Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":May 31, 2026, noon

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
232681	5.8	警告	Xerox	-	Xerox WorkCentre および WorkCentre Pro におけるディレクトリのアクセス権を取得される脆弱性	-	CVE-2006-6467	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

232682	6.8	警告	wikyblog	-	WikyBlog の WBmap.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6466	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

232683	7.8	危険	YourFreeWorld.com	-	Yourfreeworld Stylish Text Ads Script の tr1.php におけるインストールパスを取得される脆弱性	-	CVE-2006-6461	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

232684	10	危険	short url url tracker script	-	Yourfreeworld.com Short Url & Url Tracker Script における重要な情報を取得される脆弱性	-	CVE-2006-6460	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

232685	6.8	警告	phpBB	-	PhpBB Toplist の toplist.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6459	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

232686	5	警告	Tiki Software Community Association	-	Tikiwiki の tiki-wiki_rss.php における重要な情報 (MySQL ユーザ名およびパスワード) を取得される脆弱性	CWE-200 情報漏えい	CVE-2006-6457	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

232687	6.8	警告	swsoft	-	SWsoft Plesk におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6451	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

232688	6.4	警告	vt-forum	-	Vt-Forum Lite におけるデータベースをダウンロードされる脆弱性	-	CVE-2006-6449	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

232689	7.5	危険	vt-forum	-	Vt-Forum Lite における SQL インジェクションの脆弱性	-	CVE-2006-6448	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

232690	6.8	警告	vt-forum	-	Vt-Forum Lite におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6447	2012-12-20 18:02	2006-12-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:May 31, 2026, 4:16 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
1211	4.3	MEDIUM Network	-	-	Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2.	CWE-862 Missing Authorization	CVE-2026-49054	2026-05-28 02:44	2026-05-28	Show	GitHub Exploit DB Packet Storm

1212	9.1	CRITICAL Network	-	-	HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '\| cm…	CWE-73 CWE-78 External Control of File Name or Path OS Command	CVE-2026-8450	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1213	4.8	MEDIUM Adjacent	-	-	IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, …	CWE-400 Uncontrolled Resource Consumption	CVE-2026-4410	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1214	7.3	HIGH Network	-	-	IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in …	CWE-95 Eval Injection	CVE-2026-48962	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1215	4.3	MEDIUM Network	-	-	Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of cred…	CWE-269 Improper Privilege Management	CVE-2026-48926	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1216	6.6	MEDIUM Network	-	-	Jenkins LDAP Plugin 807.v7d7de30930cf and earlier follows LDAP referrals.	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-48916	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1217	-		-	-	Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available…	CWE-506 Embedded Malicious Code	CVE-2026-48027	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1218	6.5	MEDIUM Network	-	-	e107 is a content management system (CMS). Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how session_handler::check…	CWE-285 CWE-352 Improper Authorization Origin Validation Error	CVE-2026-46620	2026-05-28 02:16	2026-05-27	Show	GitHub Exploit DB Packet Storm

1219	5.9	MEDIUM Network	-	-	WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, when a user logs in, html/login.php hashes the submitted password using PHP's hash() function with the SHA-256 algorith…	CWE-759 CWE-916 Use of a One-Way Hash without a Salt Use of Password Hash With Insufficient Computational Effort	CVE-2026-45027	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm

1220	8.2	HIGH Network	-	-	GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replac…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2026-44971	2026-05-28 02:16	2026-05-28	Show	GitHub Exploit DB Packet Storm