Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":June 30, 2026, 6 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
232811 1.9 注意 サン・マイクロシステムズ - Sun OpenSolaris の idmap におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足
CVE-2009-2012 2012-12-20 19:10 2009-06-4 Show GitHub Exploit DB Packet Storm
232812 4.4 警告 Debian
Xfig project
- Xfig における任意のファイルを読み取られる脆弱性 CWE-59
リンク解釈の問題
CVE-2009-1962 2012-12-20 19:10 2009-06-7 Show GitHub Exploit DB Packet Storm
232813 5 警告 strongSwan - strongSWAN の charon デーモンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2009-1958 2012-12-20 19:10 2009-06-7 Show GitHub Exploit DB Packet Storm
232814 5 警告 strongSwan - strongSWAN の charon デーモンにおけるサービス運用妨害 (DoS) の脆弱性 CWE-399
リソース管理の問題
CVE-2009-1957 2012-12-20 19:10 2009-06-7 Show GitHub Exploit DB Packet Storm
232815 6.8 警告 propertymaxpro - PropertyMax Pro FREE の管理ログイン機能における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-1952 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
232816 4.3 警告 propertymaxpro - PropertyMax Pro FREE の index.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS)
CVE-2009-1951 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
232817 7.8 危険 unclassified - UNB の import_wbb1.php における重要な情報を取得される脆弱性 CWE-200
情報漏えい
CVE-2009-1949 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
232818 5.1 警告 unclassified - UNB の forum.php におけるディレクトリトラバーサルの脆弱性 CWE-22
パス・トラバーサル
CVE-2009-1948 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
232819 7.5 危険 tzo - WebCal の webCal3_detail.asp における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション
CVE-2009-1945 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
232820 10 危険 SafeNet, Inc - SafeNet SoftRemote の IKE サービスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー
CVE-2009-1943 2012-12-20 19:10 2009-06-5 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1621 - - - Permissions where checked incorrectly during room creation, allowing attackers to create rooms of types they shouldn't be allowed to create. CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2026-13350 2026-06-26 05:11 2026-06-26 Show GitHub Exploit DB Packet Storm
1622 8.1 HIGH
Network
- - An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components. CWE-502
 Deserialization of Untrusted Data
CVE-2026-39253 2026-06-26 04:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1623 - - - FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions 0.6.21 through 0.7.2 are vulnerable to IDOR through… CWE-639
 Authorization Bypass Through User-Controlled Key
CVE-2025-64105 2026-06-26 04:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1624 - - - Server-Side Request Forgery (SSRF) (CWE-918) in the PDF generation endpoint GET /api/reports/{id}/pdf (backend/main.py) in ccyl13 Pentestify 1.0.0 and lower allows remote attackers to make the server… CWE-918
Server-Side Request Forgery (SSRF) 
CVE-2026-13150 2026-06-26 04:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1625 - - - Open redirect vulnerability (CWE-601) in the _safe_redirect function of the click-tracking endpoint (/c/<token>/) in Mailerup <1.0.0 on all platforms allows remote unauthenticated attackers to redire… CWE-601
Open Redirect
CVE-2026-13163 2026-06-26 04:58 2026-06-24 Show GitHub Exploit DB Packet Storm
1626 - - - Missing Authentication for Critical Function (CWE-306) in the RegisterView (apps/accounts/views.py), exposed at POST /api/auth/register/, in MailerUp <1.0.1 allows a remote, unauthenticated attacker … CWE-306
Missing Authentication for Critical Function
CVE-2026-13164 2026-06-26 04:58 2026-06-25 Show GitHub Exploit DB Packet Storm
1627 7.7 HIGH
Network
- - AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a… CWE-400
 Uncontrolled Resource Consumption
CVE-2026-33235 2026-06-26 04:58 2026-06-25 Show GitHub Exploit DB Packet Storm
1628 - - - FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. D… CWE-288
CWE-306
Authentication Bypass Using an Alternate Path or Channel
Missing Authentication for Critical Function
CVE-2026-33543 2026-06-26 04:58 2026-06-25 Show GitHub Exploit DB Packet Storm
1629 5.5 MEDIUM
Network
- - Halo is an open source website building tool. Prior to 2.24.3, a path traversal vulnerability in the backup download endpoint allows authenticated administrators to read arbitrary files from the serv… CWE-22
Path Traversal
CVE-2026-55439 2026-06-26 04:58 2026-06-26 Show GitHub Exploit DB Packet Storm
1630 7.8 HIGH
Local
- - Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.5, the Glances KVM/QEMU monitoring engine (glances/plugins/vms/engines/virsh.py) passes VM domain names, read directly fr… CWE-78
OS Command 
CVE-2026-46606 2026-06-26 04:58 2026-06-26 Show GitHub Exploit DB Packet Storm