Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 12, 2026, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
234491	4.1	警告	sitekiosk	-	SiteKiosk のスキニング機能におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6509	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

234492	6	警告	phpBB	-	phpBB におけるクロスサイトリクエストフォージェリの脆弱性	-	CVE-2006-6508	2012-12-20 18:02	2006-12-13	Show	GitHub Exploit DB Packet Storm

234493	6.8	警告	shopsite	-	ShopSite におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6485	2012-12-20 18:02	2006-12-12	Show	GitHub Exploit DB Packet Storm

234494	5	警告	scriptphp	-	AnnonceScriptHP の admin/admin_membre/fiche_membre.php における重要な情報を取得される脆弱性	-	CVE-2006-6480	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

234495	6.8	警告	scriptphp	-	AnnonceScriptHP におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6479	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

234496	7.5	危険	scriptphp	-	AnnonceScriptHP における SQL インジェクションの脆弱性	-	CVE-2006-6478	2012-12-20 18:02	2006-12-11	Show	GitHub Exploit DB Packet Storm

234497	10	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro における脆弱性	-	CVE-2006-6473	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

234498	10	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro の httpd.conf ファイルにおける脆弱性	-	CVE-2006-6472	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

234499	10	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro における不特定のファイルアクセス権を許可される脆弱性	-	CVE-2006-6471	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

234500	10	危険	Xerox	-	Xerox WorkCentre および WorkCentre Pro の SNMP Agent における脆弱性	-	CVE-2006-6470	2012-12-20 18:02	2006-11-30	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 12, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
3261	7.4	HIGH Network	pyjwt_project	pyjwt	PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, when the verifier is decoding JSON Web Tokens, while supporting both asymmetric and HMAC algorithms, the library does not validate…	CWE-287 CWE-347 Improper Authentication Improper Verification of Cryptographic Signature	CVE-2026-48526	2026-06-2 02:45	2026-05-29	Show	GitHub Exploit DB Packet Storm

3262	5.3	MEDIUM Network	pyjwt_project	pyjwt	PyJWT is a JSON Web Token implementation in Python. From 2.8.0 to 2.12.1, when verifying detached JWS tokens using the unencoded-payload option ("b64": false, RFC 7797), PyJWT performs Base64URL deco…	CWE-400 Uncontrolled Resource Consumption	CVE-2026-48525	2026-06-2 02:45	2026-05-29	Show	GitHub Exploit DB Packet Storm

3263	3.7	LOW Network	pyjwt_project	pyjwt	PyJWT is a JSON Web Token implementation in Python. Prior to 2.13.0, PyJWKClient.get_signing_key() forces a fresh HTTP request to the JWKS endpoint for every JWT with an unknown kid value, with no ra…	CWE-460 CWE-755 Improper Cleanup on Thrown Exception Improper Handling of Exceptional Conditions	CVE-2026-48524	2026-06-2 02:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

3264	5.4	MEDIUM Network	pyjwt_project	pyjwt	PyJWT is a JSON Web Token implementation in Python. From 2.9.0 to 2.12.1, there is a verifier-side algorithm allow-list bypass when jwt.decode() or jwt.decode_complete() are called with a PyJWK key. …	CWE-347 Improper Verification of Cryptographic Signature	CVE-2026-48523	2026-06-2 02:44	2026-05-29	Show	GitHub Exploit DB Packet Storm

3265	8.8	HIGH Network	freerdp	freerdp	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.…	CWE-122 Heap-based Buffer Overflow	CVE-2026-44421	2026-06-2 02:35	2026-05-30	Show	GitHub Exploit DB Packet Storm

3266	5.4	MEDIUM Network	ibm	webmethods_integration_server	IBM webMethods Integration (on prem) -Integration Server 10.15 through IS_10.15_Core_Fix2611.1 to IS_11.1_Core_Fix10 IBM webMethods Integration is vulnerable to server-side request forgery (SSRF). Th…	CWE-918 Server-Side Request Forgery (SSRF)	CVE-2025-14290	2026-06-2 02:33	2026-05-27	Show	GitHub Exploit DB Packet Storm

3267	7.6	HIGH Network	ibm	cognos_analytics cognos_transformer	IBM Cognos Analytics 11.2.0, 12.0, and 12.1.0 and IBM Cognos Transformer 12.0, 11.2.4, and 12.1.0 is vulnerable to stored cross-site scripting (XSS) in Cognos Adminstration. This vulnerability allows…	CWE-79 Cross-site Scripting	CVE-2025-36126	2026-06-2 02:30	2026-05-27	Show	GitHub Exploit DB Packet Storm

3268	7.4	HIGH Network	miniorange	saml_sso_-_service_provider	Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal SAML SSO - Service Provider allows Privilege Escalation. This issue affects SAML SSO - Service Provider: from 0.0.0 befor…	CWE-754 Improper Check for Unusual or Exceptional Conditions	CVE-2026-5343	2026-06-2 02:29	2026-05-29	Show	GitHub Exploit DB Packet Storm

3269	8.8	HIGH Network	freerdp	freerdp	FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…	CWE-415 CWE-416 Double Free Use After Free	CVE-2026-44422	2026-06-2 02:26	2026-05-30	Show	GitHub Exploit DB Packet Storm

3270	5.3	MEDIUM Network	ibm	watsonx.data	IBM watsonx.data 2.2 through 2.3.1 IBM Lakehouse does not properly restrict inbound and outbound connections which could allow an attacker to transfer or modify files without restrictions.	CWE-923 NVD-CWE-noinfo Improper Restriction of Communication Channel to Intended Endpoints	CVE-2025-36145	2026-06-2 02:24	2026-05-27	Show	GitHub Exploit DB Packet Storm