a denial-of-service (DoS) condition. Affected versions: Micrometer 1.16.0 through 1.16.5; 1.15.0 th… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-40983 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2215 7.5 HIGH
Network 		- - In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-40984 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2216 5.9 MEDIUM
Network 		- - An attacker can craft a large number of unique requests that trigger a failure, exhausting the capacity of the application-wide stateful retry cache. Once the cache is full, it permanently rejects an… CWE-770
 Allocation of Resources Without Limits or Throttling 		CVE-2026-41710 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2217 6.1 MEDIUM
Network 		- - In specific scenarios involving HTTP redirects from a secure to an insecure endpoint, the Reactor Netty HTTP client may leak credentials. In order for this to happen, the HTTP client must have been e… CWE-522
 Insufficiently Protected Credentials 		CVE-2026-41715 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2218 7.4 HIGH
Network 		- - Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a bind request where a non-empty username is paired with an empty or null password. Affected versions: Spring LDAP 2.4.0 … CWE-287
Improper Authentication 		CVE-2026-41720 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2219 4.2 MEDIUM
Network 		- - A WebFlux application with a compromised subdomain (for example, compromised via cross-site scripting (XSS)) is vulnerable to an escalation attack exchanging a known session ID for that of an authent… CWE-384
 Session Fixation 		CVE-2026-41839 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm
2220 5.9 MEDIUM
Network 		- - Spring WebFlux applications are vulnerable to Denial of Service (DoS) attacks when processing multipart requests. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0… CWE-400
 Uncontrolled Resource Consumption 		CVE-2026-41840 2026-06-9 22:49 2026-06-9 Show GitHub Exploit DB Packet Storm